RubyGems - vrt - Versions diffs - 0.11.0 → 0.12.2 - Mend

vrt 0.11.0 → 0.12.2

Files changed (17) hide show

checksums.yaml +4 -4
data/lib/data/1.11/deprecated-node-mapping.json +236 -0
data/lib/data/1.11/mappings/cvss_v3/cvss_v3.json +1250 -0
data/lib/data/1.11/mappings/cvss_v3/cvss_v3.schema.json +59 -0
data/lib/data/1.11/mappings/cwe/cwe.json +664 -0
data/lib/data/1.11/mappings/cwe/cwe.schema.json +63 -0
data/lib/data/1.11/mappings/remediation_advice/remediation_advice.json +1811 -0
data/lib/data/1.11/mappings/remediation_advice/remediation_advice.schema.json +75 -0
data/lib/data/1.11/third-party-mappings/remediation_training/secure-code-warrior-links.json +392 -0
data/lib/data/1.11/vrt.schema.json +63 -0
data/lib/data/1.11/vulnerability-rating-taxonomy.json +2442 -0
data/lib/vrt/mapping.rb +12 -6
data/lib/vrt/node.rb +4 -0
data/lib/vrt/third_party_links.rb +33 -0
data/lib/vrt/version.rb +1 -1
data/lib/vrt.rb +8 -0
metadata +18 -7

data/lib/data/1.11/mappings/remediation_advice/remediation_advice.schema.json ADDED Viewed

@@ -0,0 +1,75 @@
+{
+  "$schema": "http://json-schema.org/draft-04/schema#",
+  "title": "VRT to Remediation Advice",
+  "description": "Mapping from the Vulnerability Rating Taxonomy to Remediation Advice",
+  "definitions": {
+    "MappingMetadata": {
+      "type": "object",
+      "properties": {
+        "default": { "type": "null" },
+        "keys": { "type": "array",
+          "items": { "type": "string", "enum": ["remediation_advice", "references"] },
+          "minItems": 2,
+          "uniqueItems": true
+        }
+      },
+      "required": ["default", "keys"]
+    },
+    "VRTid": { "type": "string", "pattern": "^[a-z_]*$" },
+    "RemediationAdvice": { "type": "string" },
+    "References": { "type" : "array",
+      "items" : { "type": "string", "pattern": "^http[s]?:\/\/.*$" },
+      "minItems": 1,
+      "uniqueItems": true
+    },
+    "Mapping": {
+      "type": "object",
+      "properties": {
+        "id": { "$ref": "#/definitions/VRTid" },
+        "remediation_advice" : { "$ref": "#/definitions/RemediationAdvice" },
+        "references" : { "$ref": "#/definitions/References" }
+      },
+      "required": ["id"],
+      "anyOf": [
+        { "required": ["remediation_advice"] },
+        { "required": ["references"] }
+      ],
+      "additionalProperties": false
+    },
+    "MappingParent": {
+      "type": "object",
+      "properties": {
+        "id": { "$ref": "#/definitions/VRTid" },
+        "children": {
+          "type": "array",
+          "items" : {
+            "anyOf": [
+              { "$ref": "#/definitions/MappingParent" },
+              { "$ref": "#/definitions/Mapping" }
+            ]
+          }
+        },
+        "remediation_advice" : { "$ref": "#/definitions/RemediationAdvice" },
+        "references" : { "$ref": "#/definitions/References" }
+      },
+      "required": ["id", "children"],
+      "additionalProperties": false
+    }
+  },
+  "type": "object",
+  "required": ["metadata", "content"],
+  "properties": {
+    "metadata": {
+      "$ref": "#/definitions/MappingMetadata"
+    },
+    "content": {
+      "type": "array",
+      "items" : {
+        "anyOf": [
+          { "$ref": "#/definitions/MappingParent" },
+          { "$ref": "#/definitions/Mapping" }
+        ]
+      }
+    }
+  }
+}

data/lib/data/1.11/third-party-mappings/remediation_training/secure-code-warrior-links.json ADDED Viewed

@@ -0,0 +1,392 @@
+{
+  "server_security_misconfiguration": null,
+  "server_security_misconfiguration.server_side_request_forgery_ssrf": null,
+  "server_security_misconfiguration.server_side_request_forgery_ssrf.internal_high_impact": null,
+  "server_security_misconfiguration.server_side_request_forgery_ssrf.internal_scan_and_or_medium_impact": null,
+  "server_security_misconfiguration.server_side_request_forgery_ssrf.external_low_impact": null,
+  "server_security_misconfiguration.server_side_request_forgery_ssrf.external_dns_query_only": null,
+  "server_security_misconfiguration.unsafe_cross_origin_resource_sharing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_cross_origin_resource_sharing&redirect=true",
+  "server_security_misconfiguration.request_smuggling": null,
+  "server_security_misconfiguration.path_traversal": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:path_traversal&redirect=true",
+  "server_security_misconfiguration.directory_listing_enabled": null,
+  "server_security_misconfiguration.directory_listing_enabled.sensitive_data_exposure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:directory_listing_enabled:sensitive_data_exposure&redirect=true",
+  "server_security_misconfiguration.directory_listing_enabled.non_sensitive_data_exposure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:directory_listing_enabled:non_sensitive_data_exposure&redirect=true",
+  "server_security_misconfiguration.same_site_scripting": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:same_site_scripting&redirect=true",
+  "server_security_misconfiguration.ssl_attack_breach_poodle_etc": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:ssl_attack_breach_poodle_etc&redirect=true",
+  "server_security_misconfiguration.using_default_credentials": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:using_default_credentials&redirect=true",
+  "server_security_misconfiguration.misconfigured_dns": null,
+  "server_security_misconfiguration.misconfigured_dns.basic_subdomain_takeover": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:misconfigured_dns:basic_subdomain_takeover&redirect=true",
+  "server_security_misconfiguration.misconfigured_dns.high_impact_subdomain_takeover": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:misconfigured_dns:high_impact_subdomain_takeover&redirect=true",
+  "server_security_misconfiguration.misconfigured_dns.zone_transfer": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:misconfigured_dns:zone_transfer&redirect=true",
+  "server_security_misconfiguration.misconfigured_dns.missing_caa_record": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:misconfigured_dns:missing_caa_record&redirect=true",
+  "server_security_misconfiguration.mail_server_misconfiguration": null,
+  "server_security_misconfiguration.mail_server_misconfiguration.no_spoofing_protection_on_email_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:no_spoofing_protection_on_email_domain&redirect=true",
