Beagle
Product
Features
Why Beagle Security?
API Security Testing
GraphQL Security Testing
DevSecOps
Compliance
Cosmog: Private Tunnel
WordPress Security Testing
OWASP Security Testing
Free Security Testing
Solutions
INDUSTRIES
SaaS
Fintech
Healthcare
Education
E-commerce
ROLES
Developers
Security engineers
Pricing
Free tools
Website Security Assessment
SSL Certificate Checker
Domain Expiry Checker
Resources
Blog
Developer Docs
Help Center
Guides
Whitepapers
Vulnerability Index
Partners
Product tour
Log in
Sign up free
Product
Features
Why Beagle Security?
API Security Testing
GraphQL Security Testing
DevSecOps
Compliance
Cosmog: Private Tunnel
WordPress Security Testing
OWASP Security Testing
Free Security Testing
Solutions
INDUSTRIES
SaaS
Fintech
Healthcare
Education
E-commerce
ROLES
Developers
Security engineers
Pricing
Free tools
Website Security Assessment
SSL Certificate Checker
Domain Expiry Checker
Resources
Blog
Help Center
Developer Docs
Guides
Whitepapers
Vulnerability Index
Partners
Product tour
Log in
Sign up free
Latest Articles
Email injection attack: Impact, example & prevention
24 Mar 2023
Continue reading
AppSec
What are the common REST API security vulnerabilities?
08 Mar 2023
AppSec
The 7 Best Veracode Alternatives in the Market Today
06 Feb 2023
web security
DAST vs SAST: What are the differences and how to combine them
26 Jan 2023
Internal Penetration Testing: The Definitive Guide [2023]
19 Jan 2023
web security
The Role of Bug Tracking in Ensuring Your Web Application's Security
11 Jan 2023
web security
What is continuous penetration testing? Benefits & implementation
04 Jan 2023
Compliance
Personal Data Protection bill explained with seven expert opinions
28 Dec 2022
Web Security
Crucial Components for a Web Application Security Assessment
19 Dec 2022
HTTP headers
Access Control Request Headers
11 Dec 2022
XML Injection
XML Injection
06 Dec 2022
Top Black Friday and Cyber Monday SaaS Deals [2022]
21 Nov 2022
openssl
Patch released for the critical OpenSSL vulnerability (CVE-2022-3602 & CVE-2022-3786)
02 Nov 2022
Press
Beagle Security is now a CERT-In Empaneled Information Security Audit Provider
29 Sep 2022
DOMECTF2022
DomeCTF 2022
26 Sep 2022
Cyber Attacks
How CISCO got Attacked by Yanluowang Ransomware Gang
18 Aug 2022
Web Security
Zero-Day Vulnerabilities in Web Applications
18 Jul 2022
DevSecOps
How DevSecOps is a Key Enabler for Digital Transformation
10 Jul 2022
owasp
OWASP top ten 2017
04 Jul 2022
External redirection
02 Jul 2022
XSS
WordPress Plugin Reflected Cross Site Scripting
29 Jun 2022
SQL Injection
WordPress Authenticated SQL Injection
29 Jun 2022
Session Fixation Attack
29 Jun 2022
RFI
Remote File Inclusion
29 Jun 2022
Old Backup and Unreferenced files
29 Jun 2022
Press
Beagle Security named a Leader in G2 Summer 2022 Reports
28 Jun 2022
WordPress arbitrary file upload and download
26 Jun 2022
WordPress MediaElement Cross-Site Scripting
26 Jun 2022
WordPress Default localhost vulnerability
26 Jun 2022
WordPress Authenticated JavaScript File Upload
26 Jun 2022
Insecure FrontPage extension configuration
26 Jun 2022
Virtual hosts found
24 Jun 2022
Server-Side Includes (SSI) Injection
24 Jun 2022
owasp
Missing Function Level Access Control OWASP 2013
24 Jun 2022
SSL
Lack of HTTP Strict Transport Security(HSTS)
