@sectester/scan 0.35.2 → 0.36.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +1 -1
- package/src/models/TestType.d.ts +19 -20
- package/src/models/TestType.js +19 -20
- package/src/models/TestType.js.map +1 -1
package/package.json
CHANGED
package/src/models/TestType.d.ts
CHANGED
|
@@ -1,13 +1,13 @@
|
|
|
1
1
|
export declare enum TestType {
|
|
2
2
|
AMAZON_S3_TAKEOVER = "amazon_s3_takeover",
|
|
3
|
-
|
|
3
|
+
BROKEN_OBJECT_PROPERTY_LEVEL_AUTHORIZATION = "bopla",
|
|
4
4
|
BROKEN_ACCESS_CONTROL = "broken_access_control",
|
|
5
|
-
|
|
6
|
-
|
|
5
|
+
BROKEN_SAML_AUTHENTICATION = "broken_saml_auth",
|
|
6
|
+
BROKEN_JWT_AUTHENTICATION = "jwt",
|
|
7
7
|
BRUTE_FORCE_LOGIN = "brute_force_login",
|
|
8
8
|
BUSINESS_CONSTRAINT_BYPASS = "business_constraint_bypass",
|
|
9
9
|
COOKIE_SECURITY = "cookie_security",
|
|
10
|
-
|
|
10
|
+
CROSS_SITE_REQUEST_FORGERY = "csrf",
|
|
11
11
|
CSS_INJECTION = "css_injection",
|
|
12
12
|
DATE_MANIPULATION = "date_manipulation",
|
|
13
13
|
EMAIL_INJECTION = "email_injection",
|
|
@@ -21,26 +21,25 @@ export declare enum TestType {
|
|
|
21
21
|
IFRAME_INJECTION = "iframe_injection",
|
|
22
22
|
IMPROPER_ASSET_MANAGEMENT = "improper_asset_management",
|
|
23
23
|
INSECURE_OUTPUT_HANDLING = "insecure_output_handling",
|
|
24
|
-
|
|
25
|
-
|
|
26
|
-
LRRL = "lrrl",
|
|
24
|
+
LDAP_INJECTION = "ldapi",
|
|
25
|
+
LOCAL_FILE_INCLUSION = "lfi",
|
|
27
26
|
MASS_ASSIGNMENT = "mass_assignment",
|
|
28
|
-
|
|
27
|
+
MONGODB_INJECTION = "nosql",
|
|
29
28
|
OPEN_CLOUD_STORAGE = "open_cloud_storage",
|
|
30
|
-
|
|
31
|
-
|
|
29
|
+
EXPOSED_DATABASE_DETAILS = "open_database",
|
|
30
|
+
OS_COMMAND_INJECTION = "osi",
|
|
32
31
|
PASSWORD_RESET_POISONING = "password_reset_poisoning",
|
|
33
32
|
PROMPT_INJECTION = "prompt_injection",
|
|
34
|
-
|
|
35
|
-
|
|
36
|
-
|
|
37
|
-
|
|
33
|
+
JS_PROTOTYPE_POLLUTION = "proto_pollution",
|
|
34
|
+
REMOTE_FILE_INCLUSION = "rfi",
|
|
35
|
+
SQL_INJECTION = "sqli",
|
|
36
|
+
SECRET_TOKENS_LEAK = "secret_tokens",
|
|
38
37
|
SERVER_SIDE_JS_INJECTION = "server_side_js_injection",
|
|
39
|
-
|
|
40
|
-
|
|
41
|
-
|
|
38
|
+
SERVER_SIDE_REQUEST_FORGERY = "ssrf",
|
|
39
|
+
SERVER_SIDE_TEMPLATE_INJECTION = "ssti",
|
|
40
|
+