+  "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_to_inbox_due_to_missing_or_misconfigured_dmarc_on_email_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:email_spoofing_to_inbox_due_to_missing_or_misconfigured_dmarc_on_email_domain&redirect=true",
+  "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_to_spam_folder": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:email_spoofing_to_spam_folder&redirect=true",
+  "server_security_misconfiguration.mail_server_misconfiguration.missing_or_misconfigured_spf_and_or_dkim": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:missing_or_misconfigured_spf_and_or_dkim&redirect=true",
+  "server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_on_non_email_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:email_spoofing_on_non_email_domain&redirect=true",
+  "server_security_misconfiguration.dbms_misconfiguration": null,
+  "server_security_misconfiguration.dbms_misconfiguration.excessively_privileged_user_dba": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:dbms_misconfiguration:excessively_privileged_user_dba&redirect=true",
+  "server_security_misconfiguration.lack_of_password_confirmation": null,
+  "server_security_misconfiguration.lack_of_password_confirmation.change_email_address": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:change_email_address&redirect=true",
+  "server_security_misconfiguration.lack_of_password_confirmation.change_password": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:change_password&redirect=true",
+  "server_security_misconfiguration.lack_of_password_confirmation.delete_account": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:delete_account&redirect=true",
+  "server_security_misconfiguration.lack_of_password_confirmation.manage_two_fa": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:manage_two_fa&redirect=true",
+  "server_security_misconfiguration.no_rate_limiting_on_form": null,
+  "server_security_misconfiguration.no_rate_limiting_on_form.registration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:registration&redirect=true",
+  "server_security_misconfiguration.no_rate_limiting_on_form.login": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:login&redirect=true",
+  "server_security_misconfiguration.no_rate_limiting_on_form.email_triggering": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:email_triggering&redirect=true",
+  "server_security_misconfiguration.no_rate_limiting_on_form.sms_triggering": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:sms_triggering&redirect=true",
+  "server_security_misconfiguration.no_rate_limiting_on_form.change_password": null,
+  "server_security_misconfiguration.unsafe_file_upload": null,
+  "server_security_misconfiguration.unsafe_file_upload.no_antivirus": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_file_upload:no_antivirus&redirect=true",
+  "server_security_misconfiguration.unsafe_file_upload.no_size_limit": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_file_upload:no_size_limit&redirect=true",
+  "server_security_misconfiguration.unsafe_file_upload.file_extension_filter_bypass": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_file_upload:file_extension_filter_bypass&redirect=true",
+  "server_security_misconfiguration.cookie_scoped_to_parent_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:cookie_scoped_to_parent_domain&redirect=true",
+  "server_security_misconfiguration.missing_secure_or_httponly_cookie_flag": null,
+  "server_security_misconfiguration.missing_secure_or_httponly_cookie_flag.session_token": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:missing_secure_or_httponly_cookie_flag:session_token&redirect=true",
+  "server_security_misconfiguration.missing_secure_or_httponly_cookie_flag.non_session_cookie": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:missing_secure_or_httponly_cookie_flag:non_session_cookie&redirect=true",
+  "server_security_misconfiguration.clickjacking": null,
+  "server_security_misconfiguration.clickjacking.sensitive_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:clickjacking:sensitive_action&redirect=true",
+  "server_security_misconfiguration.clickjacking.form_input": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:clickjacking:form_input&redirect=true",
+  "server_security_misconfiguration.clickjacking.non_sensitive_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:clickjacking:non_sensitive_action&redirect=true",
+  "server_security_misconfiguration.oauth_misconfiguration": null,
+  "server_security_misconfiguration.oauth_misconfiguration.account_takeover": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:oauth_misconfiguration:account_takeover&redirect=true",
+  "server_security_misconfiguration.oauth_misconfiguration.account_squatting": null,
+  "server_security_misconfiguration.oauth_misconfiguration.missing_state_parameter": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:oauth_misconfiguration:missing_state_parameter&redirect=true",
+  "server_security_misconfiguration.oauth_misconfiguration.insecure_redirect_uri": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:oauth_misconfiguration:insecure_redirect_uri&redirect=true",
+  "server_security_misconfiguration.captcha": null,
+  "server_security_misconfiguration.captcha.implementation_vulnerability": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:captcha:implementation_vulnerability&redirect=true",
+  "server_security_misconfiguration.captcha.brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:captcha:brute_force&redirect=true",
+  "server_security_misconfiguration.captcha.missing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:captcha:missing&redirect=true",
+  "server_security_misconfiguration.exposed_admin_portal": null,
+  "server_security_misconfiguration.exposed_admin_portal.to_internet": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:exposed_admin_portal:to_internet&redirect=true",
+  "server_security_misconfiguration.missing_dnssec": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:missing_dnssec&redirect=true",
+  "server_security_misconfiguration.fingerprinting_banner_disclosure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:fingerprinting_banner_disclosure&redirect=true",
+  "server_security_misconfiguration.username_enumeration": null,
+  "server_security_misconfiguration.username_enumeration.brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:username_enumeration:brute_force&redirect=true",
+  "server_security_misconfiguration.potentially_unsafe_http_method_enabled": null,
