Supported Security Tests and Vulnerability Categories¶
Escape covers thousands of test scenarios across 274 vulnerability categories (security assessments).
Each test contains different attack scenarios and payloads that's adapted to the logic of your application.
In the ASM, almost all the security tests are supported, but the underlying exploration algorithms are way less deep as the main goal of the ASM explore the organization wide scope.
| Name | Category | GraphQL | REST | WebApp | ASM |
|---|---|---|---|---|---|
| Loading security tests data... | |||||
Showing 0 of 0 security tests
Index¶
- Airflow Config Exposure
- Alibaba Canal Leak
- Ansible Config Exposure
- Appspec Exposure
- Appveyor Config Exposure
- AWS Access Token
- AWS Config Exposure
- AWS Docker Config Exposure
- AWStats Config Exposure
- AWStats Exposure
- Broken Object Level Authorization
- Command Injection
- CORS
- ZenML ZenML Server - Improper Authentication
- Change Detection - Server Side Template Injection
- Veeam Backup & Replication - Unauthenticated
- Debug mode
- Directory traversal
- Exposed JWT Token
- Exposed MySQL Config
- Exposed settings.php
- Exposed SQL Dumps
- File disclosure
- Cache Control Header
- Content Security Policy Header
- Content-Type header
- Cookie Security
- Strict Transport Security
- X-Content-Type-Options
- X-Frame-Options header
- High number of Custom Scalars
- High number of PCI
- High number of PHI
- High number of PII
- High number of Secrets
- JWT algorithm confusion
- JWT no algorithm
- JWT Signature check
- Possible User Enumeration
- Mass Assignment
- NoSQL Injection
- Pagination missing
- Positive integer validation
- Private data
- Private IP
- Response size
- Server Error
- Software Component Leak
- Springboot Actuator Disclosure of Thread Dump
- Springboot Actuator Disclosure of Environment
- Springboot Actuator Heapdump
- Springboot Actuator Disclosure of Logfile
- Springboot Actuator Disclosure of Mappings
- Springboot Actuator Restart Misconfiguration
- Springboot Actuator Shutdown Misconfiguration
- Springboot Actuator Disclosure of Trace
- SQL Injection
- SSL Certificate
- Server Side Request Forgery
- SSTI (Server-Side Template Injection)
- Stacktrace
- Stored XSS Injection
- Tenant isolation
- Security timeout
- Unreachable server
- WAF Bypass
- WordPress oEmbed Endpoint Exposure
- WordPress RDF Feed Users Exposed
- WordPress REST API Users Exposed
- WordPress wp-cron Exposed
- WordPress xmlrpc.php Exposed
- XXE Injection
- Adminer Default Login - Detect
- Apache Airflow Default Login
- Apache Airflow v3 Default Login
- Angular Development Build
- Apache Apollo - Default Login
- Apache Druid - Remote Code Execution (Apache Log4j)
- Apache Flink - Remote Code Execution
- Apache HertzBeat - Default Credentials
- Apache NiFi - Remote Code Execution
- Apache OFBiz - JNDI Remote Code Execution (Apache Log4j)
- Apache Solr <=8.8.1 - Local File Inclusion
- Apache Solr 7+ - Remote Code Execution (Apache Log4j)
- Apache Solr 9.1 - Remote Code Execution
- Apache Apisix Admin - Default Login
- Arcade.php - SQL Injection
- ASP.NET ViewState Encryption
- ASP.NET ViewState MAC Validation Disabled
- BSPHP - Information Disclosure
- Apache CloudStack - Default Login
- CodiMD - File Upload
- Compromised Supply Chain
- Exposed JSON Configuration Files
- Console Error
- Crashing Page
- Apache Log4j2 Remote Code Injection
- DbGate Web Client - Unauthenticated Remote Command Execution
- Django Secret Key Exposure
- Apache DolphinScheduler Default Login
- Apache Doris - Default Login
- Drupal 7 Elfinder - Remote Code Execution
- Drupal Avatar Uploader - Cross-Site Scripting
- Apache Dubbo - Default Admin Discovery
- EasyImage down.php - Arbitrary File Read
- Fanwei OA E-Office - Information Disclosure
- ElasticSearch - Default Login
- Esafenet CDG mysql - File Read
- Excessive Browser Permissions
- Exposed Config File
- Exposed Source Map
- Weak Flask Session Secret
- Broken Object Level Authorization
- Command Injection
- CRLF Injection
- CSRF Get Based
- CSRF Post Based
- Domain Takeover
- Cookie Security
- Insecure WebSocket Connection
- NoSQL Injection
- Open redirection Forgery
- Vulnerable JavaScript Library
- Server Error
- Software Component Leak
- SQL Injection
- SSL enforced
- Server Side Request Forgery via Frontend
- Security timeout
- XSS via Domain Takeover
- GeoVision Geowebserver <= 5.3.3 - Local File Inclusion / Cross-Site Scripting
- Git Metadata Directory Exposure
- Gitlab Default Login
- GLPI Default Login
- Grafana Default Login
- Frontend Guessable Cookie Value
- HTML Injection
- Frontend HTTP Parameter Pollution
- Client Side Prototype Pollution
- Frontend Template Injection
- XSS Injection
- XSS via Query Parameter
- Infoblox NetMRI < 7.6.1 - Remote Code Execution via Hardcoded Ruby Cookie Secret Key