24 Jun 2022
Information leakage using meta tag
24 Jun 2022
CSRF
Cross-site request forgery attack
24 Jun 2022
HSTS
HTTP Strict Transport Security (HSTS) header set to less than six months
22 Jun 2022
X-XSS-Protection
X-XSS-Protection header invalid
19 Jun 2022
SSL
Renegotiation allowing to insert data into HTTPS sessions
19 Jun 2022
SSL
Lucky Thirteen attack against implementations of the Transport Layer Security
19 Jun 2022
HSTS
HTTP Strict Transport Security (HSTS) header on the invalid certificate chain
19 Jun 2022
File Handling
19 Jun 2022
CORS
Cross-Origin Resource Sharing implemented with universal access
19 Jun 2022
Content Security Policy
Content Security Policy implemented with unsafe inline
19 Jun 2022
Content Security Policy (CSP) implemented with unsafe-eval
19 Jun 2022
Content Security Policy
Content Security Policy (CSP) implemented with insecure scheme
19 Jun 2022
Content Security Policy
Content Security Policy (CSP) header cannot be parsed successfully
19 Jun 2022
Content Security Policy (CSP) implemented with the insecure scheme in passive content only
19 Jun 2022
Data Security
8 Login Tips to Stay Safe Online
16 Jun 2022
Code Execution
Spring4Shell Vulnerability: Analysis and Mitigation
08 Jun 2022
Referrer-Policy header cannot be recognized
05 Jun 2022
Client Side URL Redirect
/
HSTS
Redirection from HTTP to HTTPS to a different host preventing HSTS
05 Jun 2022
Zoom Patches “Zero-Click” RCE Bug
31 May 2022
web security
A Comprehensive Guide to Web Application Security
26 May 2022
WordPress Multiple Themes Privilege Escalation
26 May 2022
Revealing phpinfo()
24 May 2022
AI
Two-factor authentication: How Beagle Security handles 2FA security testing
08 May 2022
X-Content-Type-Options header not implemented
05 May 2022
X-Content-Type-Options header cannot be recognized
05 May 2022
SQL Injection
SQL injection(SQLi)
04 May 2022
Symantec SSL/TLS check
02 May 2022
Reflected Cross Site Scripting
02 May 2022
PHP session.use_trans_sid Session Hijacking
02 May 2022
PHP expose_php is on
02 May 2022
PHP default_charset is none
02 May 2022
Memcache injection
02 May 2022
WordPress Slider Revolution Local File Disclosure
26 Apr 2022
WordPress Host header attack
26 Apr 2022
Clickjacking
Clickjacking
24 Apr 2022
Webinar
State of Application Security in the IT Sector
19 Apr 2022
metadata
Website contains Mercurial metadata directory
19 Apr 2022
metadata
Sub resource Integrity (SRI) not implemented but all external scripts are loaded securely
19 Apr 2022
SSL
Logjam attack against the TLS protocol
19 Apr 2022
SSL
Factoring RSA Export Keys (FREAK) Attack
19 Apr 2022
web security
Cyber Security Threats and Best Practices for Remote Workers
13 Apr 2022
Web server
Fingerprinting Web Server
04 Apr 2022
Phpinfo() PHP Magic Quotes Gpc is On
02 Apr 2022
Phpinfo() Memory Limit
02 Apr 2022
TLS Safari compatibility
02 Apr 2022
TLS Internet Explorer compatibility
02 Apr 2022
Server Vulnerabilities And Misconfiguration For Sensitive Information
02 Apr 2022
Server Certificate Validation Through OCSP Stapling
02 Apr 2022
Generic Map Nomatch
02 Apr 2022
What is Shift Left Security? Benefits and Best Practices
01 Apr 2022
Common Backdoors
29 Mar 2022
owasp
Sensitive Data Exposure OWASP 2013
24 Mar 2022
Why is penetration testing important for businesses?