STORED_CROSS_SITE_SCRIPTING = "stored_xss",
|
|
42
41
|
UNVALIDATED_REDIRECT = "unvalidated_redirect",
|
|
43
|
-
|
|
44
|
-
|
|
45
|
-
|
|
42
|
+
XPATH_INJECTION = "xpathi",
|
|
43
|
+
XML_EXTERNAL_ENTITY_INJECTION = "xxe",
|
|
44
|
+
CROSS_SITE_SCRIPTING = "xss"
|
|
46
45
|
}
|
package/src/models/TestType.js
CHANGED
|
@@ -4,14 +4,14 @@ exports.TestType = void 0;
|
|
|
4
4
|
var TestType;
|
|
5
5
|
(function (TestType) {
|
|
6
6
|
TestType["AMAZON_S3_TAKEOVER"] = "amazon_s3_takeover";
|
|
7
|
-
TestType["
|
|
7
|
+
TestType["BROKEN_OBJECT_PROPERTY_LEVEL_AUTHORIZATION"] = "bopla";
|
|
8
8
|
TestType["BROKEN_ACCESS_CONTROL"] = "broken_access_control";
|
|
9
|
-
TestType["
|
|
10
|
-
TestType["
|
|
9
|
+
TestType["BROKEN_SAML_AUTHENTICATION"] = "broken_saml_auth";
|
|
10
|
+
TestType["BROKEN_JWT_AUTHENTICATION"] = "jwt";
|
|
11
11
|
TestType["BRUTE_FORCE_LOGIN"] = "brute_force_login";
|
|
12
12
|
TestType["BUSINESS_CONSTRAINT_BYPASS"] = "business_constraint_bypass";
|
|
13
13
|
TestType["COOKIE_SECURITY"] = "cookie_security";
|
|
14
|
-
TestType["
|
|
14
|
+
TestType["CROSS_SITE_REQUEST_FORGERY"] = "csrf";
|
|
15
15
|
TestType["CSS_INJECTION"] = "css_injection";
|
|
16
16
|
TestType["DATE_MANIPULATION"] = "date_manipulation";
|
|
17
17
|
TestType["EMAIL_INJECTION"] = "email_injection";
|
|
@@ -25,27 +25,26 @@ var TestType;
|
|
|
25
25
|
TestType["IFRAME_INJECTION"] = "iframe_injection";
|
|
26
26
|
TestType["IMPROPER_ASSET_MANAGEMENT"] = "improper_asset_management";
|
|
27
27
|
TestType["INSECURE_OUTPUT_HANDLING"] = "insecure_output_handling";
|
|
28
|
-
TestType["
|
|
29
|
-
TestType["
|
|
30
|
-
TestType["LRRL"] = "lrrl";
|
|
28
|
+
TestType["LDAP_INJECTION"] = "ldapi";
|
|
29
|
+
TestType["LOCAL_FILE_INCLUSION"] = "lfi";
|
|
31
30
|
TestType["MASS_ASSIGNMENT"] = "mass_assignment";
|
|
32
|
-
TestType["
|
|
31
|
+
TestType["MONGODB_INJECTION"] = "nosql";
|
|
33
32
|
TestType["OPEN_CLOUD_STORAGE"] = "open_cloud_storage";
|
|
34
|
-
TestType["
|
|
35
|
-
TestType["
|
|
33
|
+
TestType["EXPOSED_DATABASE_DETAILS"] = "open_database";
|
|
34
|
+
TestType["OS_COMMAND_INJECTION"] = "osi";
|
|
36
35
|
TestType["PASSWORD_RESET_POISONING"] = "password_reset_poisoning";
|
|
37
36
|
TestType["PROMPT_INJECTION"] = "prompt_injection";
|
|
