DATA SHEET

Attack Types in InsightAppSec

Rapid7’s research and product teams keep up with the latest application security attacks and best practices so you don’t have to. With InsightAppSec, you can go way beyond the OWASP Top Ten to test for over 95 attack types and best practices; you can also create custom checks to address issues and risks that are unique to your environment.

• Anonymous Access • Cross-Site Scripting • Information Disclosure in • Reverse Proxy (XSS, DOM-Based Response Apache Struts 2 Secure and Non-Secure • Reflected via • Framework Checks Information Disclosure in Content Mix Request) • Scripts (Script Check) Apache Struts Detection Sensitive Data Exposure • Cross-Site Scripting • • Information Leakage In Arbitrary File Upload (XSS, DOM-Based) • Sensitive Data Over an • Response • Insecure Channel ASP.Net Cross-Site Tracing (XST— • • Grinder Misconfiguration Web Method) • • Server Configuration JavaScript Memory ASP.NET Serialization CSP Headers • Server Side Include (SSI) • Leaks • • Injection ASP.NET ViewState Custom Directory • • LDAP Injection Security (ViewState Module • • Server Side Template Check) Local Storage Usage Injection • Custom Parameter • • Autocomplete Attribute/ Module • Nginx NULL Code • Session Fixation Check Custom Passive Module • OS Commanding • Session Strength Blind SQL Injection • • Directory Indexing • Out of Band Cross-Site • Session Upgrade Browser Cache Directive • Scripting (XSS) • Email Disclosure Source Code Disclosure (Leaking sensitive • • Out of Band Stored information) Expression Language • SQL Information Leakage • Cross-Site Scripting • Injection (SQL Errors) • Browser Cache Directive (XSS) ( File Inclusion SQL Injection • Parameter Fuzzing • performance) • Forced Browsing SQL injection Auth • Persistent Cross-Site • Brute Force (HTTP Auth) • Bypass • • Form Session Strength Scripting (XSS, Passive– Brute Force Form-Based XSS Persistent) SQL Parameter Check • FrontPage Checks • Authentication • Persistent Cross-Site SSL Strength • Heartbleed Check • • • Business Logic Abuse Scripting (XSS, Active— Subresource Integrity HTTP Authentication XSS Persistent Active) • Clients Cross-Domain • Flaws • Over Insecure Channel Policy Files • PHP Code Execution Subdomain Discovery • HTTP Headers • • Collecting Sensitive • Predictable Resource Unvalidated Redirect Personal Information • HTTP Query Session Location (Resource • (Personal sensitive Check Finder) • URL Rewriting information) • HTTP Response Splitting • Privacy Disclosure • Web Beacon Command Injection • • HTTP Strict Transport • Privilege Escalation • Web Service Parameter Cookie Attributes Security (HSTS) Fuzzing • • Profanity Credentials Over HTTP User-Agent Check X-Content-Type-Options • • Reflected Cross- • Insecure Channel • • HTTP Verb Tampering Site Scripting (XSS, • X-Frame-Options • Credentials Stored in (Request Method Reflected) XML External Entity Clear Text in a Cookie Tampering) • Reflected Cross-Site Attack (Password exposure). • • HTTPS Downgrade Scripting Simple (XSS, XPath Injection Cross Origin Resources Simple) • • HTTPS Everywhere X-Powered-By Sharing (CORS) • Reflection • Information Disclosure in • X-XSS-Protection Cross-Site Request • • Comments Reverse Clickjacking • Forgery (CSRF) •

Learn more at www.rapid7.com/insightappsec. 071919