+  "server_security_misconfiguration.potentially_unsafe_http_method_enabled.options": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:potentially_unsafe_http_method_enabled:options&redirect=true",
+  "server_security_misconfiguration.potentially_unsafe_http_method_enabled.trace": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:potentially_unsafe_http_method_enabled:trace&redirect=true",
+  "server_security_misconfiguration.insecure_ssl": null,
+  "server_security_misconfiguration.insecure_ssl.lack_of_forward_secrecy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:insecure_ssl:lack_of_forward_secrecy&redirect=true",
+  "server_security_misconfiguration.insecure_ssl.insecure_cipher_suite": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:insecure_ssl:insecure_cipher_suite&redirect=true",
+  "server_security_misconfiguration.insecure_ssl.certificate_error": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:insecure_ssl:certificate_error&redirect=true",
+  "server_security_misconfiguration.rfd": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:rfd&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers": null,
+  "server_security_misconfiguration.lack_of_security_headers.x_frame_options": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_frame_options&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_non_sensitive_page": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:cache_control_for_a_non_sensitive_page&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.x_xss_protection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_xss_protection&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.strict_transport_security": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:strict_transport_security&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.x_content_type_options": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_content_type_options&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.content_security_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:content_security_policy&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.public_key_pins": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:public_key_pins&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.x_content_security_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_content_security_policy&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.x_webkit_csp": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_webkit_csp&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.content_security_policy_report_only": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:content_security_policy_report_only&redirect=true",
+  "server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_sensitive_page": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:cache_control_for_a_sensitive_page&redirect=true",
+  "server_security_misconfiguration.waf_bypass": null,
+  "server_security_misconfiguration.waf_bypass.direct_server_access": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:waf_bypass:direct_server_access&redirect=true",
+  "server_security_misconfiguration.race_condition": null,
+  "server_security_misconfiguration.cache_poisoning": null,
+  "server_security_misconfiguration.bitsquatting": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:bitsquatting&redirect=true",
+  "server_side_injection": null,
+  "server_side_injection.file_inclusion": null,
+  "server_side_injection.file_inclusion.local": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:file_inclusion:local&redirect=true",
+  "server_side_injection.parameter_pollution": null,
+  "server_side_injection.parameter_pollution.social_media_sharing_buttons": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:parameter_pollution:social_media_sharing_buttons&redirect=true",
+  "server_side_injection.remote_code_execution_rce": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:remote_code_execution_rce&redirect=true",
+  "server_side_injection.ldap_injection": null,
+  "server_side_injection.sql_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:sql_injection&redirect=true",
+  "server_side_injection.xml_external_entity_injection_xxe": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:xml_external_entity_injection_xxe&redirect=true",
+  "server_side_injection.http_response_manipulation": null,
+  "server_side_injection.http_response_manipulation.response_splitting_crlf": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:http_response_manipulation:response_splitting_crlf&redirect=true",
+  "server_side_injection.content_spoofing": null,
+  "server_side_injection.content_spoofing.iframe_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:iframe_injection&redirect=true",
+  "server_side_injection.content_spoofing.impersonation_via_broken_link_hijacking": null,
+  "server_side_injection.content_spoofing.external_authentication_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:external_authentication_injection&redirect=true",
+  "server_side_injection.content_spoofing.flash_based_external_authentication_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:flash_based_external_authentication_injection&redirect=true",
+  "server_side_injection.content_spoofing.html_content_injection": null,
+  "server_side_injection.content_spoofing.email_html_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:email_html_injection&redirect=true",
+  "server_side_injection.content_spoofing.email_hyperlink_injection_based_on_email_provider": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:email_hyperlink_injection_based_on_email_provider&redirect=true",
+  "server_side_injection.content_spoofing.text_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:text_injection&redirect=true",
+  "server_side_injection.content_spoofing.homograph_idn_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:homograph_idn_based&redirect=true",
+  "server_side_injection.content_spoofing.rtlo": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:rtlo&redirect=true",
+  "server_side_injection.ssti": null,
+  "server_side_injection.ssti.basic": null,
+  "server_side_injection.ssti.custom": null,
+  "broken_authentication_and_session_management": null,
+  "broken_authentication_and_session_management.authentication_bypass": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:authentication_bypass&redirect=true",
+  "broken_authentication_and_session_management.two_fa_bypass": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:two_fa_bypass&redirect=true",