38
|
-
TestType["
|
|
39
|
-
TestType["
|
|
40
|
-
TestType["
|
|
41
|
-
TestType["
|
|
37
|
+
TestType["JS_PROTOTYPE_POLLUTION"] = "proto_pollution";
|
|
38
|
+
TestType["REMOTE_FILE_INCLUSION"] = "rfi";
|
|
39
|
+
TestType["SQL_INJECTION"] = "sqli";
|
|
40
|
+
TestType["SECRET_TOKENS_LEAK"] = "secret_tokens";
|
|
42
41
|
TestType["SERVER_SIDE_JS_INJECTION"] = "server_side_js_injection";
|
|
43
|
-
TestType["
|
|
44
|
-
TestType["
|
|
45
|
-
TestType["
|
|
42
|
+
TestType["SERVER_SIDE_REQUEST_FORGERY"] = "ssrf";
|
|
43
|
+
TestType["SERVER_SIDE_TEMPLATE_INJECTION"] = "ssti";
|
|
44
|
+
TestType["STORED_CROSS_SITE_SCRIPTING"] = "stored_xss";
|
|
46
45
|
TestType["UNVALIDATED_REDIRECT"] = "unvalidated_redirect";
|
|
47
|
-
TestType["
|
|
48
|
-
TestType["
|
|
49
|
-
TestType["
|
|
46
|
+
TestType["XPATH_INJECTION"] = "xpathi";
|
|
47
|
+
TestType["XML_EXTERNAL_ENTITY_INJECTION"] = "xxe";
|
|
48
|
+
TestType["CROSS_SITE_SCRIPTING"] = "xss";
|
|
50
49
|
})(TestType || (exports.TestType = TestType = {}));
|
|
51
50
|
//# sourceMappingURL=TestType.js.map
|
|
@@ -1 +1 @@
|
|
|
1
|
-
{"version":3,"file":"TestType.js","sourceRoot":"","sources":["../../../../../packages/scan/src/models/TestType.ts"],"names":[],"mappings":";;;AAAA,IAAY,
|
|
1
|
+
{"version":3,"file":"TestType.js","sourceRoot":"","sources":["../../../../../packages/scan/src/models/TestType.ts"],"names":[],"mappings":";;;AAAA,IAAY,QA4CX;AA5CD,WAAY,QAAQ;IAClB,qDAAyC,CAAA;IACzC,gEAAoD,CAAA;IACpD,2DAA+C,CAAA;IAC/C,2DAA+C,CAAA;IAC/C,6CAAiC,CAAA;IACjC,mDAAuC,CAAA;IACvC,qEAAyD,CAAA;IACzD,+CAAmC,CAAA;IACnC,+CAAmC,CAAA;IACnC,2CAA+B,CAAA;IAC/B,mDAAuC,CAAA;IACvC,+CAAmC,CAAA;IACnC,+DAAmD,CAAA;IACnD,uCAA2B,CAAA;IAC3B,yDAA6C,CAAA;IAC7C,2DAA+C,CAAA;IAC/C,6CAAiC,CAAA;IACjC,uDAA2C,CAAA;IAC3C,6CAAiC,CAAA;IACjC,iDAAqC,CAAA;IACrC,mEAAuD,CAAA;IACvD,iEAAqD,CAAA;IACrD,oCAAwB,CAAA;IACxB,wCAA4B,CAAA;IAC5B,+CAAmC,CAAA;IACnC,uCAA2B,CAAA;IAC3B,qDAAyC,CAAA;IACzC,sDAA0C,CAAA;IAC1C,wCAA4B,CAAA;IAC5B,iEAAqD,CAAA;IACrD,iDAAqC,CAAA;IACrC,sDAA0C,CAAA;IAC1C,yCAA6B,CAAA;IAC7B,kCAAsB,CAAA;IACtB,gDAAoC,CAAA;IACpC,iEAAqD,CAAA;IACrD,gDAAoC,CAAA;IACpC,mDAAuC,CAAA;IACvC,sDAA0C,CAAA;IAC1C,yDAA6C,CAAA;IAC7C,sCAA0B,CAAA;IAC1B,iDAAqC,CAAA;IACrC,wCAA4B,CAAA;AAC9B,CAAC,EA5CW,QAAQ,wBAAR,QAAQ,QA4CnB"}
|