09 Mar 2022
WordPress User enumeration
05 Mar 2022
WordPress Improper handling of post metadata check
02 Mar 2022
Test For Checking CGI Force Redirect
02 Mar 2022
Remote administrative access
02 Mar 2022
Press
Beagle Security listed among G2’s Best Security Products 2022
10 Feb 2022
web security
What is ModSecurity? Installation Guide for Apache on Ubuntu
08 Feb 2022
PwnKit (CVE-2021-4034): Linux system service bug
25 Jan 2022
Web Cache Deception
16 Jan 2022
Press
Beagle Security named a Leader in G2's Winter 2022 Report
08 Jan 2022
web security
Why Automate Web Application Security Testing?
07 Jan 2022
Web Cache Poisoning
01 Jan 2022
owasp
OWASP Top 10 2021
29 Dec 2021
5 Biggest Data Breaches of 2021
18 Dec 2021
Log4j Vulnerability
13 Dec 2021
Cookies
Cookie Theft: Phishing Campaign Targets YouTube Creators
22 Nov 2021
DOMECTF2021
DomeCTF 2021
22 Nov 2021
DOMECTF2021
The Spy Write-up
20 Nov 2021
DOMECTF2021
SEO Write-up
20 Nov 2021
DOMECTF2021
Rocket Write-up
20 Nov 2021
DOMECTF2021
Murder Write-up
20 Nov 2021
DOMECTF2021
JOT Write-up
20 Nov 2021
DOMECTF2021
International Space Station Write-up
20 Nov 2021
DOMECTF2021
Farness Write-up
20 Nov 2021
DOMECTF2021
LockBox Write-up
20 Nov 2021
File Inclusion Vulnerabilities
31 Oct 2021
Beagle Security Cosmog: Penetration testing for internal web apps
19 Oct 2021
Code Execution
Apache HTTP Server Path Traversal and Remote Code Execution
18 Oct 2021
Code Execution
Microsoft MSHTML Remote Code Execution Vulnerability
13 Oct 2021
Data Security
Domain Spoofing: Types and How to Prevent Them
20 Sep 2021
API Security Testing: Importance, Risks and Best Practices
27 Aug 2021
SSL
POODLE Attack
14 Jul 2021
Bypass
HTTP Request Smuggling
09 Jun 2021
Vulnerable Javascript Library
08 Jun 2021
Serverless Computing: Security and Challenges
31 May 2021
Cross Domain JavaScript Source File Inclusion
21 May 2021
Htaccess
Htaccess Bypass
30 Apr 2021
Insecure File Upload
27 Apr 2021
Content security policy
Content Security Policy (CSP): Use Cases and Examples
20 Apr 2021
Code Execution
Remote Code Execution (RCE)
08 Apr 2021
web security
Building Application Security in the Azure DevOps Pipeline
10 Feb 2021
web security
How to Improve Web Application Security?
29 Jan 2021
AI
How AI is Transforming Cyber Security
20 Jan 2021
Data Security
Here's What You Need to Know About WhatsApp's New Privacy Policy
10 Jan 2021
web security
Session Security
29 Dec 2020
Injection
Server Side Request Forgery Attack
15 Dec 2020
Cyber attacks
Man-in-the-Middle (MITM) Attack: Types, Techniques and Prevention
03 Dec 2020
Cyber attacks
How to Respond to a Cyber Attack?
23 Nov 2020
Web server
Nginx Server Security: Nginx Hardening Guide
13 Nov 2020
CMS Security
CMS Vulnerabilities: Why are CMS platforms common hacking targets?
