TOOL_PTK on ZAP

.NET stack trace / YSOD

Mon, 01 Jan 0001 00:00:00 +0000

Detects common framework stack traces, error pages, and path disclosures in observed responses.

Generated by OWASP PTK DAST Module

access_token/id_token in URL

Mon, 01 Jan 0001 00:00:00 +0000

Detects access tokens, JWTs, and API keys present in URLs or query strings observed in traffic.

Generated by OWASP PTK DAST Module

Admin/management path observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

Anchor href manipulated from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value assigned to href attribute.

Generated by OWASP PTK IAST Module

Android assetlinks.json observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags security-relevant well-known resources and metadata files when they appear in observed traffic.

Generated by OWASP PTK DAST Module

AngularJS $parse expression from cookie

Mon, 01 Jan 0001 00:00:00 +0000

Cookie-controlled expression value reaches AngularJS $parse.

Generated by OWASP PTK IAST Module

AngularJS $parse expression from form input

Mon, 01 Jan 0001 00:00:00 +0000

Form-controlled expression value reaches AngularJS $parse.

Generated by OWASP PTK IAST Module

AngularJS $parse expression from localStorage

Mon, 01 Jan 0001 00:00:00 +0000

Storage-controlled expression value reaches AngularJS $parse.

Generated by OWASP PTK IAST Module

AngularJS $parse expression from postMessage

Mon, 01 Jan 0001 00:00:00 +0000

postMessage-controlled expression value reaches AngularJS $parse.

Generated by OWASP PTK IAST Module

AngularJS expression executed through Function constructor

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data reached dynamic code execution while AngularJS expression parsing/compilation was active. This covers interpolation and $parse-style AngularJS expression injection cases.

Generated by OWASP PTK IAST Module

AngularJS expression injection - eval expression 1.4.0 to 1.4.9

Mon, 01 Jan 0001 00:00:00 +0000

Detects AngularJS client-side template and expression injection by sending version-gated AngularJS sandbox-escape probes to query and form parameters, then requiring browser-executed proof from the PTK browser-nav harness.

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.0.1 to 1.1.5

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.2.0 to 1.2.18

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.2.19 to 1.2.23

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.2.24 to 1.2.26

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.2.27 to 1.3.20

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.2.6 to 1.2.18

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.4.0 to 1.4.5

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.4.2 to 1.5.8

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - expression 1.6 and later

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS expression injection - single-quote expression 1.2.19 to 1.2.23

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS interpolation delimiters in template string

Mon, 01 Jan 0001 00:00:00 +0000

Finds AngularJS code patterns where untrusted data is compiled or parsed as AngularJS expressions/templates, including $parse, $interpolate, $compile, interpolation delimiters and ng-* expression attributes.

Generated by OWASP PTK SAST Module

AngularJS ng-* expression attribute

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

AngularJS template injection - alternate delimiters 1.6 and later

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - HTML entity alternate delimiters 1.4.0 to 1.4.9

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - HTML entity delimiters 1.4.0 to 1.4.9

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.0.1 to 1.1.5

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.2.0 to 1.2.1

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.2.19 to 1.2.23

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.2.2 to 1.2.5

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.2.24 to 1.2.29

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.2.6 to 1.2.18

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.4.0 to 1.4.9

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.5.0 to 1.5.8

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected 1.6 and later

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected eval 1.4.0 to 1.4.9

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

AngularJS template injection - reflected short legacy 1.0.1 to 1.1.5

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

API docs endpoint observed

Mon, 01 Jan 0001 00:00:00 +0000

Detects exposure of API documentation, specs, and interactive consoles observed in traffic.

Generated by OWASP PTK DAST Module

api_key/key in URL

Mon, 01 Jan 0001 00:00:00 +0000

Detects access tokens, JWTs, and API keys present in URLs or query strings observed in traffic.

Generated by OWASP PTK DAST Module

Apple app-site-association observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags security-relevant well-known resources and metadata files when they appear in observed traffic.