+  "broken_authentication_and_session_management.privilege_escalation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:privilege_escalation&redirect=true",
+  "broken_authentication_and_session_management.cleartext_transmission_of_session_token": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:cleartext_transmission_of_session_token&redirect=true",
+  "broken_authentication_and_session_management.weak_login_function": null,
+  "broken_authentication_and_session_management.weak_login_function.not_operational": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:weak_login_function:not_operational&redirect=true",
+  "broken_authentication_and_session_management.weak_login_function.other_plaintext_protocol_no_secure_alternative": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:weak_login_function:other_plaintext_protocol_no_secure_alternative&redirect=true",
+  "broken_authentication_and_session_management.weak_login_function.over_http": null,
+  "broken_authentication_and_session_management.session_fixation": null,
+  "broken_authentication_and_session_management.session_fixation.remote_attack_vector": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:session_fixation:remote_attack_vector&redirect=true",
+  "broken_authentication_and_session_management.session_fixation.local_attack_vector": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:session_fixation:local_attack_vector&redirect=true",
+  "broken_authentication_and_session_management.failure_to_invalidate_session": null,
+  "broken_authentication_and_session_management.failure_to_invalidate_session.on_logout": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_logout&redirect=true",
+  "broken_authentication_and_session_management.failure_to_invalidate_session.permission_change": null,
+  "broken_authentication_and_session_management.failure_to_invalidate_session.on_logout_server_side_only": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_logout_server_side_only&redirect=true",
+  "broken_authentication_and_session_management.failure_to_invalidate_session.on_password_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_password_change&redirect=true",
+  "broken_authentication_and_session_management.failure_to_invalidate_session.all_sessions": null,
+  "broken_authentication_and_session_management.failure_to_invalidate_session.on_email_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_email_change&redirect=true",
+  "broken_authentication_and_session_management.failure_to_invalidate_session.on_two_fa_activation_change": null,
+  "broken_authentication_and_session_management.failure_to_invalidate_session.long_timeout": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:long_timeout&redirect=true",
+  "broken_authentication_and_session_management.concurrent_logins": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:concurrent_logins&redirect=true",
+  "broken_authentication_and_session_management.weak_registration_implementation": null,
+  "broken_authentication_and_session_management.weak_registration_implementation.over_http": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:weak_registration_implementation:over_http&redirect=true",
+  "sensitive_data_exposure": null,
+  "sensitive_data_exposure.disclosure_of_secrets": null,
+  "sensitive_data_exposure.disclosure_of_secrets.for_publicly_accessible_asset": null,
+  "sensitive_data_exposure.disclosure_of_secrets.pii_leakage_exposure": null,
+  "sensitive_data_exposure.disclosure_of_secrets.for_internal_asset": null,
+  "sensitive_data_exposure.disclosure_of_secrets.pay_per_use_abuse": null,
+  "sensitive_data_exposure.disclosure_of_secrets.intentionally_public_sample_or_invalid": null,
+  "sensitive_data_exposure.disclosure_of_secrets.data_traffic_spam": null,
+  "sensitive_data_exposure.disclosure_of_secrets.non_corporate_user": null,
+  "sensitive_data_exposure.exif_geolocation_data_not_stripped_from_uploaded_images": null,
+  "sensitive_data_exposure.exif_geolocation_data_not_stripped_from_uploaded_images.automatic_user_enumeration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:exif_geolocation_data_not_stripped_from_uploaded_images:automatic_user_enumeration&redirect=true",
+  "sensitive_data_exposure.exif_geolocation_data_not_stripped_from_uploaded_images.manual_user_enumeration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:exif_geolocation_data_not_stripped_from_uploaded_images:manual_user_enumeration&redirect=true",
+  "sensitive_data_exposure.visible_detailed_error_page": null,
+  "sensitive_data_exposure.visible_detailed_error_page.detailed_server_configuration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:visible_detailed_error_page:detailed_server_configuration&redirect=true",
+  "sensitive_data_exposure.visible_detailed_error_page.full_path_disclosure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:visible_detailed_error_page:full_path_disclosure&redirect=true",
+  "sensitive_data_exposure.visible_detailed_error_page.descriptive_stack_trace": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:visible_detailed_error_page:descriptive_stack_trace&redirect=true",
+  "sensitive_data_exposure.disclosure_of_known_public_information": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:disclosure_of_known_public_information&redirect=true",
+  "sensitive_data_exposure.token_leakage_via_referer": null,
+  "sensitive_data_exposure.token_leakage_via_referer.trusted_third_party": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:token_leakage_via_referer:trusted_third_party&redirect=true",
+  "sensitive_data_exposure.token_leakage_via_referer.untrusted_third_party": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:token_leakage_via_referer:untrusted_third_party&redirect=true",
+  "sensitive_data_exposure.token_leakage_via_referer.over_http": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:token_leakage_via_referer:over_http&redirect=true",
+  "sensitive_data_exposure.sensitive_token_in_url": null,
+  "sensitive_data_exposure.sensitive_token_in_url.user_facing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_token_in_url:user_facing&redirect=true",
+  "sensitive_data_exposure.sensitive_token_in_url.in_the_background": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_token_in_url:in_the_background&redirect=true",
+  "sensitive_data_exposure.sensitive_token_in_url.on_password_reset": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_token_in_url:on_password_reset&redirect=true",
