vrt 0.13.1 → 0.13.2
Sign up to get free protection for your applications and to get access to all the features.
- checksums.yaml +4 -4
- data/lib/data/1.14.2/deprecated-node-mapping.json +242 -0
- data/lib/data/1.14.2/mappings/cvss_v3/cvss_v3.json +1437 -0
- data/lib/data/1.14.2/mappings/cvss_v3/cvss_v3.schema.json +59 -0
- data/lib/data/1.14.2/mappings/cwe/cwe.json +818 -0
- data/lib/data/1.14.2/mappings/cwe/cwe.schema.json +63 -0
- data/lib/data/1.14.2/mappings/remediation_advice/remediation_advice.json +2073 -0
- data/lib/data/1.14.2/mappings/remediation_advice/remediation_advice.schema.json +75 -0
- data/lib/data/1.14.2/third-party-mappings/remediation_training/secure-code-warrior-links.json +437 -0
- data/lib/data/1.14.2/vrt.schema.json +63 -0
- data/lib/data/1.14.2/vulnerability-rating-taxonomy.json +2724 -0
- data/lib/vrt/version.rb +1 -1
- metadata +12 -2
@@ -0,0 +1,75 @@
|
|
1
|
+
{
|
2
|
+
"$schema": "http://json-schema.org/draft-04/schema#",
|
3
|
+
"title": "VRT to Remediation Advice",
|
4
|
+
"description": "Mapping from the Vulnerability Rating Taxonomy to Remediation Advice",
|
5
|
+
"definitions": {
|
6
|
+
"MappingMetadata": {
|
7
|
+
"type": "object",
|
8
|
+
"properties": {
|
9
|
+
"default": { "type": "null" },
|
10
|
+
"keys": { "type": "array",
|
11
|
+
"items": { "type": "string", "enum": ["remediation_advice", "references"] },
|
12
|
+
"minItems": 2,
|
13
|
+
"uniqueItems": true
|
14
|
+
}
|
15
|
+
},
|
16
|
+
"required": ["default", "keys"]
|
17
|
+
},
|
18
|
+
"VRTid": { "type": "string", "pattern": "^[a-z_]*$" },
|
19
|
+
"RemediationAdvice": { "type": "string" },
|
20
|
+
"References": { "type" : "array",
|
21
|
+
"items" : { "type": "string", "pattern": "^http[s]?:\/\/.*$" },
|
22
|
+
"minItems": 1,
|
23
|
+
"uniqueItems": true
|
24
|
+
},
|
25
|
+
"Mapping": {
|
26
|
+
"type": "object",
|
27
|
+
"properties": {
|
28
|
+
"id": { "$ref": "#/definitions/VRTid" },
|
29
|
+
"remediation_advice" : { "$ref": "#/definitions/RemediationAdvice" },
|
30
|
+
"references" : { "$ref": "#/definitions/References" }
|
31
|
+
},
|
32
|
+
"required": ["id"],
|
33
|
+
"anyOf": [
|
34
|
+
{ "required": ["remediation_advice"] },
|
35
|
+
{ "required": ["references"] }
|
36
|
+
],
|
37
|
+
"additionalProperties": false
|
38
|
+
},
|
39
|
+
"MappingParent": {
|
40
|
+
"type": "object",
|
41
|
+
"properties": {
|
42
|
+
"id": { "$ref": "#/definitions/VRTid" },
|
43
|
+
"children": {
|
44
|
+
"type": "array",
|
45
|
+
"items" : {
|
46
|
+
"anyOf": [
|
47
|
+
{ "$ref": "#/definitions/MappingParent" },
|
48
|
+
{ "$ref": "#/definitions/Mapping" }
|
49
|
+
]
|
50
|
+
}
|
51
|
+
},
|
52
|
+
"remediation_advice" : { "$ref": "#/definitions/RemediationAdvice" },
|
53
|
+
"references" : { "$ref": "#/definitions/References" }
|
54
|
+
},
|
55
|
+
"required": ["id", "children"],
|
56
|
+
"additionalProperties": false
|
57
|
+
}
|
58
|
+
},
|
59
|
+
"type": "object",
|
60
|
+
"required": ["metadata", "content"],
|
61
|
+
"properties": {
|
62
|
+
"metadata": {
|
63
|
+
"$ref": "#/definitions/MappingMetadata"
|
64
|
+
},
|
65
|
+
"content": {
|
66
|
+
"type": "array",
|
67
|
+
"items" : {
|
68
|
+
"anyOf": [
|
69
|
+
{ "$ref": "#/definitions/MappingParent" },
|
70
|
+
{ "$ref": "#/definitions/Mapping" }
|
71
|
+
]
|
72
|
+
}
|
73
|
+
}
|
74
|
+
}
|
75
|
+
}
|
@@ -0,0 +1,437 @@
|
|
1
|
+
{
|
2
|
+
"server_security_misconfiguration": null,
|
3
|
+
"server_security_misconfiguration.server_side_request_forgery_ssrf": null,
|
4
|
+
"server_security_misconfiguration.server_side_request_forgery_ssrf.internal_high_impact": null,
|
5
|
+
"server_security_misconfiguration.server_side_request_forgery_ssrf.internal_scan_and_or_medium_impact": null,
|
6
|
+
"server_security_misconfiguration.server_side_request_forgery_ssrf.external_low_impact": null,
|
7
|
+
"server_security_misconfiguration.server_side_request_forgery_ssrf.external_dns_query_only": null,
|
8
|
+
"server_security_misconfiguration.unsafe_cross_origin_resource_sharing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_cross_origin_resource_sharing&redirect=true",
|
9
|
+
"server_security_misconfiguration.request_smuggling": null,
|
10
|
+
"server_security_misconfiguration.path_traversal": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:path_traversal&redirect=true",
|
11
|
+
"server_security_misconfiguration.directory_listing_enabled": null,
|
12
|
+
"server_security_misconfiguration.directory_listing_enabled.sensitive_data_exposure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:directory_listing_enabled:sensitive_data_exposure&redirect=true",
|
13
|
+
"server_security_misconfiguration.directory_listing_enabled.non_sensitive_data_exposure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:directory_listing_enabled:non_sensitive_data_exposure&redirect=true",
|
14
|
+
"server_security_misconfiguration.same_site_scripting": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:same_site_scripting&redirect=true",
|
15
|
+
"server_security_misconfiguration.ssl_attack_breach_poodle_etc": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:ssl_attack_breach_poodle_etc&redirect=true",
|
16
|
+
"server_security_misconfiguration.using_default_credentials": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:using_default_credentials&redirect=true",
|
17
|
+
"server_security_misconfiguration.misconfigured_dns": null,
|
18
|
+
"server_security_misconfiguration.misconfigured_dns.subdomain_takeover": null,
|
19
|
+
"server_security_misconfiguration.misconfigured_dns.zone_transfer": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:misconfigured_dns:zone_transfer&redirect=true",
|
20
|
+
"server_security_misconfiguration.misconfigured_dns.missing_caa_record": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:misconfigured_dns:missing_caa_record&redirect=true",
|
21
|
+
"server_security_misconfiguration.mail_server_misconfiguration": null,
|
22
|
+
"server_security_misconfiguration.mail_server_misconfiguration.no_spoofing_protection_on_email_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:no_spoofing_protection_on_email_domain&redirect=true",
|
23
|
+
"server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_to_inbox_due_to_missing_or_misconfigured_dmarc_on_email_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:email_spoofing_to_inbox_due_to_missing_or_misconfigured_dmarc_on_email_domain&redirect=true",
|
24
|
+
"server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_to_spam_folder": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:email_spoofing_to_spam_folder&redirect=true",
|
25
|
+
"server_security_misconfiguration.mail_server_misconfiguration.missing_or_misconfigured_spf_and_or_dkim": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:missing_or_misconfigured_spf_and_or_dkim&redirect=true",
|
26
|
+
"server_security_misconfiguration.mail_server_misconfiguration.email_spoofing_on_non_email_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:mail_server_misconfiguration:email_spoofing_on_non_email_domain&redirect=true",
