| Modifier and Type | Class and Description |
|---|---|
class |
ExternalConfigurationControlDetector
Detects External Control of System or Configuration Setting weakness
using setCatalog method of java.sql.Connection
|
class |
HttpResponseSplittingDetector
Detects HTTP Response splitting weakness
|
| Modifier and Type | Class and Description |
|---|---|
class |
PathTraversalDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
BasicInjectionDetector
Detector designed for extension to detect basic injections with a list of
full method names with specified injectable arguments as taint sinks
|
class |
LegacyInjectionDetector
Detector designed for extension to detect injection vulnerabilities using
the original mechanism with
InjectionSource class |
| Modifier and Type | Class and Description |
|---|---|
class |
AwsQueryInjectionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
BeanInjectionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
CommandInjectionDetector
Detect the usage of Runtime and ProcessBuilder to execute system command.
|
| Modifier and Type | Class and Description |
|---|---|
class |
CrlfLogInjectionDetector
Detects logging of tainted values - CRLF injection (or Improper Output Neutralization for Logs)
|
| Modifier and Type | Class and Description |
|---|---|
class |
CustomInjectionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
FileDisclosureDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
FormatStringManipulationDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
HttpParameterPollutionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
LdapInjectionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
UnvalidatedRedirectDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
OgnlInjectionDetector |
class |
ScriptInjectionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
AndroidSqlInjectionDetector |
class |
SqlInjectionDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
TrustBoundaryViolationAttributeDetector
Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute.
|
class |
TrustBoundaryViolationValueDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
HardcodePasswordInMapDetector
Detect hard-code password in settings map (key value configurations constructed at runtime)
|
class |
IntuitiveHardcodePasswordDetector
This detector will find what look like password hardcode on unknown API.
|
| Modifier and Type | Class and Description |
|---|---|
class |
ScalaSensitiveDataExposureDetector |
class |
SSRFDetector |
class |
XssMvcApiDetector |
class |
XssTwirlDetector |
| Modifier and Type | Class and Description |
|---|---|
class |
StdXmlTransformDetector
Detect XSLT transformation.
|
| Modifier and Type | Class and Description |
|---|---|
class |
XPathInjectionDetector
Detector for XPath injection
|
| Modifier and Type | Class and Description |
|---|---|
class |
XssJspDetector |
class |
XssServletDetector |
Copyright © 2017. All rights reserved.