05 Nov 2020
Container security
Docker Container Security: Attacking Docker Vulnerabilities
29 Oct 2020
WordPress
10 Common WordPress Errors That Should be Fixed
19 Oct 2020
AI
Machine Learning for Web Automation
09 Oct 2020
Data Security
5 Biggest Data Breaches of 2020
16 Sep 2020
web security
How to Store and Secure Sensitive Data in Web Applications
07 Sep 2020
SMBGhost Vulnerability (CVE-2020-0796)
31 Aug 2020
PHP-FPM Vulnerability (CVE-2019-11043) with NGINX
31 Aug 2020
web security
Secure Firewall Configuration for Web Applications
25 Aug 2020
Social Engineering Attacks: Techniques, Examples and Prevention
13 Aug 2020
DMARC Security: Securing Email With DMARC
03 Aug 2020
Wordpress
WordPress Security: Vulnerabilities and How to Improve Security
21 Jul 2020
Information Leakage
SIGRed: Microsoft DNS Server RCE Vulnerability
15 Jul 2020
Information Leakage
DNS Zone Transfer Vulnerability
14 Jul 2020
Web server
Importance of TLS 1.3: SSL and TLS Vulnerabilities
06 Jul 2020
Web server
Hardening Server Security By Implementing Security Headers
27 Jun 2020
Web server
Apache Web Server Hardening
15 Jun 2020
AI
/
web security
Artificial Intelligence in Cyber Security
26 May 2020
Cyber attacks
Covid-19 Cyber Attacks: How Attackers are Exploiting the Crisis
23 Apr 2020
web security
/
SMB
Why Small Businesses Should Invest in Cybersecurity?
05 Jan 2020
web security
/
SMB
5 Ways to Improve Your Web Application Security in 2020
01 Jan 2020
Client Side URL Redirect
/
HSTS
Alexa, Google Home and Siri Can Be Hacked Using Laser Light
06 Nov 2019
blog
High Severity Flaws Discovered in Nvidia Shield TV and Intel NUCs
14 Oct 2019
blog
Critical RCE Vulnerability Found in iTerm2 MacOS Terminal Emulator App
12 Oct 2019
Beagle Security is Ready: Web Application Security Testing Solution
02 Oct 2019
Beagle Beta is ready
04 Jul 2018
blog
SecDevOps vs DevSecOps
04 Jul 2018
WordPress
WordPress Versions
04 Jul 2018
WordPress
WordPress Themes
04 Jul 2018
WordPress
WordPress Plugin Vulnerabilities
04 Jul 2018
SQL Injection
Union Query SQL Injection (SQLi)
04 Jul 2018
TLS
Transport Layer Security
04 Jul 2018
WordPress
The unseen Drupal
04 Jul 2018
TLS
TLS(Transport Layer Security) protocol version outdated
04 Jul 2018
SQL Injection
Stacked Queries SQL Injection (SQLi)
04 Jul 2018
SSL
SSL(Secure Sockets Layer) protocol version outdated
04 Jul 2018
SRI HTML not parsable
04 Jul 2018
PHP Config contain database IDs and passwords.
04 Jul 2018
SQL Injection
Inline Queries SQL Injection (SQLi)
04 Jul 2018
Information leakage of the web application's directory or folder path
04 Jul 2018
SQL Injection
Error based SQL Injection (SQLi)
04 Jul 2018
Cookies Attributes
Cookie session without 'Secure' flag
04 Jul 2018
SQL Injection
Boolean based Blind SQL Injection (SQLi)
04 Jul 2018
owasp
OWASP top ten 2013
04 Jul 2018
blog
Application Threat Modeling
04 Jul 2018
Intelligent Security Testing
03 Jul 2018
Phpinfo() Upload Max Filesize
02 Jul 2018
Phpinfo() Open Base Directory Is Disabled
02 Jul 2018
Vignette Content Management Vulnerabilty
02 Jul 2018
User Information Disclosure
02 Jul 2018
Ultimate PHP Board Data Disclosure
02 Jul 2018
US Social Security Number disclosure
02 Jul 2018