|
27
|
+
"server_security_misconfiguration.dbms_misconfiguration": null,
|
28
|
+
"server_security_misconfiguration.dbms_misconfiguration.excessively_privileged_user_dba": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:dbms_misconfiguration:excessively_privileged_user_dba&redirect=true",
|
29
|
+
"server_security_misconfiguration.lack_of_password_confirmation": null,
|
30
|
+
"server_security_misconfiguration.lack_of_password_confirmation.change_email_address": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:change_email_address&redirect=true",
|
31
|
+
"server_security_misconfiguration.lack_of_password_confirmation.change_password": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:change_password&redirect=true",
|
32
|
+
"server_security_misconfiguration.lack_of_password_confirmation.delete_account": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:delete_account&redirect=true",
|
33
|
+
"server_security_misconfiguration.lack_of_password_confirmation.manage_two_fa": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_password_confirmation:manage_two_fa&redirect=true",
|
34
|
+
"server_security_misconfiguration.no_rate_limiting_on_form": null,
|
35
|
+
"server_security_misconfiguration.no_rate_limiting_on_form.registration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:registration&redirect=true",
|
36
|
+
"server_security_misconfiguration.no_rate_limiting_on_form.login": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:login&redirect=true",
|
37
|
+
"server_security_misconfiguration.no_rate_limiting_on_form.email_triggering": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:email_triggering&redirect=true",
|
38
|
+
"server_security_misconfiguration.no_rate_limiting_on_form.sms_triggering": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:no_rate_limiting_on_form:sms_triggering&redirect=true",
|
39
|
+
"server_security_misconfiguration.no_rate_limiting_on_form.change_password": null,
|
40
|
+
"server_security_misconfiguration.unsafe_file_upload": null,
|
41
|
+
"server_security_misconfiguration.unsafe_file_upload.no_antivirus": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_file_upload:no_antivirus&redirect=true",
|
42
|
+
"server_security_misconfiguration.unsafe_file_upload.no_size_limit": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_file_upload:no_size_limit&redirect=true",
|
43
|
+
"server_security_misconfiguration.unsafe_file_upload.file_extension_filter_bypass": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:unsafe_file_upload:file_extension_filter_bypass&redirect=true",
|
44
|
+
"server_security_misconfiguration.cookie_scoped_to_parent_domain": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:cookie_scoped_to_parent_domain&redirect=true",
|
45
|
+
"server_security_misconfiguration.missing_secure_or_httponly_cookie_flag": null,
|
46
|
+
"server_security_misconfiguration.missing_secure_or_httponly_cookie_flag.session_token": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:missing_secure_or_httponly_cookie_flag:session_token&redirect=true",
|
47
|
+
"server_security_misconfiguration.missing_secure_or_httponly_cookie_flag.non_session_cookie": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:missing_secure_or_httponly_cookie_flag:non_session_cookie&redirect=true",
|
48
|
+
"server_security_misconfiguration.clickjacking": null,
|
49
|
+
"server_security_misconfiguration.clickjacking.sensitive_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:clickjacking:sensitive_action&redirect=true",
|
50
|
+
"server_security_misconfiguration.clickjacking.form_input": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:clickjacking:form_input&redirect=true",
|
51
|
+
"server_security_misconfiguration.clickjacking.non_sensitive_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:clickjacking:non_sensitive_action&redirect=true",
|
52
|
+
"server_security_misconfiguration.oauth_misconfiguration": null,
|
53
|
+
"server_security_misconfiguration.oauth_misconfiguration.account_takeover": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:oauth_misconfiguration:account_takeover&redirect=true",
|
54
|
+
"server_security_misconfiguration.oauth_misconfiguration.account_squatting": null,
|
55
|
+
"server_security_misconfiguration.oauth_misconfiguration.missing_state_parameter": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:oauth_misconfiguration:missing_state_parameter&redirect=true",
|
56
|
+
"server_security_misconfiguration.oauth_misconfiguration.insecure_redirect_uri": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:oauth_misconfiguration:insecure_redirect_uri&redirect=true",
|
57
|
+
"server_security_misconfiguration.captcha": null,
|
58
|
+
"server_security_misconfiguration.captcha.implementation_vulnerability": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:captcha:implementation_vulnerability&redirect=true",
|
59
|
+
"server_security_misconfiguration.captcha.brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:captcha:brute_force&redirect=true",
|
60
|
+
"server_security_misconfiguration.captcha.missing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:captcha:missing&redirect=true",
|
61
|
+
"server_security_misconfiguration.exposed_admin_portal": null,
|
62
|
+
"server_security_misconfiguration.exposed_admin_portal.to_internet": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:exposed_admin_portal:to_internet&redirect=true",
|
63
|
+
"server_security_misconfiguration.missing_dnssec": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:missing_dnssec&redirect=true",
|
64
|
+
"server_security_misconfiguration.fingerprinting_banner_disclosure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:fingerprinting_banner_disclosure&redirect=true",
|
65
|
+
"server_security_misconfiguration.username_enumeration": null,
|
66
|
+
"server_security_misconfiguration.username_enumeration.brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:username_enumeration:brute_force&redirect=true",
|
67
|
+
"server_security_misconfiguration.potentially_unsafe_http_method_enabled": null,
|
68
|
+
"server_security_misconfiguration.potentially_unsafe_http_method_enabled.options": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:potentially_unsafe_http_method_enabled:options&redirect=true",
|
69
|
+
"server_security_misconfiguration.potentially_unsafe_http_method_enabled.trace": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:potentially_unsafe_http_method_enabled:trace&redirect=true",
|
70
|
+
"server_security_misconfiguration.insecure_ssl": null,
|
71
|
+
"server_security_misconfiguration.insecure_ssl.lack_of_forward_secrecy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:insecure_ssl:lack_of_forward_secrecy&redirect=true",
|
72
|
+
"server_security_misconfiguration.insecure_ssl.insecure_cipher_suite": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:insecure_ssl:insecure_cipher_suite&redirect=true",
|
73
|
+
"server_security_misconfiguration.insecure_ssl.certificate_error": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:insecure_ssl:certificate_error&redirect=true",