+  "sensitive_data_exposure.non_sensitive_token_in_url": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:non_sensitive_token_in_url&redirect=true",
+  "sensitive_data_exposure.weak_password_reset_implementation": null,
+  "sensitive_data_exposure.weak_password_reset_implementation.password_reset_token_sent_over_http": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:weak_password_reset_implementation:password_reset_token_sent_over_http&redirect=true",
+  "sensitive_data_exposure.weak_password_reset_implementation.token_leakage_via_host_header_poisoning": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:weak_password_reset_implementation:token_leakage_via_host_header_poisoning&redirect=true",
+  "sensitive_data_exposure.mixed_content": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:mixed_content&redirect=true",
+  "sensitive_data_exposure.sensitive_data_hardcoded": null,
+  "sensitive_data_exposure.sensitive_data_hardcoded.oauth_secret": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_data_hardcoded:oauth_secret&redirect=true",
+  "sensitive_data_exposure.sensitive_data_hardcoded.file_paths": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_data_hardcoded:file_paths&redirect=true",
+  "sensitive_data_exposure.internal_ip_disclosure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:internal_ip_disclosure&redirect=true",
+  "sensitive_data_exposure.xssi": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:xssi&redirect=true",
+  "sensitive_data_exposure.json_hijacking": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:json_hijacking&redirect=true",
+  "sensitive_data_exposure.via_localstorage_sessionstorage": null,
+  "sensitive_data_exposure.via_localstorage_sessionstorage.sensitive_token": null,
+  "sensitive_data_exposure.via_localstorage_sessionstorage.non_sensitive_token": null,
+  "cross_site_scripting_xss": null,
+  "cross_site_scripting_xss.stored": null,
+  "cross_site_scripting_xss.stored.non_admin_to_anyone": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:non_admin_to_anyone&redirect=true",
+  "cross_site_scripting_xss.stored.privileged_user_to_privilege_elevation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:privileged_user_to_privilege_elevation&redirect=true",
+  "cross_site_scripting_xss.stored.privileged_user_to_no_privilege_elevation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:privileged_user_to_no_privilege_elevation&redirect=true",
+  "cross_site_scripting_xss.stored.url_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:url_based&redirect=true",
+  "cross_site_scripting_xss.stored.self": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:self&redirect=true",
+  "cross_site_scripting_xss.reflected": null,
+  "cross_site_scripting_xss.reflected.non_self": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:reflected:non_self&redirect=true",
+  "cross_site_scripting_xss.reflected.self": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:reflected:self&redirect=true",
+  "cross_site_scripting_xss.flash_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:flash_based&redirect=true",
+  "cross_site_scripting_xss.cookie_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:cookie_based&redirect=true",
+  "cross_site_scripting_xss.ie_only": null,
+  "cross_site_scripting_xss.referer": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:referer&redirect=true",
+  "cross_site_scripting_xss.trace_method": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:trace_method&redirect=true",
+  "cross_site_scripting_xss.universal_uxss": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:universal_uxss&redirect=true",
+  "cross_site_scripting_xss.off_domain": null,
+  "cross_site_scripting_xss.off_domain.data_uri": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:off_domain:data_uri&redirect=true",
+  "broken_access_control": null,
+  "broken_access_control.idor": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:idor&redirect=true",
+  "broken_access_control.idor.read_edit_delete_non_sensitive_information": null,
+  "broken_access_control.idor.read_edit_delete_sensitive_information_guid": null,
+  "broken_access_control.idor.read_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.edit_delete_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.idor.read_edit_delete_sensitive_information_iterable_object_identifiers": null,
+  "broken_access_control.username_enumeration": null,
+  "broken_access_control.username_enumeration.non_brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:username_enumeration:non_brute_force&redirect=true",
+  "broken_access_control.exposed_sensitive_android_intent": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_android_intent&redirect=true",
+  "broken_access_control.exposed_sensitive_ios_url_scheme": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_ios_url_scheme&redirect=true",
+  "cross_site_request_forgery_csrf": null,
+  "cross_site_request_forgery_csrf.application_wide": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:application_wide&redirect=true",
+  "cross_site_request_forgery_csrf.action_specific": null,
+  "cross_site_request_forgery_csrf.action_specific.authenticated_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:action_specific:authenticated_action&redirect=true",
+  "cross_site_request_forgery_csrf.action_specific.unauthenticated_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:action_specific:unauthenticated_action&redirect=true",
+  "cross_site_request_forgery_csrf.action_specific.logout": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:action_specific:logout&redirect=true",
+  "cross_site_request_forgery_csrf.csrf_token_not_unique_per_request": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:csrf_token_not_unique_per_request&redirect=true",
+  "cross_site_request_forgery_csrf.flash_based": null,
+  "application_level_denial_of_service_dos": null,
+  "application_level_denial_of_service_dos.critical_impact_and_or_easy_difficulty": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:critical_impact_and_or_easy_difficulty&redirect=true",
+  "application_level_denial_of_service_dos.high_impact_and_or_medium_difficulty": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:high_impact_and_or_medium_difficulty&redirect=true",
+  "application_level_denial_of_service_dos.app_crash": null,
+  "application_level_denial_of_service_dos.app_crash.malformed_android_intents": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:app_crash:malformed_android_intents&redirect=true",
