| BadHexadecimalConversionDetector |
|
| CipherWithNoIntegrityDetector |
This detector mark cipher usage that doesn't provide integrity.
|
| CustomMessageDigestDetector |
Implementing a custom solution for message digest should not promote.
|
| ErrorMessageExposureDetector |
Printing error messages to standard output may expose security-sensitive information,
and such an exposure of unencrypted information would be vulnerable as reported
by CWE-209 (https://cwe.mitre.org/data/deffinitions/209.html).
|
| EsapiEncryptorDetector |
This detector identify the usage of ESAPI cryptography components.
|
| HazelcastSymmetricEncryptionDetector |
http://code.google.com/p/hazelcast/wiki/Encryption
|
| InsecureSmtpSslDetector |
|
| InsufficientKeySizeBlowfishDetector |
|
| InsufficientKeySizeRsaDetector |
Similar to the blowfish key size detector
|
| NullCipherDetector |
|
| StaticIvDetector |
The main goal of the this detector is to find encryption being done with static initialization vector (IV).
|
| UnencryptedServerSocketDetector |
|
| UnencryptedSocketDetector |
|
| WeakMessageDigestDetector |
Identifies the use of MD2, MD5 and SHA1 hash function and recommends the
use of modern functions.
|
| WeakTLSDetector |
|
| WeakTrustManagerDetector |
The first reflex for developer that encounter web services that have unsigned certificate
is often to trust all certificates.
|