Generated by OWASP PTK DAST Module

Avoid eval with string literals

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic execution of attacker-controlled strings in JavaScript sinks such as eval(), Function(), string-based timers, execScript, or script.text assignments. Exploiting these flows lets attackers execute arbitrary JS without relying on HTML injection.

Generated by OWASP PTK SAST Module

Avoid execScript dynamic execution

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Avoid Function constructor with strings

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Avoid permissive regex origin checks

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

Avoid postMessage with wildcard targetOrigin

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

Avoid string-based timers

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Avoid weak origin substring checks

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

AWS Access Key ID pattern

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Cache-Control public/max-age with Set-Cookie

Mon, 01 Jan 0001 00:00:00 +0000

Flags potentially risky cacheability for responses that appear user-specific and missing cache partitioning indicators.

Generated by OWASP PTK DAST Module

Clear-Site-Data present but missing executionContexts

Mon, 01 Jan 0001 00:00:00 +0000

The OWASP Secure Headers Project describes HTTP response headers that your application can use to increase the security of your application. Once set, these HTTP response headers can restrict modern browsers from running into easily preventable vulnerabilities.

Generated by OWASP PTK DAST Module

Clear-Site-Data uses wildcard *

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Client-side redirect via history.pushState

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL passed to history.pushState, altering client-side navigation.

Generated by OWASP PTK IAST Module

Client-side redirect via location.assign

Mon, 01 Jan 0001 00:00:00 +0000

Tainted destination URL passed to location.assign.

Generated by OWASP PTK IAST Module

Client-side redirect via location.href

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data assigned to location.href, causing a client-side redirect.

Generated by OWASP PTK IAST Module

Client-side redirect via location.replace

Mon, 01 Jan 0001 00:00:00 +0000

Tainted destination URL passed to location.replace.

Generated by OWASP PTK IAST Module

Client-side route change via history.replaceState

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL passed to history.replaceState, altering client-side navigation state.

Generated by OWASP PTK IAST Module

Cloud metadata IP referenced

Mon, 01 Jan 0001 00:00:00 +0000

Detects internal hostnames/IPs and environment hints (staging/dev/local) disclosed in observed responses.

Generated by OWASP PTK DAST Module

COEP present but value is not 'require-corp' or 'credentialless'

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

COOP present but value is not 'same-origin'

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

COOP set without COEP/CORP (incomplete cross-origin isolation)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

CORS allows any origin with credentials

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

CORS allows broad headers

Mon, 01 Jan 0001 00:00:00 +0000

Adds passive CORS posture checks: missing Vary: Origin for dynamic ACAO, and permissive allowed headers/methods.

Generated by OWASP PTK DAST Module

CORS allows broad methods

Mon, 01 Jan 0001 00:00:00 +0000

Adds passive CORS posture checks: missing Vary: Origin for dynamic ACAO, and permissive allowed headers/methods.

Generated by OWASP PTK DAST Module

Credit Card Number

Mon, 01 Jan 0001 00:00:00 +0000

Sensitive data is anything that should not be accessible to admin access, known as sensitive data. Sensitive data may include personally identifiable information (PII), such as Social Security numbers, financial information, or login credentials. Sensitive Data Exposure occurs when an organization unknowingly exposes sensitive data or when a security incident leads to the accidental or unlawful destruction, loss, alteration, or admin disclosure of, or access to sensitive data.

CSP 'frame-ancestors' missing or overly broad

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

CSP allows inline/eval or wildcards in script/style

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

CSP Report-Only present without enforcing CSP

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

data: URL assigned to form action

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to form action.

Generated by OWASP PTK IAST Module

data: URL assigned to formAction

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to formAction.

Generated by OWASP PTK IAST Module

data: URL assigned to href

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to href.

Generated by OWASP PTK IAST Module

data: URL assigned to iframe.src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to iframe.src.

Generated by OWASP PTK IAST Module

data: URL assigned to script.src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to script.src and treated as executable content.

Generated by OWASP PTK IAST Module

data: URL assigned to src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to a generic src attribute.

Generated by OWASP PTK IAST Module

data: URL navigated via location.assign

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL passed to location.assign.