+  "application_level_denial_of_service_dos.app_crash.malformed_ios_url_schemes": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:app_crash:malformed_ios_url_schemes&redirect=true",
+  "unvalidated_redirects_and_forwards": null,
+  "unvalidated_redirects_and_forwards.open_redirect": null,
+  "unvalidated_redirects_and_forwards.open_redirect.get_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:get_based&redirect=true",
+  "unvalidated_redirects_and_forwards.open_redirect.post_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:post_based&redirect=true",
+  "unvalidated_redirects_and_forwards.open_redirect.header_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:header_based&redirect=true",
+  "unvalidated_redirects_and_forwards.open_redirect.flash_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:flash_based&redirect=true",
+  "unvalidated_redirects_and_forwards.tabnabbing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:tabnabbing&redirect=true",
+  "unvalidated_redirects_and_forwards.lack_of_security_speed_bump_page": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:lack_of_security_speed_bump_page&redirect=true",
+  "external_behavior": null,
+  "external_behavior.browser_feature": null,
+  "external_behavior.browser_feature.plaintext_password_field": null,
+  "external_behavior.browser_feature.save_password": null,
+  "external_behavior.browser_feature.autocomplete_enabled": null,
+  "external_behavior.browser_feature.autocorrect_enabled": null,
+  "external_behavior.browser_feature.aggressive_offline_caching": null,
+  "external_behavior.csv_injection": null,
+  "external_behavior.captcha_bypass": null,
+  "external_behavior.captcha_bypass.crowdsourcing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=external_behavior:captcha_bypass:crowdsourcing&redirect=true",
+  "external_behavior.system_clipboard_leak": null,
+  "external_behavior.system_clipboard_leak.shared_links": null,
+  "external_behavior.user_password_persisted_in_memory": null,
+  "insufficient_security_configurability": null,
+  "insufficient_security_configurability.weak_password_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_policy&redirect=true",
+  "insufficient_security_configurability.no_password_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:no_password_policy&redirect=true",
+  "insufficient_security_configurability.password_policy_bypass": null,
+  "insufficient_security_configurability.weak_password_reset_implementation": null,
+  "insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_use": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_use&redirect=true",
+  "insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_email_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_email_change&redirect=true",
+  "insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_password_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_password_change&redirect=true",
+  "insufficient_security_configurability.weak_password_reset_implementation.token_has_long_timed_expiry": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_has_long_timed_expiry&redirect=true",
+  "insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_new_token_is_requested": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_new_token_is_requested&redirect=true",
+  "insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_login": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_login&redirect=true",
+  "insufficient_security_configurability.verification_of_contact_method_not_required": null,
+  "insufficient_security_configurability.lack_of_notification_email": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:lack_of_notification_email&redirect=true",
+  "insufficient_security_configurability.weak_registration_implementation": null,
+  "insufficient_security_configurability.weak_registration_implementation.allows_disposable_email_addresses": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_registration_implementation:allows_disposable_email_addresses&redirect=true",
+  "insufficient_security_configurability.weak_two_fa_implementation": null,
+  "insufficient_security_configurability.weak_two_fa_implementation.two_fa_secret_cannot_be_rotated": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_two_fa_implementation:two_fa_secret_cannot_be_rotated&redirect=true",
+  "insufficient_security_configurability.weak_two_fa_implementation.two_fa_secret_remains_obtainable_after_two_fa_is_enabled": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_two_fa_implementation:two_fa_secret_remains_obtainable_after_two_fa_is_enabled&redirect=true",
+  "insufficient_security_configurability.weak_two_fa_implementation.missing_failsafe": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_two_fa_implementation:missing_failsafe&redirect=true",
+  "insufficient_security_configurability.weak_two_fa_implementation.two_fa_code_is_not_updated_after_new_code_is_requested": null,
+  "insufficient_security_configurability.weak_two_fa_implementation.old_two_fa_code_is_not_invalidated_after_new_code_is_generated": null,
+  "using_components_with_known_vulnerabilities": null,
+  "using_components_with_known_vulnerabilities.rosetta_flash": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=using_components_with_known_vulnerabilities:rosetta_flash&redirect=true",
+  "using_components_with_known_vulnerabilities.outdated_software_version": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=using_components_with_known_vulnerabilities:outdated_software_version&redirect=true",
+  "using_components_with_known_vulnerabilities.captcha_bypass": null,
+  "using_components_with_known_vulnerabilities.captcha_bypass.ocr_optical_character_recognition": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=using_components_with_known_vulnerabilities:captcha_bypass:ocr_optical_character_recognition&redirect=true",
+  "insecure_data_storage": null,
+  "insecure_data_storage.sensitive_application_data_stored_unencrypted": null,
+  "insecure_data_storage.sensitive_application_data_stored_unencrypted.on_external_storage": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:sensitive_application_data_stored_unencrypted:on_external_storage&redirect=true",
+  "insecure_data_storage.sensitive_application_data_stored_unencrypted.on_internal_storage": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:sensitive_application_data_stored_unencrypted:on_internal_storage&redirect=true",
