opencode-api-security-testing 4.0.1 → 5.0.0
This diff represents the content of publicly available package versions that have been released to one of the supported registries. The information contained in this diff is provided for informational purposes only and reflects changes between package versions as they appear in their respective public registries.
- package/package.json +48 -47
- package/postinstall.mjs +69 -40
- package/references/references/README.md +72 -0
- package/references/references/asset-discovery.md +119 -0
- package/references/references/fuzzing-patterns.md +129 -0
- package/references/references/graphql-guidance.md +108 -0
- package/references/references/intake.md +84 -0
- package/references/references/pua-agent.md +192 -0
- package/references/references/report-template.md +156 -0
- package/references/references/rest-guidance.md +76 -0
- package/references/references/severity-model.md +76 -0
- package/references/references/test-matrix.md +86 -0
- package/references/references/validation.md +78 -0
- package/references/references/vulnerabilities/01-sqli-tests.md +1128 -0
- package/references/references/vulnerabilities/02-user-enum-tests.md +423 -0
- package/references/references/vulnerabilities/03-jwt-tests.md +499 -0
- package/references/references/vulnerabilities/04-idor-tests.md +362 -0
- package/references/references/vulnerabilities/05-sensitive-data-tests.md +466 -0
- package/references/references/vulnerabilities/06-biz-logic-tests.md +501 -0
- package/references/references/vulnerabilities/07-security-config-tests.md +511 -0
- package/references/references/vulnerabilities/08-brute-force-tests.md +457 -0
- package/references/references/vulnerabilities/09-vulnerability-chains.md +465 -0
- package/references/references/vulnerabilities/10-auth-tests.md +537 -0
- package/references/references/vulnerabilities/11-graphql-tests.md +355 -0
- package/references/references/vulnerabilities/12-ssrf-tests.md +396 -0
- package/references/references/vulnerabilities/README.md +148 -0
- package/references/references/workflows.md +192 -0
- package/src/index.ts +153 -25
- package/src/src/index.ts +535 -0
|
@@ -0,0 +1,78 @@
|
|
|
1
|
+
# Validation Guidance
|
|
2
|
+
|
|
3
|
+
验证和分类发现。
|
|
4
|
+
|
|
5
|
+
## 报告标准
|
|
6
|
+
|
|
7
|
+
仅报告有足够支持的问题:
|
|
8
|
+
|
|
9
|
+
### 必须包含
|
|
10
|
+
|
|
11
|
+
- **受影响资产**: 具体的 API endpoint 或操作
|
|
12
|
+
- **证据**: 请求/响应样本
|
|
13
|
+
- **复现路径**: 清晰的步骤
|
|
14
|
+
- **影响**: 现实世界的影响
|
|
15
|
+
- **置信级别**: 确认/高/中/低/假设
|
|
16
|
+
|
|
17
|
+
### 证据不完整时
|
|
18
|
+
|
|
19
|
+
- 标记为假设 (hypothesis)、弱信号 (weak signal) 或可能问题 (likely issue)
|
|
20
|
+
- 明确解释确认所需内容
|
|
21
|
+
|
|
22
|
+
### 不要
|
|
23
|
+
|
|
24
|
+
- 从模糊行为夸大严重性
|
|
25
|
+
- 基于不完整的证据做强声明
|
|
26
|
+
- 假设最坏情况
|
|
27
|
+
|
|
28
|
+
## 置信级别
|
|
29
|
+
|
|
30
|
+
| 级别 | 标准 |
|
|
31
|
+
|------|------|
|
|
32
|
+
| **确认 (Confirmed)** | 完整的 PoC、明确的证据 |
|
|
33
|
+
| **高 (High)** | 强指标、合理推断 |
|
|
34
|
+
| **中 (Medium)** | 中等指标、需要更多验证 |
|
|
35
|
+
| **低 (Low)** | 弱指标、可能是误报 |
|
|
36
|
+
| **假设 (Hypothesis)** | 基于观察的推断、需要进一步调查 |
|
|
37
|
+
|
|
38
|
+
## 影响评估
|
|
39
|
+
|
|
40
|
+
### 考虑
|
|
41
|
+
|
|
42
|
+
- 攻击复杂度
|
|
43
|
+
- 用户交互需求
|
|
44
|
+
- 数据敏感性
|
|
45
|
+
- 受影响用户数量
|
|
46
|
+
- 财务/合规影响
|
|
47
|
+
|
|
48
|
+
### 避免
|
|
49
|
+
|
|
50
|
+
- 夸大威胁
|
|
51
|
+
- 基于假设的影响
|
|
52
|
+
- 不切实际的利用场景
|
|
53
|
+
|
|
54
|
+
## 验证技术
|
|
55
|
+
|
|
56
|
+
### 认证问题
|
|
57
|
+
|
|
58
|
+
- 验证 token 伪造是否可能
|
|
59
|
+
- 测试会话管理缺陷
|
|
60
|
+
- 确认账户接管场景
|
|
61
|
+
|
|
62
|
+
### 授权问题
|
|
63
|
+
|
|
64
|
+
- 测试 IDOR 是否可利用
|
|
65
|
+
- 验证水平/垂直越权
|
|
66
|
+
- 确认权限提升路径
|
|
67
|
+
|
|
68
|
+
### 输入处理
|
|
69
|
+
|
|
70
|
+
- 使用安全 payload 验证
|
|
71
|
+
- 确认漏洞触发条件
|
|
72
|
+
- 评估利用难度
|
|
73
|
+
|
|
74
|
+
### 数据泄露
|
|
75
|
+
|
|
76
|
+
- 确认敏感数据暴露
|
|
77
|
+
- 评估信息价值
|
|
78
|
+
- 检查数据聚合风险
|