|
74
|
+
"server_security_misconfiguration.rfd": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:rfd&redirect=true",
|
75
|
+
"server_security_misconfiguration.lack_of_security_headers": null,
|
76
|
+
"server_security_misconfiguration.lack_of_security_headers.x_frame_options": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_frame_options&redirect=true",
|
77
|
+
"server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_non_sensitive_page": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:cache_control_for_a_non_sensitive_page&redirect=true",
|
78
|
+
"server_security_misconfiguration.lack_of_security_headers.x_xss_protection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_xss_protection&redirect=true",
|
79
|
+
"server_security_misconfiguration.lack_of_security_headers.strict_transport_security": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:strict_transport_security&redirect=true",
|
80
|
+
"server_security_misconfiguration.lack_of_security_headers.x_content_type_options": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_content_type_options&redirect=true",
|
81
|
+
"server_security_misconfiguration.lack_of_security_headers.content_security_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:content_security_policy&redirect=true",
|
82
|
+
"server_security_misconfiguration.lack_of_security_headers.public_key_pins": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:public_key_pins&redirect=true",
|
83
|
+
"server_security_misconfiguration.lack_of_security_headers.x_content_security_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_content_security_policy&redirect=true",
|
84
|
+
"server_security_misconfiguration.lack_of_security_headers.x_webkit_csp": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:x_webkit_csp&redirect=true",
|
85
|
+
"server_security_misconfiguration.lack_of_security_headers.content_security_policy_report_only": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:content_security_policy_report_only&redirect=true",
|
86
|
+
"server_security_misconfiguration.lack_of_security_headers.cache_control_for_a_sensitive_page": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:lack_of_security_headers:cache_control_for_a_sensitive_page&redirect=true",
|
87
|
+
"server_security_misconfiguration.waf_bypass": null,
|
88
|
+
"server_security_misconfiguration.waf_bypass.direct_server_access": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:waf_bypass:direct_server_access&redirect=true",
|
89
|
+
"server_security_misconfiguration.race_condition": null,
|
90
|
+
"server_security_misconfiguration.email_verification_bypass": null,
|
91
|
+
"server_security_misconfiguration.missing_subresource_integrity": null,
|
92
|
+
"server_security_misconfiguration.software_package_takeover": null,
|
93
|
+
"server_security_misconfiguration.cache_poisoning": null,
|
94
|
+
"server_security_misconfiguration.bitsquatting": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_security_misconfiguration:bitsquatting&redirect=true",
|
95
|
+
"server_side_injection": null,
|
96
|
+
"server_side_injection.file_inclusion": null,
|
97
|
+
"server_side_injection.file_inclusion.local": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:file_inclusion:local&redirect=true",
|
98
|
+
"server_side_injection.parameter_pollution": null,
|
99
|
+
"server_side_injection.parameter_pollution.social_media_sharing_buttons": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:parameter_pollution:social_media_sharing_buttons&redirect=true",
|
100
|
+
"server_side_injection.remote_code_execution_rce": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:remote_code_execution_rce&redirect=true",
|
101
|
+
"server_side_injection.ldap_injection": null,
|
102
|
+
"server_side_injection.sql_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:sql_injection&redirect=true",
|
103
|
+
"server_side_injection.xml_external_entity_injection_xxe": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:xml_external_entity_injection_xxe&redirect=true",
|
104
|
+
"server_side_injection.http_response_manipulation": null,
|
105
|
+
"server_side_injection.http_response_manipulation.response_splitting_crlf": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:http_response_manipulation:response_splitting_crlf&redirect=true",
|
106
|
+
"server_side_injection.content_spoofing": null,
|
107
|
+
"server_side_injection.content_spoofing.iframe_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:iframe_injection&redirect=true",
|
108
|
+
"server_side_injection.content_spoofing.impersonation_via_broken_link_hijacking": null,
|
109
|
+
"server_side_injection.content_spoofing.external_authentication_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:external_authentication_injection&redirect=true",
|
110
|
+
"server_side_injection.content_spoofing.flash_based_external_authentication_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:flash_based_external_authentication_injection&redirect=true",
|
111
|
+
"server_side_injection.content_spoofing.html_content_injection": null,
|
112
|
+
"server_side_injection.content_spoofing.email_html_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:email_html_injection&redirect=true",
|
113
|
+
"server_side_injection.content_spoofing.email_hyperlink_injection_based_on_email_provider": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:email_hyperlink_injection_based_on_email_provider&redirect=true",
|
114
|
+
"server_side_injection.content_spoofing.text_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:text_injection&redirect=true",
|
115
|
+
"server_side_injection.content_spoofing.homograph_idn_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:homograph_idn_based&redirect=true",
|
116
|
+
"server_side_injection.content_spoofing.rtlo": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=server_side_injection:content_spoofing:rtlo&redirect=true",
|
117
|
+
"server_side_injection.ssti": null,
|
118
|
+
"server_side_injection.ssti.basic": null,
|
119
|
+
"server_side_injection.ssti.custom": null,
|
120
|
+
"broken_authentication_and_session_management": null,
|
121
|
+
"broken_authentication_and_session_management.authentication_bypass": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:authentication_bypass&redirect=true",
|
122
|
+
"broken_authentication_and_session_management.two_fa_bypass": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:two_fa_bypass&redirect=true",
|
123
|
+
"broken_authentication_and_session_management.cleartext_transmission_of_session_token": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:cleartext_transmission_of_session_token&redirect=true",
|
124
|
+
"broken_authentication_and_session_management.weak_login_function": null,
|
125
|
+
"broken_authentication_and_session_management.weak_login_function.not_operational": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:weak_login_function:not_operational&redirect=true",
|
126
|
+