+  "insecure_data_storage.server_side_credentials_storage": null,
+  "insecure_data_storage.server_side_credentials_storage.plaintext": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:server_side_credentials_storage:plaintext&redirect=true",
+  "insecure_data_storage.non_sensitive_application_data_stored_unencrypted": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:non_sensitive_application_data_stored_unencrypted&redirect=true",
+  "insecure_data_storage.screen_caching_enabled": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:screen_caching_enabled&redirect=true",
+  "lack_of_binary_hardening": null,
+  "lack_of_binary_hardening.lack_of_exploit_mitigations": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:lack_of_exploit_mitigations&redirect=true",
+  "lack_of_binary_hardening.lack_of_jailbreak_detection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:lack_of_jailbreak_detection&redirect=true",
+  "lack_of_binary_hardening.lack_of_obfuscation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:lack_of_obfuscation&redirect=true",
+  "lack_of_binary_hardening.runtime_instrumentation_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:runtime_instrumentation_based&redirect=true",
+  "insecure_data_transport": null,
+  "insecure_data_transport.cleartext_transmission_of_sensitive_data": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_transport:cleartext_transmission_of_sensitive_data&redirect=true",
+  "insecure_data_transport.executable_download": null,
+  "insecure_data_transport.executable_download.no_secure_integrity_check": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_transport:executable_download:no_secure_integrity_check&redirect=true",
+  "insecure_data_transport.executable_download.secure_integrity_check": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_transport:executable_download:secure_integrity_check&redirect=true",
+  "insecure_os_firmware": null,
+  "insecure_os_firmware.command_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_os_firmware:command_injection&redirect=true",
+  "insecure_os_firmware.hardcoded_password": null,
+  "insecure_os_firmware.hardcoded_password.privileged_user": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_os_firmware:hardcoded_password:privileged_user&redirect=true",
+  "insecure_os_firmware.hardcoded_password.non_privileged_user": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_os_firmware:hardcoded_password:non_privileged_user&redirect=true",
+  "cryptographic_weakness": null,
+  "cryptographic_weakness.insufficient_entropy": null,
+  "cryptographic_weakness.insufficient_entropy.limited_rng_entropy_source": null,
+  "cryptographic_weakness.insufficient_entropy.use_of_trng_for_nonsecurity_purpose": null,
+  "cryptographic_weakness.insufficient_entropy.prng_seed_reuse": null,
+  "cryptographic_weakness.insufficient_entropy.predictable_prng_seed": null,
+  "cryptographic_weakness.insufficient_entropy.small_seed_space_in_prng": null,
+  "cryptographic_weakness.insufficient_entropy.initialization_vector_reuse": null,
+  "cryptographic_weakness.insufficient_entropy.predictable_initialization_vector": null,
+  "cryptographic_weakness.insecure_implementation": null,
+  "cryptographic_weakness.insecure_implementation.missing_cryptographic_step": null,
+  "cryptographic_weakness.insecure_implementation.improper_following_of_specification": null,
+  "cryptographic_weakness.weak_hash": null,
+  "cryptographic_weakness.weak_hash.lack_of_salt": null,
+  "cryptographic_weakness.weak_hash.use_of_predictable_salt": null,
+  "cryptographic_weakness.weak_hash.predictable_hash_collision": null,
+  "cryptographic_weakness.insufficient_verification_of_data_authenticity": null,
+  "cryptographic_weakness.insufficient_verification_of_data_authenticity.identity_check_value": null,
+  "cryptographic_weakness.insufficient_verification_of_data_authenticity.cryptographic_signature": null,
+  "cryptographic_weakness.insecure_key_generation": null,
+  "cryptographic_weakness.insecure_key_generation.improper_asymmetric_prime_selection": null,
+  "cryptographic_weakness.insecure_key_generation.improper_asymmetric_exponent_selection": null,
+  "cryptographic_weakness.insecure_key_generation.insufficient_key_stretching": null,
+  "cryptographic_weakness.insecure_key_generation.insufficient_key_space": null,
+  "cryptographic_weakness.insecure_key_generation.key_exchange_without_entity_authentication": null,
+  "cryptographic_weakness.key_reuse": null,
+  "cryptographic_weakness.key_reuse.lack_of_perfect_forward_secrecy": null,
+  "cryptographic_weakness.key_reuse.intra_environment": null,
+  "cryptographic_weakness.key_reuse.inter_environment": null,
+  "cryptographic_weakness.broken_cryptography": null,
+  "cryptographic_weakness.broken_cryptography.use_of_broken_cryptographic_primitive": null,
+  "cryptographic_weakness.broken_cryptography.use_of_vulnerable_cryptographic_library": null,
+  "cryptographic_weakness.side_channel_attack": null,
+  "cryptographic_weakness.side_channel_attack.padding_oracle_attack": null,
+  "cryptographic_weakness.side_channel_attack.timing_attack": null,
+  "cryptographic_weakness.side_channel_attack.power_analysis_attack": null,
+  "cryptographic_weakness.side_channel_attack.emanations_attack": null,
+  "cryptographic_weakness.side_channel_attack.differential_fault_analysis": null,
+  "cryptographic_weakness.use_of_expired_cryptographic_key_or_cert": null,
+  "cryptographic_weakness.incomplete_cleanup_of_keying_material": null,
+  "privacy_concerns": null,
+  "privacy_concerns.unnecessary_data_collection": null,
+  "privacy_concerns.unnecessary_data_collection.wifi_ssid_password": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=privacy_concerns:unnecessary_data_collection:wifi_ssid_password&redirect=true",
+  "network_security_misconfiguration": null,
+  "network_security_misconfiguration.telnet_enabled": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=network_security_misconfiguration:telnet_enabled&redirect=true",
+  "mobile_security_misconfiguration": null,
+  "mobile_security_misconfiguration.ssl_certificate_pinning": null,
+  "mobile_security_misconfiguration.ssl_certificate_pinning.absent": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=mobile_security_misconfiguration:ssl_certificate_pinning:absent&redirect=true",
+  "mobile_security_misconfiguration.ssl_certificate_pinning.defeatable": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=mobile_security_misconfiguration:ssl_certificate_pinning:defeatable&redirect=true",
