| com.h3xstream.findsecbugs |
|
| com.h3xstream.findsecbugs.android |
|
| com.h3xstream.findsecbugs.common |
|
| com.h3xstream.findsecbugs.common.matcher |
|
| com.h3xstream.findsecbugs.cookie |
|
| com.h3xstream.findsecbugs.crypto |
|
| com.h3xstream.findsecbugs.csrf |
|
| com.h3xstream.findsecbugs.endpoint |
|
| com.h3xstream.findsecbugs.file |
|
| com.h3xstream.findsecbugs.injection |
|
| com.h3xstream.findsecbugs.injection.aws |
|
| com.h3xstream.findsecbugs.injection.beans |
|
| com.h3xstream.findsecbugs.injection.command |
|
| com.h3xstream.findsecbugs.injection.crlf |
|
| com.h3xstream.findsecbugs.injection.custom |
|
| com.h3xstream.findsecbugs.injection.fileDisclosure |
|
| com.h3xstream.findsecbugs.injection.formatter |
|
| com.h3xstream.findsecbugs.injection.http |
|
| com.h3xstream.findsecbugs.injection.ldap |
|
| com.h3xstream.findsecbugs.injection.redirect |
|
| com.h3xstream.findsecbugs.injection.script |
|
| com.h3xstream.findsecbugs.injection.sql |
|
| com.h3xstream.findsecbugs.injection.trust |
Trust Boundary Violation is fancy name to describe tainted value passed directly to session attribute.
|
| com.h3xstream.findsecbugs.jsp |
|
| com.h3xstream.findsecbugs.ldap |
|
| com.h3xstream.findsecbugs.password |
|
| com.h3xstream.findsecbugs.scala |
|
| com.h3xstream.findsecbugs.serial |
|
| com.h3xstream.findsecbugs.spring |
|
| com.h3xstream.findsecbugs.taintanalysis |
|
| com.h3xstream.findsecbugs.template |
|
| com.h3xstream.findsecbugs.xml |
|
| com.h3xstream.findsecbugs.xpath |
This package focus on the identification of XPath injection
vulnerability from various APIs:
javax.xml (JDK API)
org.apache.xpath
org.apache.commons.jxpath (Apache Commons) TODO
org.xmldb.api.modules (Apache Xindice) TODO
|
| com.h3xstream.findsecbugs.xss |
|