"broken_authentication_and_session_management.weak_login_function.other_plaintext_protocol_no_secure_alternative": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:weak_login_function:other_plaintext_protocol_no_secure_alternative&redirect=true",
|
127
|
+
"broken_authentication_and_session_management.weak_login_function.over_http": null,
|
128
|
+
"broken_authentication_and_session_management.session_fixation": null,
|
129
|
+
"broken_authentication_and_session_management.session_fixation.remote_attack_vector": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:session_fixation:remote_attack_vector&redirect=true",
|
130
|
+
"broken_authentication_and_session_management.session_fixation.local_attack_vector": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:session_fixation:local_attack_vector&redirect=true",
|
131
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session": null,
|
132
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.on_logout": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_logout&redirect=true",
|
133
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.permission_change": null,
|
134
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.on_logout_server_side_only": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_logout_server_side_only&redirect=true",
|
135
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.on_password_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_password_change&redirect=true",
|
136
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.all_sessions": null,
|
137
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.on_email_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:on_email_change&redirect=true",
|
138
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.on_two_fa_activation_change": null,
|
139
|
+
"broken_authentication_and_session_management.failure_to_invalidate_session.long_timeout": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:failure_to_invalidate_session:long_timeout&redirect=true",
|
140
|
+
"broken_authentication_and_session_management.concurrent_logins": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:concurrent_logins&redirect=true",
|
141
|
+
"broken_authentication_and_session_management.weak_registration_implementation": null,
|
142
|
+
"broken_authentication_and_session_management.weak_registration_implementation.over_http": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_authentication_and_session_management:weak_registration_implementation:over_http&redirect=true",
|
143
|
+
"sensitive_data_exposure": null,
|
144
|
+
"sensitive_data_exposure.disclosure_of_secrets": null,
|
145
|
+
"sensitive_data_exposure.disclosure_of_secrets.for_publicly_accessible_asset": null,
|
146
|
+
"sensitive_data_exposure.disclosure_of_secrets.pii_leakage_exposure": null,
|
147
|
+
"sensitive_data_exposure.disclosure_of_secrets.for_internal_asset": null,
|
148
|
+
"sensitive_data_exposure.disclosure_of_secrets.pay_per_use_abuse": null,
|
149
|
+
"sensitive_data_exposure.disclosure_of_secrets.intentionally_public_sample_or_invalid": null,
|
150
|
+
"sensitive_data_exposure.disclosure_of_secrets.data_traffic_spam": null,
|
151
|
+
"sensitive_data_exposure.disclosure_of_secrets.non_corporate_user": null,
|
152
|
+
"sensitive_data_exposure.exif_geolocation_data_not_stripped_from_uploaded_images": null,
|
153
|
+
"sensitive_data_exposure.exif_geolocation_data_not_stripped_from_uploaded_images.automatic_user_enumeration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:exif_geolocation_data_not_stripped_from_uploaded_images:automatic_user_enumeration&redirect=true",
|
154
|
+
"sensitive_data_exposure.exif_geolocation_data_not_stripped_from_uploaded_images.manual_user_enumeration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:exif_geolocation_data_not_stripped_from_uploaded_images:manual_user_enumeration&redirect=true",
|
155
|
+
"sensitive_data_exposure.visible_detailed_error_page": null,
|
156
|
+
"sensitive_data_exposure.visible_detailed_error_page.detailed_server_configuration": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:visible_detailed_error_page:detailed_server_configuration&redirect=true",
|
157
|
+
"sensitive_data_exposure.visible_detailed_error_page.full_path_disclosure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:visible_detailed_error_page:full_path_disclosure&redirect=true",
|
158
|
+
"sensitive_data_exposure.visible_detailed_error_page.descriptive_stack_trace": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:visible_detailed_error_page:descriptive_stack_trace&redirect=true",
|
159
|
+
"sensitive_data_exposure.disclosure_of_known_public_information": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:disclosure_of_known_public_information&redirect=true",
|
160
|
+
"sensitive_data_exposure.token_leakage_via_referer": null,
|
161
|
+
"sensitive_data_exposure.token_leakage_via_referer.trusted_third_party": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:token_leakage_via_referer:trusted_third_party&redirect=true",
|
162
|
+
"sensitive_data_exposure.token_leakage_via_referer.untrusted_third_party": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:token_leakage_via_referer:untrusted_third_party&redirect=true",
|
163
|
+
"sensitive_data_exposure.token_leakage_via_referer.over_http": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:token_leakage_via_referer:over_http&redirect=true",
|
164
|
+
"sensitive_data_exposure.token_leakage_via_referer.password_reset_token": null,
|
165
|
+
"sensitive_data_exposure.sensitive_token_in_url": null,
|
166
|
+
"sensitive_data_exposure.sensitive_token_in_url.user_facing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_token_in_url:user_facing&redirect=true",
|
167
|
+
"sensitive_data_exposure.sensitive_token_in_url.in_the_background": null,
|
168
|
+
"sensitive_data_exposure.sensitive_token_in_url.on_password_reset": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_token_in_url:on_password_reset&redirect=true",
|
169
|
+
"sensitive_data_exposure.non_sensitive_token_in_url": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:non_sensitive_token_in_url&redirect=true",
|
170
|
+
"sensitive_data_exposure.weak_password_reset_implementation": null,
|
171
|
+
"sensitive_data_exposure.weak_password_reset_implementation.password_reset_token_sent_over_http": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:weak_password_reset_implementation:password_reset_token_sent_over_http&redirect=true",
|
172
|
+
"sensitive_data_exposure.weak_password_reset_implementation.token_leakage_via_host_header_poisoning": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:weak_password_reset_implementation:token_leakage_via_host_header_poisoning&redirect=true",
|
173
|
+
"sensitive_data_exposure.mixed_content": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:mixed_content&redirect=true",
|
174
|
+
"sensitive_data_exposure.sensitive_data_hardcoded": null,
|
175
|
+
