Uses of Class
com.h3xstream.findsecbugs.injection.AbstractInjectionDetector

Packages that use AbstractInjectionDetector

Package	Description
com.h3xstream.findsecbugs
com.h3xstream.findsecbugs.crypto.cipher
com.h3xstream.findsecbugs.file
com.h3xstream.findsecbugs.injection
com.h3xstream.findsecbugs.injection.aws
com.h3xstream.findsecbugs.injection.beans
com.h3xstream.findsecbugs.injection.command
com.h3xstream.findsecbugs.injection.crlf
com.h3xstream.findsecbugs.injection.custom
com.h3xstream.findsecbugs.injection.fileDisclosure
com.h3xstream.findsecbugs.injection.formatter
com.h3xstream.findsecbugs.injection.http
com.h3xstream.findsecbugs.injection.ldap
com.h3xstream.findsecbugs.injection.redirect
com.h3xstream.findsecbugs.injection.script
com.h3xstream.findsecbugs.injection.smtp
com.h3xstream.findsecbugs.injection.sql
com.h3xstream.findsecbugs.injection.ssrf
com.h3xstream.findsecbugs.injection.trust	Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute.
com.h3xstream.findsecbugs.injection.xml
com.h3xstream.findsecbugs.kotlin
com.h3xstream.findsecbugs.password
com.h3xstream.findsecbugs.scala
com.h3xstream.findsecbugs.taintanalysis.extra
com.h3xstream.findsecbugs.xml
com.h3xstream.findsecbugs.xpath	This package focus on the identification of XPath injection vulnerability from various APIs: javax.xml (JDK API) org.apache.xpath org.apache.commons.jxpath (Apache Commons) TODO org.xmldb.api.modules (Apache Xindice) TODO
com.h3xstream.findsecbugs.xss

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs

Modifier and Type	Class	Description
class	ExternalConfigurationControlDetector	Detects External Control of System or Configuration Setting weakness using setCatalog method of java.sql.Connection
class	HttpResponseSplittingDetector	Detects HTTP Response splitting weakness
class	PermissiveCORSDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.crypto.cipher

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.crypto.cipher

Modifier and Type	Class	Description
class	CipherDetector
class	DesUsageDetector	Cipher identify DES/CBC/NoPadding (56 bit) DES/CBC/PKCS5Padding (56 bit) DES/ECB/NoPadding (56 bit) DES/ECB/PKCS5Padding (56 bit) Ref: Partial list of ciphers
class	RsaNoPaddingDetector
class	TDesUsageDetector	Cipher identify DESede/CBC/NoPadding (168 bit) DESede/CBC/PKCS5Padding (168 bit) DESede/ECB/NoPadding (168 bit) DESede/ECB/PKCS5Padding (168 bit) Ref: Partial list of ciphers

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.file

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.file

Modifier and Type	Class	Description
class	PathTraversalDetector
class	SuspiciousCommandDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection

Modifier and Type	Class	Description
class	BasicInjectionDetector	Detector designed for extension to detect basic injections with a list of full method names with specified injectable arguments as taint sinks
class	LegacyInjectionDetector	Detector designed for extension to detect injection vulnerabilities using the original mechanism with InjectionSource class

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.aws

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.aws

Modifier and Type	Class	Description
class	AwsQueryInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.beans

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.beans

Modifier and Type	Class	Description
class	BeanInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.command

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.command

Modifier and Type	Class	Description
class	CommandInjectionDetector	Detect the usage of Runtime and ProcessBuilder to execute system command.

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.crlf

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.crlf

Modifier and Type	Class	Description
class	CrlfLogInjectionDetector	Detects logging of tainted values - CRLF injection (or Improper Output Neutralization for Logs)

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.custom

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.custom

Modifier and Type	Class	Description
class	CustomInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.fileDisclosure

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.fileDisclosure

Modifier and Type	Class	Description
class	FileDisclosureDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.formatter

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.formatter

Modifier and Type	Class	Description
class	FormatStringManipulationDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.http

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.http

Modifier and Type	Class	Description
class	HttpParameterPollutionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.ldap

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.ldap

Modifier and Type	Class	Description
class	LdapInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.redirect

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.redirect

Modifier and Type	Class	Description
class	UnvalidatedRedirectDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.script

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.script

Modifier and Type	Class	Description
class	OgnlInjectionDetector
class	ScriptInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.smtp

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.smtp

Modifier and Type	Class	Description
class	SmtpHeaderInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.sql

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.sql

Modifier and Type	Class	Description
class	AndroidSqlInjectionDetector
class	SqlInjectionDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.ssrf

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.ssrf

Modifier and Type	Class	Description
class	SSRFDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.trust

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.trust

Modifier and Type	Class	Description
class	TrustBoundaryViolationAttributeDetector	Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute.
class	TrustBoundaryViolationValueDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.xml

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.injection.xml

Modifier and Type	Class	Description
class	XmlInjectionDetector	Detect string concatenation that appears to be constructing XML or HTML documents.

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.kotlin

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.kotlin

Modifier and Type	Class	Description
class	KotlinHardcodedPasswordEqualsDetector	Detect:
class	KotlinHardcodePasswordInMapDetector	Detect hard-code password in settings map (key value configurations constructed at runtime)

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.password

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.password

Modifier and Type	Class	Description
class	AbstractHardcodedPasswordEqualsDetector
class	AbstractHardcodePasswordInMapDetector	Detect hard-code password in settings map (key value configurations constructed at runtime)
class	HardcodedPasswordEqualsDetector	Detect:
class	HardcodePasswordInMapDetector	Detect hard-code password in settings map (key value configurations constructed at runtime)
class	HashUnsafeEqualsDetector	Detect hash value that are compare with the equals method.
class	IntuitiveHardcodePasswordDetector	This detector will find what look like password hardcode on unknown API.
class	JschPasswordDetector	Finds hardcoded passwords with the Jsch library (SSH client)

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.scala

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.scala

Modifier and Type	Class	Description
class	ScalaSensitiveDataExposureDetector
class	XssMvcApiDetector
class	XssTwirlDetector

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.taintanalysis.extra

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.taintanalysis.extra

Modifier and Type	Class	Description
class	JstlExpressionWhiteLister	This detector will set the return value of PageContextImpl.proprietaryEvaluate as safe for XSS is some very specific case.
class	PotentialValueTracker	This class detect potential default value and set it to the Taint instance.

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.xml

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.xml

Modifier and Type	Class	Description
class	StdXmlTransformDetector	Detect XSLT transformation.

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.xpath

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.xpath

Modifier and Type	Class	Description
class	XPathInjectionDetector	Detector for XPath injection

Uses of AbstractInjectionDetector in com.h3xstream.findsecbugs.xss

Subclasses of AbstractInjectionDetector in com.h3xstream.findsecbugs.xss

Modifier and Type	Class	Description
class	XssJspDetector
class	XssServletDetector