Skip to content

Supported Security Tests and Vulnerability Categories

Escape covers thousands of test scenarios across 289 vulnerability categories (security assessments).

Each test contains different attack scenarios and payloads that's adapted to the logic of your application.

In the ASM, almost all the security tests are supported, but the underlying exploration algorithms are way less deep as the main goal of the ASM explore the organization wide scope.

Name Category GraphQL REST WebApp ASM
Loading security tests data...
Showing 0 of 0 security tests

Index

  •    Access Control Vulnerability

  •    Leaked Apache Airflow Configuration Page

  •    Leaked Alibaba Canal Config

  •    Leaked Ansible Configuration Page

  •    Leaked Appspec YML/YAML

  •    Leaked AppVeyor Configuration Page

  •    AWS Access Token

  •    Leaked AWS Configuration

  •    Leaked Dockerrun AWS Configuration Page

  •    Leaked AWStats Script Config

  •    Leaked AWStats Config

  •    Broken Object Level Authorization

  •    Command Injection

  •    Command Injection

  •    CORS

  •    ZenML ZenML Server - Improper Authentication

  •    Change Detection - Server Side Template Injection

  •    Veeam Backup & Replication - Unauthenticated

  •    Debug mode

  •    Directory Traversal

  •    Exposed JWT Token

  •    Leaked mysql.initial Config

  •    Leaked settings.php

  •    Leaked MySQL Dump Files

  •    File disclosure

  •    Misconfigured Cache Control Header

  •    Missing Content Security Policy Header

  •    Content-Type header

  •    Misconfigured Set-Cookie Header

  •    Misconfigured Strict-Transport-Security Header

  •    Misconfigured X-Content-Type-Options Header

  •    Misconfigured X-Frame-Options Header

  •    High number of Custom Scalars

  •    High number of Payment Card Industry Data

  •    High number of Personal Health Information

  •    High number of Personal Identifiable Information

  •    High number of Secrets

  •    JWT algorithm confusion

  •    JWT no algorithm

  •    JWT Signature check

  •    Possible User Enumeration

  •    LLM Command Injection

  •    LLM Insecure Output Handling

  •    LLM Prompt Injection

  •    LLM-Enabled Server-Side Request Forgery

  •    LLM System Prompt Leakage

  •    LLM Tool / Function-Calling Exposure

  •    Mass Assignment

  •    Multi User Access Control

  •    NoSQL Injection Stored

  •    Pagination missing

  •    Invalid integer format

  •    Private data

  •    Private IP Disclosure

  •    Response Size Exceeded

  •    Server Error

  •    Header Leak

  •    Leaked Actuator Spring Boot Dump

  •    Leaked Spring Boot Actuator Environment

  •    Leaked Actuator Spring Boot Heapdump

  •    Leaked Spring Boot Actuator Logfile

  •    Leaked Spring Boot Actuator Mappings

  •    Actuator Spring Boot Remote Restart

  •    Actuator Spring Boot Remote Shutdown

  •    Leaked Actuator Spring Boot Trace

  •    SQL Injection

  •    SQL Injection

  •    SSL Certificate

  •    SSL Certificate

  •    Server Side Request Forgery

  •    Server-Side Request Forgery

  •    SSTI (Server-Side Template Injection)

  •    Stacktrace disclosed

  •    Stored XSS Injection

  •    Triggered timeout

  •    Unreachable server

  •    WAF Bypass

  •    WordPress oEmbed Endpoint

  •    WordPress RDF Feed Users

  •    WordPress REST API Users

  •    WordPress wp-cron Exposed

  •    WordPress xmlrpc.php Exposed

  •    XSS Injection

  •    XXE Injection

  •    Adminer Default Login - Detect

  •    Apache Airflow Default Login

  •    Apache Airflow v3 Default Login

  •    Angular Development Build

  •    Apache Apollo - Default Login

  •    Apache Druid - Remote Code Execution (Apache Log4j)

  •    Apache Flink - Remote Code Execution

  •    Apache HertzBeat - Default Credentials

  •    Apache NiFi - Remote Code Execution

  •    Apache OFBiz - JNDI Remote Code Execution (Apache Log4j)

  •    Apache Solr <=8.8.1 - Local File Inclusion

  •    Apache Solr 7+ - Remote Code Execution (Apache Log4j)