"sensitive_data_exposure.sensitive_data_hardcoded.oauth_secret": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_data_hardcoded:oauth_secret&redirect=true",
|
176
|
+
"sensitive_data_exposure.sensitive_data_hardcoded.file_paths": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:sensitive_data_hardcoded:file_paths&redirect=true",
|
177
|
+
"sensitive_data_exposure.internal_ip_disclosure": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:internal_ip_disclosure&redirect=true",
|
178
|
+
"sensitive_data_exposure.xssi": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:xssi&redirect=true",
|
179
|
+
"sensitive_data_exposure.json_hijacking": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=sensitive_data_exposure:json_hijacking&redirect=true",
|
180
|
+
"sensitive_data_exposure.via_localstorage_sessionstorage": null,
|
181
|
+
"sensitive_data_exposure.via_localstorage_sessionstorage.sensitive_token": null,
|
182
|
+
"sensitive_data_exposure.via_localstorage_sessionstorage.non_sensitive_token": null,
|
183
|
+
"cross_site_scripting_xss": null,
|
184
|
+
"cross_site_scripting_xss.stored": null,
|
185
|
+
"cross_site_scripting_xss.stored.non_admin_to_anyone": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:non_admin_to_anyone&redirect=true",
|
186
|
+
"cross_site_scripting_xss.stored.privileged_user_to_privilege_elevation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:privileged_user_to_privilege_elevation&redirect=true",
|
187
|
+
"cross_site_scripting_xss.stored.privileged_user_to_no_privilege_elevation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:privileged_user_to_no_privilege_elevation&redirect=true",
|
188
|
+
"cross_site_scripting_xss.stored.url_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:url_based&redirect=true",
|
189
|
+
"cross_site_scripting_xss.stored.self": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:stored:self&redirect=true",
|
190
|
+
"cross_site_scripting_xss.reflected": null,
|
191
|
+
"cross_site_scripting_xss.reflected.non_self": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:reflected:non_self&redirect=true",
|
192
|
+
"cross_site_scripting_xss.reflected.self": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:reflected:self&redirect=true",
|
193
|
+
"cross_site_scripting_xss.flash_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:flash_based&redirect=true",
|
194
|
+
"cross_site_scripting_xss.cookie_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:cookie_based&redirect=true",
|
195
|
+
"cross_site_scripting_xss.ie_only": null,
|
196
|
+
"cross_site_scripting_xss.referer": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:referer&redirect=true",
|
197
|
+
"cross_site_scripting_xss.trace_method": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:trace_method&redirect=true",
|
198
|
+
"cross_site_scripting_xss.universal_uxss": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:universal_uxss&redirect=true",
|
199
|
+
"cross_site_scripting_xss.off_domain": null,
|
200
|
+
"cross_site_scripting_xss.off_domain.data_uri": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_scripting_xss:off_domain:data_uri&redirect=true",
|
201
|
+
"broken_access_control": null,
|
202
|
+
"broken_access_control.idor": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:idor&redirect=true",
|
203
|
+
"broken_access_control.idor.read_edit_delete_non_sensitive_information": null,
|
204
|
+
"broken_access_control.idor.read_edit_delete_sensitive_information_guid": null,
|
205
|
+
"broken_access_control.idor.read_sensitive_information_iterable_object_identifiers": null,
|
206
|
+
"broken_access_control.idor.edit_delete_sensitive_information_iterable_object_identifiers": null,
|
207
|
+
"broken_access_control.idor.read_edit_delete_sensitive_information_iterable_object_identifiers": null,
|
208
|
+
"broken_access_control.username_enumeration": null,
|
209
|
+
"broken_access_control.username_enumeration.non_brute_force": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:username_enumeration:non_brute_force&redirect=true",
|
210
|
+
"broken_access_control.exposed_sensitive_android_intent": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_android_intent&redirect=true",
|
211
|
+
"broken_access_control.privilege_escalation": null,
|
212
|
+
"broken_access_control.exposed_sensitive_ios_url_scheme": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=broken_access_control:exposed_sensitive_ios_url_scheme&redirect=true",
|
213
|
+
"cross_site_request_forgery_csrf": null,
|
214
|
+
"cross_site_request_forgery_csrf.application_wide": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:application_wide&redirect=true",
|
215
|
+
"cross_site_request_forgery_csrf.action_specific": null,
|
216
|
+
"cross_site_request_forgery_csrf.action_specific.authenticated_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:action_specific:authenticated_action&redirect=true",
|
217
|
+
"cross_site_request_forgery_csrf.action_specific.unauthenticated_action": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:action_specific:unauthenticated_action&redirect=true",
|
218
|
+
"cross_site_request_forgery_csrf.action_specific.logout": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:action_specific:logout&redirect=true",
|
219
|
+
"cross_site_request_forgery_csrf.csrf_token_not_unique_per_request": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=cross_site_request_forgery_csrf:csrf_token_not_unique_per_request&redirect=true",
|
220
|
+
"cross_site_request_forgery_csrf.flash_based": null,
|
221
|
+
"application_level_denial_of_service_dos": null,
|
222
|
+
"application_level_denial_of_service_dos.excessive_resource_consumption": null,
|
223
|
+
"application_level_denial_of_service_dos.excessive_resource_consumption.injection_prompt": null,
|
224
|
+
"application_level_denial_of_service_dos.critical_impact_and_or_easy_difficulty": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:critical_impact_and_or_easy_difficulty&redirect=true",
|
225
|
+
"application_level_denial_of_service_dos.high_impact_and_or_medium_difficulty": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:high_impact_and_or_medium_difficulty&redirect=true",
|
226
|
+
"application_level_denial_of_service_dos.app_crash": null,
|
227
|
+
"application_level_denial_of_service_dos.app_crash.malformed_android_intents": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:app_crash:malformed_android_intents&redirect=true",
|
228
|
+
"application_level_denial_of_service_dos.app_crash.malformed_ios_url_schemes": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=application_level_denial_of_service_dos:app_crash:malformed_ios_url_schemes&redirect=true",
|
229
|
+
"unvalidated_redirects_and_forwards": null,
|
230
|
+
"unvalidated_redirects_and_forwards.open_redirect": null,
|
231
|
+
"unvalidated_redirects_and_forwards.open_redirect.get_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:get_based&redirect=true",
|
232
|
+
"unvalidated_redirects_and_forwards.open_redirect.post_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:post_based&redirect=true",