Test for XML-RPC Interface
02 Jul 2018
Test For Oracle Application Server
02 Jul 2018
Upload Temp Directory is Everyone
02 Jul 2018
Test For Checking Session Cookie Httponly
02 Jul 2018
Test For Checking Magic Quotes Gpc is On
02 Jul 2018
Test For Checking File Uploads
02 Jul 2018
TLS OpenSSL compatibility
02 Jul 2018
TLS Firefox compatibility
02 Jul 2018
TLS Edge compatibility
02 Jul 2018
TLS Chrome compatibility
02 Jul 2018
TLS Android compatibility
02 Jul 2018
Stored Cross Site Scripting
02 Jul 2018
SSL Compression Methods
02 Jul 2018
Private IP Address Disclosure
02 Jul 2018
Potential Web Backdoor
02 Jul 2018
Password Autocomplete in Browser
02 Jul 2018
Parameter Tampering
02 Jul 2018
PHP session.save_path Security Restriction Bypass
02 Jul 2018
PHP session.hash_function is SHA
02 Jul 2018
PHP session.hash_function is MD5
02 Jul 2018
PHP register-globals is enabled
02 Jul 2018
PHP post_max_size show phpinfo()
02 Jul 2018
PHP display_errors is on
02 Jul 2018
PHP disable_functions Executable Handling
02 Jul 2018
PHP code injection
02 Jul 2018
PHP cURL Security Bypass
02 Jul 2018
PHP allow_url_include is enabled
02 Jul 2018
PHP allow_url_fopen is enabled
02 Jul 2018
PHP Higher Privilege execution
02 Jul 2018
Old TLS backward compatibility
02 Jul 2018
Modern TLS compatibility
02 Jul 2018
Missing Fallback Signaling Cipher Suite Value
02 Jul 2018
Microsoft Site Server Information Disclosure
02 Jul 2018
Microsoft RDS Arbitrary Remote Command Execution
02 Jul 2018
Meridian Integrated Personal Call Director Password Disclosure
02 Jul 2018
Joomla common log files
02 Jul 2018
Joomla admin page
02 Jul 2018
Joomla User Registration Process
02 Jul 2018
Joomla Debug Mode status
02 Jul 2018
Joomla Core vulnerability
02 Jul 2018
Intermediate TLS compatibility
02 Jul 2018
HTML Injection
02 Jul 2018
Email address disclosure
02 Jul 2018
Dl PHP cgi.force_redirect disabled
02 Jul 2018
Cross origin Resource Sharing Implemented With Public Access
02 Jul 2018
Cross Origin Resource Sharing Not Implemented
02 Jul 2018
Cross Origin Resource Sharing Implemented With Restricted Access
02 Jul 2018
Credit Card number disclosure
02 Jul 2018
Content Type Header Missing
02 Jul 2018
Captcha Image Detected
02 Jul 2018
Bash Command Injection
02 Jul 2018
Application Error Disclosure
02 Jul 2018
Administration page exposure
02 Jul 2018
.htaccess LIMIT misconfiguration
29 Jun 2018
XML Injection
XML EXternal Entity injection
29 Jun 2018
WordPress Theme 'Elegant' Privilege Escalation
29 Jun 2018
WordPress Stored Cross-Site Scripting (XSS)
29 Jun 2018
WordPress Server Side Request Forgery
29 Jun 2018
SQL Injection
WordPress SQL Injection
29 Jun 2018
WordPress PHP Object Injection
29 Jun 2018
WordPress Directory Traversal Attack
29 Jun 2018
Blind SQL Injection
WordPress Blind SQL Injection
29 Jun 2018
WordPress Authentication Bypass
29 Jun 2018
Unvalidated Document Object Model redirection
29 Jun 2018
Publicly Writable Directory
29 Jun 2018
Origin Spoof Access Restriction Bypass
29 Jun 2018
Insecure RIA cross domain policy
29 Jun 2018
Source code disclosure
29 Jun 2018
DOM XSS
Document Object Model Based Cross Site Scripting
29 Jun 2018
Directory Traversal
29 Jun 2018