Generated by OWASP PTK IAST Module

data: URL navigated via location.href

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL assigned to location.href.

Generated by OWASP PTK IAST Module

data: URL navigated via location.replace

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL passed to location.replace.

Generated by OWASP PTK IAST Module

data: URL opened via window.open

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data: URL passed to window.open.

Generated by OWASP PTK IAST Module

Debug/diagnostic path observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

Deprecated Feature-Policy or unknown/overly-permissive Permissions-Policy

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Disallow direct document.cookie assignment (incl. bracket access)

Mon, 01 Jan 0001 00:00:00 +0000

Detects cases where attacker-controlled DOM data is written into cookies (document.cookie or common wrapper functions). Can indicate session fixation, logic control, or preparation for exploit-chains.

Generated by OWASP PTK SAST Module

Disallow direct navigation primitives

Mon, 01 Jan 0001 00:00:00 +0000

Detects client-side code that can redirect users to attacker-controlled URLs (open redirects). Includes assignment/calls that control window/location/navigation, attr-based redirects, form actions and jQuery variants.

Generated by OWASP PTK SAST Module

Disallow document.write()/writeln()

Mon, 01 Jan 0001 00:00:00 +0000

Detects cases where untrusted data from the DOM (URL, element values, storage, messages, etc.) flows into HTML/JS execution sinks (e.g., innerHTML, outerHTML, document.write, string-based setTimeout, insertAdjacentHTML) without proper sanitization or encoding \u2014 enabling DOM-based cross-site scripting.

Generated by OWASP PTK SAST Module

Disallow innerHTML/outerHTML assignments

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Disallow insertAdjacentHTML()

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

DOM XSS via document.write

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data passed to document.write.

Generated by OWASP PTK IAST Module

DOM XSS via document.write (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached document.write.

Generated by OWASP PTK IAST Module

DOM XSS via DOM mutation (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached mutation sinks.

Generated by OWASP PTK IAST Module

DOM XSS via DOM mutations

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data inserted into the DOM via DOM mutation APIs.

Generated by OWASP PTK IAST Module

DOM XSS via DOMParser.parseFromString

Mon, 01 Jan 0001 00:00:00 +0000

Tainted HTML parsed through DOMParser.parseFromString with an HTML-like MIME type.

Generated by OWASP PTK IAST Module

DOM XSS via Element.innerHTML

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data assigned to innerHTML (possible DOM XSS).

Generated by OWASP PTK IAST Module

DOM XSS via Element.outerHTML

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data assigned to outerHTML (possible DOM XSS).

Generated by OWASP PTK IAST Module

DOM XSS via Element.setHTMLUnsafe

Mon, 01 Jan 0001 00:00:00 +0000

Tainted HTML passed to Element.setHTMLUnsafe.

Generated by OWASP PTK IAST Module

DOM XSS via iframe.srcdoc (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached iframe.srcdoc.

Generated by OWASP PTK IAST Module

DOM XSS via inline event handler

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data flowed into an inline event handler.

Generated by OWASP PTK IAST Module

DOM XSS via inline handlers (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached inline event handlers.

Generated by OWASP PTK IAST Module

DOM XSS via innerHTML (Angular)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

DOM XSS via innerHTML (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached innerHTML.

Generated by OWASP PTK IAST Module

DOM XSS via insertAdjacentHTML

Mon, 01 Jan 0001 00:00:00 +0000

Tainted HTML passed into insertAdjacentHTML.

Generated by OWASP PTK IAST Module

DOM XSS via insertAdjacentHTML (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached insertAdjacentHTML.

Generated by OWASP PTK IAST Module

DOM XSS via outerHTML (secondary sources)

Mon, 01 Jan 0001 00:00:00 +0000

Persisted/reflected client-side values reached outerHTML.