- IoTaWatt Configuration App Exposure
- Jenkins Default Login
- Jolokia <= 1.7.1 Information Leakage
- Joomla! com_booking component 2.4.9 - Information Leak
- Joomla! com_fabrik 3.9.11 - Local File Inclusion
- Joomla
departments- SQL Injection
- Joomla! Component Easy Shop 1.2.3 - Local File Inclusion
- Joomla iProperty Real Estate 4.1.1 - Cross-Site Scripting
- Joomla JLex Review 6.0.1 - Cross-Site Scripting
- Joomla jMarket 5.15 - Cross-Site Scripting
- Joomla JoomBri Careers 3.3.0 - Cross-Site Scripting
- Joomla! Component com_sef - Local File Inclusion
- Joomla JVTwitter - Cross-Site Scripting
- Joomla MarvikShop ShoppingCart 3.4 - Sql Injection
- Joomla MarvikShop ShoppingCart 3.4 - Cross-Site Scripting
- Joomla Solidres 2.13.3 - Cross-Site Scripting
- Jupyter Notebook - Remote Command Execution
- Apache Kafka Center Default Login
- Apache Karaf - Default Login
- kkFileView 4.0.0 - Server-Side Request Forgery
- Apache Kylin Console - Default Login
- Lucee < 6.0.1.59 - Remote Code Execution
- Malwared BYOB - Unauthenticated Remote Code Execution
- Microsoft Access Database File - Detect
- Minio Default Login
- Nginx Server - Local File Inclusion
- Nginx Virtual Host Traffic Status Module - Cross-Site Scripting
- Nginx Proxy Manager - Default Login
- nginxWebUI ≤ 3.5.0 - Remote Command Execution
- nginxWebUI ≤ 3.5.0 runCmd - Remote Command Execution
- Node ecstatic Internal Path - Exposure
- Node-Red - Default Login
- OpenMediaVault - Default Login
- OpenSearch Dashboard - Default Login
- Password Field Autocompletion
- PHP Timeclock <=1.04 - Cross-Site Scripting
- Xdebug remote code execution via xdebug.remote_connect_back
- PHP 8.1.0-dev - Backdoor Remote Code Execution
- PHP LDAP Admin < 1.2.5 - Cross-Site Scripting
- phpMyAdmin - Default Login
- PhpMyAdmin - Unauthenticated Access
- PHPOK - SQL Injection
- phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion
- Private key exposure via helper detector
- RabbitMQ Default Login
- Ruby on Rails - CRLF Injection and Cross-Site Scripting
- Apache Ranger - Default Login
- React2Shell CVE-2025-55182 - Shell RCE
- React2Shell CVE-2025-55182 - Javascript RCE
- React Development Build
- Reflected URL Parameter
- Request URL Override
- Rundeck - Default Login
- Joomla! CMS <=3.4.6 - Remote Code Execution
- Sangfor Log Center - Remote Command Execution
- Secret Token Ruby - File Disclosure
- Seeyon OA A6 createMysql.jsp Database - Information Disclosure
- Selenium - Node Exposure
- Self Signed SSL Certificate
- Sensitive Comments
- SonarQube Default Login - Detect
- SQL Injection (Oracle-Based)
- Subresource Integrity Missing
- Svelte Development Build
- ThinkPHP 6.0.0~6.0.1 - Arbitrary File Write
- ThinkPHP ⅔ - Remote Code Execution
- ThinkPHP 5.0.1 - Remote Code Execution
- ThinkPHP 5.0.23 - Remote Code Execution
- ThinkPHP 5.0.9 - Information Disclosure
- Apache Tomcat Manager Default Login
- Apache Tomcat - Default Login Discovery
- TOTOLINK N150RT - Password Exposure
- Twig PHP <2.4.4 template engine - SSTI
- Twonky Server - Exposure
- Unsafe Function Use
- Vue.js Development Build
- OA E-Office mysql_config.ini - Information Disclosure
- Webmin - Default Login
- WordPress wp-config Detection
- WordPress Plugin "AffiliateWP -- Allowed Products" Log Disclosure
- WordPress DB Backup
- WordPress DB Backup
- Wordpress DB Repair Exposed
- WordPress Debug Log - Exposure
- Social Metrics Tracker <= 1.6.8 - Unauthorised Data Export
- Wordpress Oembed Proxy - Server-side request forgery
- WordPress Total Upkeep Database and Files Backup Download
- WordPress Wordfence 7.4.5 - Local File Inclusion
- Wordpress Wordfence - Cross-Site Scripting
- WordPress Wordfence 7.4.6 - Cross0Site Scripting
- Zebra_Form PHP Library <= 2.9.8 - Cross-Site Scripting
- WordPress Woody Code Snippets <2.4.6 - Cross-Site Scripting
- WordPress PHPFreeChat 0.2.8 - Cross-Site Scripting
- XSS Injection
- Zabbix Default Login
- Character Limit
- CSRF Get Based
- CSRF Post Based
- GraphQL Alias Limit
- GraphQL Batch Limit
- GraphQL Cyclic Recursive Query
- GraphQL Directive Overloading
- GraphQL Field Duplication
- GraphQL Field Suggestion
- GraphQL Recursive Fragment
- GraphQL IDE
- Introspection enabled
- DNS record DKIM
- DNS record DMARC
- DNS Rebinding Attack
- DNS record private IP
- DNS record TXT length
- DNS record TXT sensitive
- DNSSEC not enabled
- Domain Takeover
- HTTP/2 Not Supported
- HTTP without HTTPS Redirect
- DNS record loopback
- MCP Server Accessible Without Authentication
- Default MSSQL Credentials
- Exposed MSSQL Server
- Default MySQL Credentials
- Exposed MySQL Server
- DNS record permissive SPF
- Default PostgreSQL Credentials
- Exposed PostgreSQL Server
- Spoofable SPF Records with PTR Mechanism
- Default SSH Credentials
- Open SSH Server
- Enabled SSH Password Authentication
- SSL enforced