Common Administration Interfaces
29 Jun 2018
Code Injection
29 Jun 2018
Brute Force In IIS (Internet Information Services)
29 Jun 2018
Blind OS Command Injection Using Timing Attacks
29 Jun 2018
Wordpress Themes Email Spoofing
26 Jun 2018
WordPress unsafe redirect for login
26 Jun 2018
WordPress unpatched Denial Of Service (DoS)
26 Jun 2018
WordPress WPDB SQL Injection
26 Jun 2018
WordPress VideoJS plugins Cross-site Scripting (XSS)
26 Jun 2018
WordPress Themes Information Disclosure
26 Jun 2018
WordPress Slider Revolution Shell Upload
26 Jun 2018
WordPress Refraction Theme Multiple Vulnerabilities
26 Jun 2018
WordPress Reflected Cross-Site Scripting
26 Jun 2018
WordPress RSS and Atom Feed Escaping
26 Jun 2018
WordPress Plugin VideoJS and Cross Site Scripting
26 Jun 2018
WordPress Open Redirect
26 Jun 2018
WordPress Large File Upload Error XSS
26 Jun 2018
WordPress Key Weak Hashing
26 Jun 2018
WordPress Insufficient redirect validation
26 Jun 2018
WordPress HTML Language Attribute Escaping
26 Jun 2018
WordPress Filesystem Credentials Dialog CSRF
26 Jun 2018
WordPress Escape Version in Generator Tag
26 Jun 2018
Directory traversal
WordPress Directory traversal
26 Jun 2018
XSS
WordPress Cross-Site Scripting
26 Jun 2018
Ghostcat Vulnerability (CVE-2020–1938)
26 Jun 2018
Format string vulnerability
26 Jun 2018
Injection
Eval Injection
26 Jun 2018
Document Object Model Cross Site Scripting on WordPress
26 Jun 2018
Authentication Bypass and Stored Cross Site Scripting
26 Jun 2018
PhpMyExplorer Directory traversal
24 Jun 2018
XPath Injection
24 Jun 2018
WebDAV Detection
24 Jun 2018
owasp
Using Components with Known Vulnerabilities
24 Jun 2018
owasp
Unvalidated Redirects and Forwards
24 Jun 2018
Cookies
Unsecured HTTP cookies
24 Jun 2018
Unsafe preg_replace usage
24 Jun 2018
Unhandled error in web application
24 Jun 2018
Uncommon query string parameter
24 Jun 2018
Shellshock vulnerability
24 Jun 2018
owasp
Sensitive Data Exposure
24 Jun 2018
Rosetta flash vulnerability
24 Jun 2018
Injection
Remote OS Command Injection
24 Jun 2018
Regular expression Denial of Service vulnerability
24 Jun 2018
Reflected File Download vulnerability
24 Jun 2018
Potentially dangerous file
24 Jun 2018
Phishing vector vulnerability found
24 Jun 2018
PHP-Gastebuch Disclosing System Information
24 Jun 2018
Open WebSocket
24 Jun 2018
Local File Inclusion
24 Jun 2018
Injection
Lightweight Directory Access Protocol (LDAP) injection
24 Jun 2018
Clickjacking
Lack of wildcard DNS entry found
24 Jun 2018
owasp
Insufficient Logging And Monitoring
24 Jun 2018
Insecure Redirection
24 Jun 2018
owasp
Insecure Direct Object References
24 Jun 2018
owasp
Insecure Deserialization
24 Jun 2018
Information sent using unencrypted channels
24 Jun 2018
Injection
IMAP/SMTP Injection
24 Jun 2018
Injection
HTTP response header injection
24 Jun 2018
HTTP Response Splitting Vulnerability
24 Jun 2018
HTTP Method Vulnerability Found
24 Jun 2018
Guessable credentials found
24 Jun 2018
Full Path Disclosure vulnerability
24 Jun 2018
Database can be read without authentication
24 Jun 2018
Cross-Site Tracing (XST) vulnerability
24 Jun 2018
XSS
Cross Site Scripting
24 Jun 2018
Common Gateway Interface Vulnerability
24 Jun 2018