  •    Apache Solr 9.1 - Remote Code Execution

  •    Apache Apisix Admin - Default Login

  •    Arcade.php - SQL Injection

  •    ASP.NET ViewState Encryption

  •    ASP.NET ViewState MAC Validation Disabled

  •    BSPHP - Information Disclosure

  •    Apache CloudStack - Default Login

  •    CodiMD - File Upload

  •    Compromised Supply Chain

  •    Exposed JSON Configuration Files

  •    Console Error

  •    Crashing Page

  •    Apache Log4j2 Remote Code Injection

  •    DbGate Web Client - Unauthenticated Remote Command Execution

  •    Django Secret Key Exposure

  •    Apache DolphinScheduler Default Login

  •    Apache Doris - Default Login

  •    Drupal 7 Elfinder - Remote Code Execution

  •    Drupal Avatar Uploader - Cross-Site Scripting

  •    Apache Dubbo - Default Admin Discovery

  •    EasyImage down.php - Arbitrary File Read

  •    Fanwei OA E-Office - Information Disclosure

  •    ElasticSearch - Default Login

  •    Esafenet CDG mysql - File Read

  •    Excessive Browser Permissions

  •    Exposed Config File

  •    Exposed Source Map

  •    Weak Flask Session Secret

  •    Broken Object Level Authorization

  •    Command Injection

  •    CRLF Injection

  •    GET based CSRF

  •    POST based CSRF

  •    Domain Takeover

  •    Misconfigured Set-Cookie Header

  •    Insecure WebSocket Connection

  •    NoSQL Injection Stored

  •    Open redirection Forgery via Frontend

  •    Vulnerable JavaScript Library

  •    Frontend Server Error

  •    JavaScript Library

  •    SQL Injection

  •    Insecure HTTP Request

  •    Server Side Request Forgery via Frontend

  •    Triggered timeout

  •    XSS via Domain Takeover

  •    GeoVision Geowebserver <= 5.3.3 - Local File Inclusion / Cross-Site Scripting

  •    Git Metadata Directory Exposure

  •    Gitlab Default Login

  •    GLPI Default Login

  •    Grafana Default Login

  •    Frontend Guessable Cookie Value

  •    HTML Injection

  •    Frontend HTTP Parameter Pollution

  •    Client Side Prototype Pollution

  •    Template Injection

  •    XSS Injection

  •    XSS via Query Parameter

  •    XSS via Reflected Input

  •    Infoblox NetMRI < 7.6.1 - Remote Code Execution via Hardcoded Ruby Cookie Secret Key