|
233
|
+
"unvalidated_redirects_and_forwards.open_redirect.header_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:header_based&redirect=true",
|
234
|
+
"unvalidated_redirects_and_forwards.open_redirect.flash_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:open_redirect:flash_based&redirect=true",
|
235
|
+
"unvalidated_redirects_and_forwards.tabnabbing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:tabnabbing&redirect=true",
|
236
|
+
"unvalidated_redirects_and_forwards.lack_of_security_speed_bump_page": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=unvalidated_redirects_and_forwards:lack_of_security_speed_bump_page&redirect=true",
|
237
|
+
"external_behavior": null,
|
238
|
+
"external_behavior.browser_feature": null,
|
239
|
+
"external_behavior.browser_feature.plaintext_password_field": null,
|
240
|
+
"external_behavior.browser_feature.save_password": null,
|
241
|
+
"external_behavior.browser_feature.autocomplete_enabled": null,
|
242
|
+
"external_behavior.browser_feature.autocorrect_enabled": null,
|
243
|
+
"external_behavior.browser_feature.aggressive_offline_caching": null,
|
244
|
+
"external_behavior.csv_injection": null,
|
245
|
+
"external_behavior.captcha_bypass": null,
|
246
|
+
"external_behavior.captcha_bypass.crowdsourcing": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=external_behavior:captcha_bypass:crowdsourcing&redirect=true",
|
247
|
+
"external_behavior.system_clipboard_leak": null,
|
248
|
+
"external_behavior.system_clipboard_leak.shared_links": null,
|
249
|
+
"external_behavior.user_password_persisted_in_memory": null,
|
250
|
+
"insufficient_security_configurability": null,
|
251
|
+
"insufficient_security_configurability.weak_password_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_policy&redirect=true",
|
252
|
+
"insufficient_security_configurability.no_password_policy": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:no_password_policy&redirect=true",
|
253
|
+
"insufficient_security_configurability.password_policy_bypass": null,
|
254
|
+
"insufficient_security_configurability.weak_password_reset_implementation": null,
|
255
|
+
"insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_use": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_use&redirect=true",
|
256
|
+
"insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_email_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_email_change&redirect=true",
|
257
|
+
"insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_password_change": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_password_change&redirect=true",
|
258
|
+
"insufficient_security_configurability.weak_password_reset_implementation.token_has_long_timed_expiry": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_has_long_timed_expiry&redirect=true",
|
259
|
+
"insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_new_token_is_requested": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_new_token_is_requested&redirect=true",
|
260
|
+
"insufficient_security_configurability.weak_password_reset_implementation.token_is_not_invalidated_after_login": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_password_reset_implementation:token_is_not_invalidated_after_login&redirect=true",
|
261
|
+
"insufficient_security_configurability.verification_of_contact_method_not_required": null,
|
262
|
+
"insufficient_security_configurability.lack_of_notification_email": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:lack_of_notification_email&redirect=true",
|
263
|
+
"insufficient_security_configurability.weak_registration_implementation": null,
|
264
|
+
"insufficient_security_configurability.weak_registration_implementation.allows_disposable_email_addresses": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_registration_implementation:allows_disposable_email_addresses&redirect=true",
|
265
|
+
"insufficient_security_configurability.weak_two_fa_implementation": null,
|
266
|
+
"insufficient_security_configurability.weak_two_fa_implementation.two_fa_secret_cannot_be_rotated": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_two_fa_implementation:two_fa_secret_cannot_be_rotated&redirect=true",
|
267
|
+
"insufficient_security_configurability.weak_two_fa_implementation.two_fa_secret_remains_obtainable_after_two_fa_is_enabled": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_two_fa_implementation:two_fa_secret_remains_obtainable_after_two_fa_is_enabled&redirect=true",
|
268
|
+
"insufficient_security_configurability.weak_two_fa_implementation.missing_failsafe": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insufficient_security_configurability:weak_two_fa_implementation:missing_failsafe&redirect=true",
|
269
|
+
"insufficient_security_configurability.weak_two_fa_implementation.two_fa_code_is_not_updated_after_new_code_is_requested": null,
|
270
|
+
"insufficient_security_configurability.weak_two_fa_implementation.old_two_fa_code_is_not_invalidated_after_new_code_is_generated": null,
|
271
|
+
"using_components_with_known_vulnerabilities": null,
|
272
|
+
"using_components_with_known_vulnerabilities.rosetta_flash": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=using_components_with_known_vulnerabilities:rosetta_flash&redirect=true",
|
273
|
+
"using_components_with_known_vulnerabilities.outdated_software_version": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=using_components_with_known_vulnerabilities:outdated_software_version&redirect=true",
|
274
|
+
"using_components_with_known_vulnerabilities.captcha_bypass": null,
|
275
|
+
"using_components_with_known_vulnerabilities.captcha_bypass.ocr_optical_character_recognition": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=using_components_with_known_vulnerabilities:captcha_bypass:ocr_optical_character_recognition&redirect=true",
|
276
|
+
"insecure_data_storage": null,
|
277
|
+
"insecure_data_storage.sensitive_application_data_stored_unencrypted": null,
|
278
|
+
"insecure_data_storage.sensitive_application_data_stored_unencrypted.on_external_storage": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:sensitive_application_data_stored_unencrypted:on_external_storage&redirect=true",
|
279
|
+
"insecure_data_storage.sensitive_application_data_stored_unencrypted.on_internal_storage": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:sensitive_application_data_stored_unencrypted:on_internal_storage&redirect=true",
|
280
|
+
"insecure_data_storage.server_side_credentials_storage": null,
|
281
|
+
"insecure_data_storage.server_side_credentials_storage.plaintext": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:server_side_credentials_storage:plaintext&redirect=true",
|
282
|
+
"insecure_data_storage.non_sensitive_application_data_stored_unencrypted": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:non_sensitive_application_data_stored_unencrypted&redirect=true",
|
283
|
+
"insecure_data_storage.screen_caching_enabled": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_storage:screen_caching_enabled&redirect=true",