+  "mobile_security_misconfiguration.tapjacking": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=mobile_security_misconfiguration:tapjacking&redirect=true",
+  "mobile_security_misconfiguration.clipboard_enabled": null,
+  "mobile_security_misconfiguration.auto_backup_allowed_by_default": null,
+  "client_side_injection": null,
+  "client_side_injection.binary_planting": null,
+  "client_side_injection.binary_planting.privilege_escalation": null,
+  "client_side_injection.binary_planting.non_default_folder_privilege_escalation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=client_side_injection:binary_planting:non_default_folder_privilege_escalation&redirect=true",
+  "client_side_injection.binary_planting.no_privilege_escalation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=client_side_injection:binary_planting:no_privilege_escalation&redirect=true",
+  "automotive_security_misconfiguration": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.sensitive_data_leakage_exposure": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.ota_firmware_manipulation": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.code_execution_can_bus_pivot": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.code_execution_no_can_bus_pivot": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.unauthorized_access_to_services": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.source_code_dump": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.dos_brick": null,
+  "automotive_security_misconfiguration.infotainment_radio_head_unit.default_credentials": null,
+  "automotive_security_misconfiguration.rf_hub": null,
+  "automotive_security_misconfiguration.rf_hub.key_fob_cloning": null,
+  "automotive_security_misconfiguration.rf_hub.can_injection_interaction": null,
+  "automotive_security_misconfiguration.rf_hub.data_leakage_pull_encryption_mechanism": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=automotive_security_misconfiguration:rf_hub:data_leakage_pull_encryption_mechanism&redirect=true",
+  "automotive_security_misconfiguration.rf_hub.unauthorized_access_turn_on": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=automotive_security_misconfiguration:rf_hub:unauthorized_access_turn_on&redirect=true",
+  "automotive_security_misconfiguration.rf_hub.roll_jam": null,
+  "automotive_security_misconfiguration.rf_hub.replay": null,
+  "automotive_security_misconfiguration.rf_hub.relay": null,
+  "automotive_security_misconfiguration.can": null,
+  "automotive_security_misconfiguration.can.injection_battery_management_system": null,
+  "automotive_security_misconfiguration.can.injection_steering_control": null,
+  "automotive_security_misconfiguration.can.injection_pyrotechnical_device_deployment_tool": null,
+  "automotive_security_misconfiguration.can.injection_headlights": null,
+  "automotive_security_misconfiguration.can.injection_sensors": null,
+  "automotive_security_misconfiguration.can.injection_vehicle_anti_theft_systems": null,
+  "automotive_security_misconfiguration.can.injection_powertrain": null,
+  "automotive_security_misconfiguration.can.injection_basic_safety_message": null,
+  "automotive_security_misconfiguration.can.injection_disallowed_messages": null,
+  "automotive_security_misconfiguration.can.injection_dos": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=automotive_security_misconfiguration:can:injection_dos&redirect=true",
+  "automotive_security_misconfiguration.battery_management_system": null,
+  "automotive_security_misconfiguration.battery_management_system.firmware_dump": null,
+  "automotive_security_misconfiguration.battery_management_system.fraudulent_interface": null,
+  "automotive_security_misconfiguration.gnss_gps": null,
+  "automotive_security_misconfiguration.gnss_gps.spoofing": null,
+  "automotive_security_misconfiguration.immobilizer": null,
+  "automotive_security_misconfiguration.immobilizer.engine_start": null,
+  "automotive_security_misconfiguration.abs": null,
+  "automotive_security_misconfiguration.abs.unintended_acceleration_brake": null,
+  "automotive_security_misconfiguration.rsu": null,
+  "automotive_security_misconfiguration.rsu.sybil_attack": null,
+  "indicators_of_compromise": null
+}

data/lib/data/1.11/vrt.schema.json ADDED Viewed

@@ -0,0 +1,63 @@
+{
+    "$schema": "http://json-schema.org/draft-04/schema#",
+    "title": "Vulnerability Rating Taxonomy",
+    "description": "A Taxonomy of potential vulnerabilities with suggested technical priority rating",
+    "definitions": {
+      "VRTmetadata": {
+        "type": "object",
+        "properties": {
+          "release_date":   { "type": "string", "format": "date-time" }
+        }
+      },
+      "VRT": {
+        "type": "object",
+        "properties": {
+          "id":             { "type": "string", "pattern": "^[a-z_]*$" },
+          "type":           { "type": "string", "enum": [ "category", "subcategory", "variant" ] },
+          "name":           { "type": "string", "pattern": "^[ a-zA-Z0-9-+()\/,.<]*$" },
+          "priority":       {
+                              "anyOf": [
+                                { "type": "number", "minimum": 1, "maximum": 5 },
+                                { "type": "null" }
+                              ]
+                            }
+        },
+        "required": ["id", "name", "type", "priority"]
+      },
+      "VRTparent": {
+        "type": "object",
+        "properties": {
+          "id":             { "type": "string", "pattern": "^[a-z_]*$" },
+          "name":           { "type": "string", "pattern": "^[ a-zA-Z0-9-+()\/,.<]*$" },
+          "type":           { "type": "string", "enum": [ "category", "subcategory" ] },
+          "children": {
+            "type": "array",
+            "items" : {
+              "anyOf": [
+                { "$ref": "#/definitions/VRTparent" },
+                { "$ref": "#/definitions/VRT" }
+              ]
+            },
+            "minItems": 1
+          }
+        },
+        "required": ["id", "name", "type", "children"]
+      }
+    },
+    "type": "object",
+    "required": ["metadata", "content"],
+    "properties": {
+      "metadata": {
+         "$ref": "#/definitions/VRTmetadata"
+      },
+      "content": {
+        "type": "array",
+        "items" : {
+          "anyOf": [
+            { "$ref": "#/definitions/VRTparent" },
+            { "$ref": "#/definitions/VRT" }
+          ]
+        }
+      }
+    }
+}