  •    IoTaWatt Configuration App Exposure

  •    Jenkins Default Login

  •    Jolokia <= 1.7.1 Information Leakage

  •    Joomla! com_booking component 2.4.9 - Information Leak

  •    Joomla! com_fabrik 3.9.11 - Local File Inclusion

  •    Joomla departments - SQL Injection

  •    Joomla! Component Easy Shop 1.2.3 - Local File Inclusion

  •    Joomla iProperty Real Estate 4.1.1 - Cross-Site Scripting

  •    Joomla JLex Review 6.0.1 - Cross-Site Scripting

  •    Joomla jMarket 5.15 - Cross-Site Scripting

  •    Joomla JoomBri Careers 3.3.0 - Cross-Site Scripting

  •    Joomla! Component com_sef - Local File Inclusion

  •    Joomla JVTwitter - Cross-Site Scripting

  •    Joomla MarvikShop ShoppingCart 3.4 - Sql Injection

  •    Joomla MarvikShop ShoppingCart 3.4 - Cross-Site Scripting

  •    Joomla Solidres 2.13.3 - Cross-Site Scripting

  •    Sensitive Data Leak in JavaScript Bundle

  •    Jupyter Notebook - Remote Command Execution

  •    Apache Kafka Center Default Login

  •    Apache Karaf - Default Login

  •    kkFileView 4.0.0 - Server-Side Request Forgery

  •    Apache Kylin Console - Default Login

  •    Lucee < 6.0.1.59 - Remote Code Execution

  •    Malwared BYOB - Unauthenticated Remote Code Execution

  •    Microsoft Access Database File - Detect

  •    Minio Default Login

  •    Nginx Server - Local File Inclusion

  •    Nginx Virtual Host Traffic Status Module - Cross-Site Scripting

  •    Nginx Proxy Manager - Default Login

  •    nginxWebUI ≤ 3.5.0 - Remote Command Execution

  •    nginxWebUI ≤ 3.5.0 runCmd - Remote Command Execution

  •    Node ecstatic Internal Path - Exposure

  •    Node-Red - Default Login

  •    OpenMediaVault - Default Login

  •    OpenSearch Dashboard - Default Login

  •    Password Field Autocompletion

  •    PHP Timeclock <=1.04 - Cross-Site Scripting

  •    Xdebug remote code execution via xdebug.remote_connect_back

  •    PHP 8.1.0-dev - Backdoor Remote Code Execution

  •    PHP LDAP Admin < 1.2.5 - Cross-Site Scripting

  •    phpMyAdmin - Default Login

  •    PhpMyAdmin - Unauthenticated Access

  •    PHPOK - SQL Injection

  •    phpwiki 1.5.4 - Cross-Site Scripting/Local File Inclusion

  •    Vulnerable Dependency Detected

  •    Private key exposure via helper detector

  •    RabbitMQ Default Login

  •    Ruby on Rails - CRLF Injection and Cross-Site Scripting

  •    Apache Ranger - Default Login

  •    React2Shell CVE-2025-55182 - Shell RCE

  •    React2Shell CVE-2025-55182 - Javascript RCE

  •    React Development Build

  •    Reflected URL Parameter

  •    Request URL Override

  •    Rundeck - Default Login

  •    Joomla! CMS <=3.4.6 - Remote Code Execution

  •    Sangfor Log Center - Remote Command Execution

  •    Secret Token Ruby - File Disclosure

  •    Seeyon OA A6 createMysql.jsp Database - Information Disclosure

  •    Selenium - Node Exposure

  •    Self Signed SSL Certificate

  •    Sensitive Comments

  •    SonarQube Default Login - Detect

  •    SQL Injection (Oracle-Based)

  •    Missing Subresource Integrity

  •    Svelte Development Build

  •    ThinkPHP 6.0.0~6.0.1 - Arbitrary File Write

  •    ThinkPHP ⅔ - Remote Code Execution

  •    ThinkPHP 5.0.1 - Remote Code Execution

  •    ThinkPHP 5.0.23 - Remote Code Execution

  •    ThinkPHP 5.0.9 - Information Disclosure

  •    Apache Tomcat Manager Default Login

  •    Apache Tomcat - Default Login Discovery

  •    TOTOLINK N150RT - Password Exposure

  •    Twig PHP <2.4.4 template engine - SSTI

  •    Twonky Server - Exposure

  •    Unsafe Function Use

  •    Vue.js Development Build

  •    OA E-Office mysql_config.ini - Information Disclosure

  •    Webmin - Default Login

  •    WordPress wp-config Detection

  •    WordPress Plugin "AffiliateWP -- Allowed Products" Log Disclosure

  •    WordPress DB Backup

  •    WordPress DB Backup

  •    Wordpress DB Repair Exposed

  •    WordPress Debug Log - Exposure

  •    Social Metrics Tracker <= 1.6.8 - Unauthorised Data Export

  •    Wordpress Oembed Proxy - Server-side request forgery

  •    WordPress Total Upkeep Database and Files Backup Download

  •    WordPress Wordfence 7.4.5 - Local File Inclusion

  •    Wordpress Wordfence - Cross-Site Scripting

  •    WordPress Wordfence 7.4.6 - Cross0Site Scripting

  •    Zebra_Form PHP Library <= 2.9.8 - Cross-Site Scripting

  •    WordPress Woody Code Snippets <2.4.6 - Cross-Site Scripting

  •    WordPress PHPFreeChat 0.2.8 - Cross-Site Scripting

  •    Zabbix Default Login

  •    Character limit

  •    GET based CSRF

  •    POST based CSRF

  •    GraphQL Alias Limit

  •    GraphQL Batch Limit

  •    GraphQL Cyclic Recursive Query

  •    GraphQL Directive Overloading

  •    GraphQL Field Duplication

  •    GraphQL Field Suggestion

  •    GraphQL Recursive Fragment

  •    GraphQL IDE

  •    Introspection enabled

  •    DNS record DKIM

  •    DNS record DMARC

  •    DNS Rebinding Attack

  •    DNS record private IP

  •    DNS record TXT length

  •    DNS record TXT sensitive

  •    DNSSEC not enabled

  •    XSS via Domain Takeover

  •    HTTP/2 Not Supported

  •    HTTP without HTTPS Redirect

  •    API Endpoint Exposed in JavaScript Bundle

  •    DNS record loopback

  •    MCP Server Accessible Without Authentication

  •    Default MSSQL Credentials

  •    Exposed MSSQL Server

  •    Default MySQL Credentials

  •    Exposed MySQL Server

  •    DNS record permissive SPF

  •    Default PostgreSQL Credentials

  •    Exposed PostgreSQL Server

  •    Agentic Replay

  •    Spoofable SPF Records with PTR Mechanism

  •    Default SSH Credentials

  •    Open SSH Server

  •    Enabled SSH Password Authentication