|
284
|
+
"lack_of_binary_hardening": null,
|
285
|
+
"lack_of_binary_hardening.lack_of_exploit_mitigations": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:lack_of_exploit_mitigations&redirect=true",
|
286
|
+
"lack_of_binary_hardening.lack_of_jailbreak_detection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:lack_of_jailbreak_detection&redirect=true",
|
287
|
+
"lack_of_binary_hardening.lack_of_obfuscation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:lack_of_obfuscation&redirect=true",
|
288
|
+
"lack_of_binary_hardening.runtime_instrumentation_based": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=lack_of_binary_hardening:runtime_instrumentation_based&redirect=true",
|
289
|
+
"insecure_data_transport": null,
|
290
|
+
"insecure_data_transport.cleartext_transmission_of_sensitive_data": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_transport:cleartext_transmission_of_sensitive_data&redirect=true",
|
291
|
+
"insecure_data_transport.executable_download": null,
|
292
|
+
"insecure_data_transport.executable_download.no_secure_integrity_check": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_transport:executable_download:no_secure_integrity_check&redirect=true",
|
293
|
+
"insecure_data_transport.executable_download.secure_integrity_check": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_data_transport:executable_download:secure_integrity_check&redirect=true",
|
294
|
+
"data_biases": null,
|
295
|
+
"data_biases.representation_bias": null,
|
296
|
+
"data_biases.pre_existing_bias": null,
|
297
|
+
"algorithmic_biases": null,
|
298
|
+
"algorithmic_biases.processing_bias": null,
|
299
|
+
"algorithmic_biases.aggregation_bias": null,
|
300
|
+
"societal_biases": null,
|
301
|
+
"societal_biases.confirmation_bias": null,
|
302
|
+
"societal_biases.systemic_bias": null,
|
303
|
+
"misinterpretation_biases": null,
|
304
|
+
"misinterpretation_biases.context_ignorance": null,
|
305
|
+
"developer_biases": null,
|
306
|
+
"developer_biases.implicit_bias": null,
|
307
|
+
"physical_security_issues": null,
|
308
|
+
"physical_security_issues.bypass_of_physical_access_control": null,
|
309
|
+
"physical_security_issues.weakness_in_physical_access_control": null,
|
310
|
+
"physical_security_issues.weakness_in_physical_access_control.cloneable_key": null,
|
311
|
+
"physical_security_issues.weakness_in_physical_access_control.master_key_identification": null,
|
312
|
+
"physical_security_issues.weakness_in_physical_access_control.commonly_keyed_system": null,
|
313
|
+
"insecure_os_firmware": null,
|
314
|
+
"insecure_os_firmware.command_injection": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_os_firmware:command_injection&redirect=true",
|
315
|
+
"insecure_os_firmware.hardcoded_password": null,
|
316
|
+
"insecure_os_firmware.hardcoded_password.privileged_user": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_os_firmware:hardcoded_password:privileged_user&redirect=true",
|
317
|
+
"insecure_os_firmware.hardcoded_password.non_privileged_user": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=insecure_os_firmware:hardcoded_password:non_privileged_user&redirect=true",
|
318
|
+
"insecure_os_firmware.weakness_in_firmware_updates": null,
|
319
|
+
"insecure_os_firmware.weakness_in_firmware_updates.firmware_cannot_be_updated": null,
|
320
|
+
"insecure_os_firmware.weakness_in_firmware_updates.firmware_does_not_validate_update_integrity": null,
|
321
|
+
"insecure_os_firmware.weakness_in_firmware_updates.firmware_is_not_encrypted": null,
|
322
|
+
"insecure_os_firmware.kiosk_escape_or_breakout": null,
|
323
|
+
"insecure_os_firmware.poorly_configured_disk_encryption": null,
|
324
|
+
"insecure_os_firmware.shared_credentials_on_storage": null,
|
325
|
+
"insecure_os_firmware.over_permissioned_credentials_on_storage": null,
|
326
|
+
"insecure_os_firmware.local_administrator_on_default_environment": null,
|
327
|
+
"insecure_os_firmware.poorly_configured_operating_system_security": null,
|
328
|
+
"insecure_os_firmware.recovery_of_disk_contains_sensitive_material": null,
|
329
|
+
"insecure_os_firmware.failure_to_remove_sensitive_artifacts_from_disk": null,
|
330
|
+
"insecure_os_firmware.data_not_encrypted_at_rest": null,
|
331
|
+
"insecure_os_firmware.data_not_encrypted_at_rest.sensitive": null,
|
332
|
+
"insecure_os_firmware.data_not_encrypted_at_rest.non_sensitive": null,
|
333
|
+
"cryptographic_weakness": null,
|
334
|
+
"cryptographic_weakness.insufficient_entropy": null,
|
335
|
+
"cryptographic_weakness.insufficient_entropy.limited_rng_entropy_source": null,
|
336
|
+
"cryptographic_weakness.insufficient_entropy.use_of_trng_for_nonsecurity_purpose": null,
|
337
|
+
"cryptographic_weakness.insufficient_entropy.prng_seed_reuse": null,
|
338
|
+
"cryptographic_weakness.insufficient_entropy.predictable_prng_seed": null,
|
339
|
+
"cryptographic_weakness.insufficient_entropy.small_seed_space_in_prng": null,
|
340
|
+
"cryptographic_weakness.insufficient_entropy.initialization_vector_reuse": null,
|
341
|
+
"cryptographic_weakness.insufficient_entropy.predictable_initialization_vector": null,
|
342
|
+
"cryptographic_weakness.insecure_implementation": null,
|
343
|
+
"cryptographic_weakness.insecure_implementation.missing_cryptographic_step": null,
|
344
|
+
"cryptographic_weakness.insecure_implementation.improper_following_of_specification": null,
|
345
|
+
"cryptographic_weakness.weak_hash": null,
|
346
|
+
"cryptographic_weakness.weak_hash.lack_of_salt": null,
|
347
|
+
"cryptographic_weakness.weak_hash.use_of_predictable_salt": null,
|
348
|
+
"cryptographic_weakness.weak_hash.predictable_hash_collision": null,
|
349
|
+
"cryptographic_weakness.insufficient_verification_of_data_authenticity": null,
|
350
|
+
"cryptographic_weakness.insufficient_verification_of_data_authenticity.identity_check_value": null,
|
351
|
+
"cryptographic_weakness.insufficient_verification_of_data_authenticity.cryptographic_signature": null,
|
352
|
+
"cryptographic_weakness.insecure_key_generation": null,
|
353
|
+
"cryptographic_weakness.insecure_key_generation.improper_asymmetric_prime_selection": null,
|
354
|
+
"cryptographic_weakness.insecure_key_generation.improper_asymmetric_exponent_selection": null,
|
355
|
+
"cryptographic_weakness.insecure_key_generation.insufficient_key_stretching": null,
|
356
|
+
"cryptographic_weakness.insecure_key_generation.insufficient_key_space": null,
|
357
|
+
"cryptographic_weakness.insecure_key_generation.key_exchange_without_entity_authentication": null,
|
358
|
+
"cryptographic_weakness.key_reuse": null,
|
359
|
+
"cryptographic_weakness.key_reuse.lack_of_perfect_forward_secrecy": null,
|
360
|
+
"cryptographic_weakness.key_reuse.intra_environment": null,
|
361
|
+
"cryptographic_weakness.key_reuse.inter_environment": null,
|
362
|
+
"cryptographic_weakness.broken_cryptography": null,
|
363
|
+
"cryptographic_weakness.broken_cryptography.use_of_broken_cryptographic_primitive": null,