Buffer overflow vulnerability
24 Jun 2018
owasp
Broken Authentication
24 Jun 2018
owasp
Broken Access Control
24 Jun 2018
Auto complete not disabled
24 Jun 2018
X-XSS-Protection
X-XSS-Protection Not Implemented
19 Jun 2018
metadata
Website contains SVN metadata directory
19 Jun 2018
metadata
Website contains Git metadata directory
19 Jun 2018
Injection
/
CRLF
Web based mail package
19 Jun 2018
SSL
Tickets option leak uninitialised memory
19 Jun 2018
SSL
The RC4 algorithm In Transport Layer Security and Secure Sockets Layer
19 Jun 2018
The DROWN attack
19 Jun 2018
SRI
Subresource Integrity (SRI) implemented, but external scripts are loaded over http
19 Jun 2018
SRI
Subresource Integrity (SRI) is not implemented, and external scripts are not loaded securely
19 Jun 2018
status code
Site did not return a status code of 200
19 Jun 2018
HSTS
/
Cookies Attributes
Session Cookie set without 'Secure' Flag but protected by HSTS
19 Jun 2018
SSL
SWEET32 attack
19 Jun 2018
SSL
ROBOT attack (Bleichenbacher RSA)
19 Jun 2018
SSL
Processing of Change Cipher Spec
19 Jun 2018
SSL
Obtain plaintext by observing length differences
19 Jun 2018
SSL
Logjam common primes
19 Jun 2018
Information Leakage
Information leakage in EXIF data of images
19 Jun 2018
SSL
Heartbleed vulnerability
19 Jun 2018
HSTS
HTTP Strict Transport Security (HSTS) header not implemented
19 Jun 2018
HSTS
HTTP Strict Transport Security header not available over HTTPS
19 Jun 2018
HSTS
HTTP Strict Transport Security (HSTS) header cannot be recognised
19 Jun 2018
HTTP Public Key Pinning (HPKP) header cannot be recognised
19 Jun 2018
Fingerprinting Web Application Framework using HTTP headers
19 Jun 2018
CORS
Cross-Origin Resource Sharing XML cannot be parsed
19 Jun 2018
Cookies Attributes
Cookies SameSite flag invalid
19 Jun 2018
HSTS
Cookie without 'Secure' flag but protect by HSTS
19 Jun 2018
Cookies Attributes
Cookie set without 'Secure' flag
19 Jun 2018
CSRF
/
Cookies Attributes
Cookie anti-CSRF flag without SameSite flag
19 Jun 2018
Content Security Policy
Content Security Policy (CSP) header not implemented
19 Jun 2018
Injection
/
CRLF
CRLF Injection
19 Jun 2018
SSL
Browser Exploit Against SSL/TLS
19 Jun 2018
SQL injection
/
Time Based Blind SQL Injection
Time based Blind SQL Injection (SQLi)
05 Jun 2018
IBM
/
SQL injection
/
injection
IBM DB Boolean based blind sql injection
05 Jun 2018
Cookies Attributes
Cookie session without 'HttpOnly' flag
05 Jun 2018
X-XSS-Protection header disabled
05 Jun 2018
X-Frame-Options header not implemented
05 Jun 2018
X-Frame-Options header cannot be recognized
05 Jun 2018
Referrer-Policy header unsafely
05 Jun 2018
Client Side URL Redirect
Redirects to HTTPS eventually, but initial redirection is to another HTTP URL
05 Jun 2018
Client Side URL Redirect
Redirects, but final destination is not an HTTPS URL.
05 Jun 2018
Client Side URL Redirect
Invalid certificate chain encountered during redirection
05 Jun 2018
Client Side URL Redirect
Does not redirect to a HTTPS site from HTTP port
05 Jun 2018
Beagle Security helps you to proactively secure your web apps & APIs
with automated penetration testing & actionable remediation insights.
SIGN UP FREE
PRODUCT TOUR