|
364
|
+
"cryptographic_weakness.broken_cryptography.use_of_vulnerable_cryptographic_library": null,
|
365
|
+
"cryptographic_weakness.side_channel_attack": null,
|
366
|
+
"cryptographic_weakness.side_channel_attack.padding_oracle_attack": null,
|
367
|
+
"cryptographic_weakness.side_channel_attack.timing_attack": null,
|
368
|
+
"cryptographic_weakness.side_channel_attack.power_analysis_attack": null,
|
369
|
+
"cryptographic_weakness.side_channel_attack.emanations_attack": null,
|
370
|
+
"cryptographic_weakness.side_channel_attack.differential_fault_analysis": null,
|
371
|
+
"cryptographic_weakness.use_of_expired_cryptographic_key_or_cert": null,
|
372
|
+
"cryptographic_weakness.incomplete_cleanup_of_keying_material": null,
|
373
|
+
"privacy_concerns": null,
|
374
|
+
"privacy_concerns.unnecessary_data_collection": null,
|
375
|
+
"privacy_concerns.unnecessary_data_collection.wifi_ssid_password": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=privacy_concerns:unnecessary_data_collection:wifi_ssid_password&redirect=true",
|
376
|
+
"network_security_misconfiguration": null,
|
377
|
+
"network_security_misconfiguration.telnet_enabled": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=network_security_misconfiguration:telnet_enabled&redirect=true",
|
378
|
+
"mobile_security_misconfiguration": null,
|
379
|
+
"mobile_security_misconfiguration.ssl_certificate_pinning": null,
|
380
|
+
"mobile_security_misconfiguration.ssl_certificate_pinning.absent": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=mobile_security_misconfiguration:ssl_certificate_pinning:absent&redirect=true",
|
381
|
+
"mobile_security_misconfiguration.ssl_certificate_pinning.defeatable": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=mobile_security_misconfiguration:ssl_certificate_pinning:defeatable&redirect=true",
|
382
|
+
"mobile_security_misconfiguration.tapjacking": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=mobile_security_misconfiguration:tapjacking&redirect=true",
|
383
|
+
"mobile_security_misconfiguration.clipboard_enabled": null,
|
384
|
+
"mobile_security_misconfiguration.auto_backup_allowed_by_default": null,
|
385
|
+
"client_side_injection": null,
|
386
|
+
"client_side_injection.binary_planting": null,
|
387
|
+
"client_side_injection.binary_planting.privilege_escalation": null,
|
388
|
+
"client_side_injection.binary_planting.non_default_folder_privilege_escalation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=client_side_injection:binary_planting:non_default_folder_privilege_escalation&redirect=true",
|
389
|
+
"client_side_injection.binary_planting.no_privilege_escalation": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=client_side_injection:binary_planting:no_privilege_escalation&redirect=true",
|
390
|
+
"automotive_security_misconfiguration": null,
|
391
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit": null,
|
392
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.sensitive_data_leakage_exposure": null,
|
393
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.ota_firmware_manipulation": null,
|
394
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.code_execution_can_bus_pivot": null,
|
395
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.code_execution_no_can_bus_pivot": null,
|
396
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.unauthorized_access_to_services": null,
|
397
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.source_code_dump": null,
|
398
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.dos_brick": null,
|
399
|
+
"automotive_security_misconfiguration.infotainment_radio_head_unit.default_credentials": null,
|
400
|
+
"automotive_security_misconfiguration.rf_hub": null,
|
401
|
+
"automotive_security_misconfiguration.rf_hub.key_fob_cloning": null,
|
402
|
+
"automotive_security_misconfiguration.rf_hub.can_injection_interaction": null,
|
403
|
+
"automotive_security_misconfiguration.rf_hub.data_leakage_pull_encryption_mechanism": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=automotive_security_misconfiguration:rf_hub:data_leakage_pull_encryption_mechanism&redirect=true",
|
404
|
+
"automotive_security_misconfiguration.rf_hub.unauthorized_access_turn_on": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=automotive_security_misconfiguration:rf_hub:unauthorized_access_turn_on&redirect=true",
|
405
|
+
"automotive_security_misconfiguration.rf_hub.roll_jam": null,
|
406
|
+
"automotive_security_misconfiguration.rf_hub.replay": null,
|
407
|
+
"automotive_security_misconfiguration.rf_hub.relay": null,
|
408
|
+
"automotive_security_misconfiguration.can": null,
|
409
|
+
"automotive_security_misconfiguration.can.injection_battery_management_system": null,
|
410
|
+
"automotive_security_misconfiguration.can.injection_steering_control": null,
|
411
|
+
"automotive_security_misconfiguration.can.injection_pyrotechnical_device_deployment_tool": null,
|
412
|
+
"automotive_security_misconfiguration.can.injection_headlights": null,
|
413
|
+
"automotive_security_misconfiguration.can.injection_sensors": null,
|
414
|
+
"automotive_security_misconfiguration.can.injection_vehicle_anti_theft_systems": null,
|
415
|
+
"automotive_security_misconfiguration.can.injection_powertrain": null,
|
416
|
+
"automotive_security_misconfiguration.can.injection_basic_safety_message": null,
|
417
|
+
"automotive_security_misconfiguration.can.injection_disallowed_messages": null,
|
418
|
+
"automotive_security_misconfiguration.can.injection_dos": "https://integration-api.securecodewarrior.com/api/v1/trial?id=bugcrowd&mappingList=vrt&mappingKey=automotive_security_misconfiguration:can:injection_dos&redirect=true",
|
419
|
+
"automotive_security_misconfiguration.battery_management_system": null,
|
420
|
+
"automotive_security_misconfiguration.battery_management_system.firmware_dump": null,
|
421
|
+
"automotive_security_misconfiguration.battery_management_system.fraudulent_interface": null,
|
422
|
+
"automotive_security_misconfiguration.gnss_gps": null,
|
423
|
+
"automotive_security_misconfiguration.gnss_gps.spoofing": null,
|
424
|
+
"automotive_security_misconfiguration.immobilizer": null,
|
425
|
+
"automotive_security_misconfiguration.immobilizer.engine_start": null,
|
426
|
+
"automotive_security_misconfiguration.abs": null,
|
427
|
+
"automotive_security_misconfiguration.abs.unintended_acceleration_brake": null,
|
428
|
+
"automotive_security_misconfiguration.rsu": null,
|
429
|
+
"automotive_security_misconfiguration.rsu.sybil_attack": null,
|
430
|
+
"ai_application_security": null,
|
431
|
+
"ai_application_security.llm_security": null,
|
432
|
+
"ai_application_security.llm_security.prompt_injection": null,
|
433
|
+
"ai_application_security.llm_security.llm_output_handling": null,
|
434
|
+
"ai_application_security.llm_security.training_data_poisoning": null,
|
435
|
+
"ai_application_security.llm_security.excessive_agency_permission_manipulation": null,
|
436
|
+
"indicators_of_compromise": null
|
437
|
+
}
|