Generated by OWASP PTK IAST Module

DOM XSS via query param attribute breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param attribute-name event injection

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param double-quoted attribute event breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param double-quoted resource onerror breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param event-handler value

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param HTML image onerror

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param javascript: URL

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param JS block-comment breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param JS double-quote breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param JS expression execution

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param JS regex breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param JS single-quote breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param JS template literal breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param script-tag breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param single-quoted attribute event breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param style-block breakout

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param SVG tag-name event injection

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via query param unquoted attribute event injection

Mon, 01 Jan 0001 00:00:00 +0000

Tests top-level GET query parameters for browser-executed XSS by opening a real browser attack tab and requiring an execution marker after load or safe synthetic interaction.

Generated by OWASP PTK DAST Module

DOM XSS via Range.createContextualFragment

Mon, 01 Jan 0001 00:00:00 +0000

Tainted HTML passed to Range.createContextualFragment.

Generated by OWASP PTK IAST Module

DOM XSS via ShadowRoot.setHTMLUnsafe

Mon, 01 Jan 0001 00:00:00 +0000

Tainted HTML passed to ShadowRoot.setHTMLUnsafe.

Generated by OWASP PTK IAST Module

DOM-based Cookie Manipulation (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

DOM-based JavaScript Injection (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

DOM-based Link Manipulation (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Detects DOM code that rewrites link destinations (href attributes) with attacker-controlled data. Manipulated links can mislead users into visiting malicious targets even if navigation is not forced automatically.

Generated by OWASP PTK SAST Module

DOM-based Open Redirection (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

DOM-based XSS (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Dynamic ACAO without Vary: Origin

Mon, 01 Jan 0001 00:00:00 +0000

Adds passive CORS posture checks: missing Vary: Origin for dynamic ACAO, and permissive allowed headers/methods.

Generated by OWASP PTK DAST Module

Dynamic AngularJS $compile/$interpolate template

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Dynamic AngularJS $parse expression

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Dynamic code execution via eval

Mon, 01 Jan 0001 00:00:00 +0000

Tainted string executed via eval().

Generated by OWASP PTK IAST Module

Dynamic code execution via Function constructor

Mon, 01 Jan 0001 00:00:00 +0000

Tainted string executed via Function constructor.

Generated by OWASP PTK IAST Module

Dynamic code execution via Function.apply

Mon, 01 Jan 0001 00:00:00 +0000

Tainted string executed via Function.apply.

Generated by OWASP PTK IAST Module

Dynamic template compilation

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic client-side template compilation/rendering where attacker-controlled templates or outputs are injected into the DOM.

Generated by OWASP PTK SAST Module

Environment hints (dev/staging/test) in response

Mon, 01 Jan 0001 00:00:00 +0000

Detects internal hostnames/IPs and environment hints (staging/dev/local) disclosed in observed responses.

Generated by OWASP PTK DAST Module

Environment/config file observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

eval() from storage/referrer taint

Mon, 01 Jan 0001 00:00:00 +0000

Storage/referrer taint reached eval().

Generated by OWASP PTK IAST Module

Exfiltration via fetch headers

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data sent in fetch() headers (e.g. Authorization, custom tokens).

Generated by OWASP PTK IAST Module

Exfiltration via fetch URL

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data used in fetch() URL, potentially exfiltrating sensitive information.

Generated by OWASP PTK IAST Module

Exfiltration via image.src beacon

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data embedded into image src URL for beacon-style exfiltration.

Generated by OWASP PTK IAST Module

Exfiltration via navigator.sendBeacon

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data sent via navigator.sendBeacon().

Generated by OWASP PTK IAST Module

Exfiltration via XMLHttpRequest body

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data sent in XMLHttpRequest.send() body.

Generated by OWASP PTK IAST Module

Exfiltration via XMLHttpRequest headers

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data sent in XMLHttpRequest.setRequestHeader() values.

Generated by OWASP PTK IAST Module

Exfiltration via XMLHttpRequest URL

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data used in XMLHttpRequest.open() URL.

Generated by OWASP PTK IAST Module

Expect-CT is deprecated

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Exposure of Git repository

Mon, 01 Jan 0001 00:00:00 +0000

Version control repositories such as CVS or git store version-specific metadata and other details within subdirectories. If these subdirectories are stored on a web server or added to an archive, then these could be used by an attacker. This information may include usernames, filenames, path root, IP addresses, and detailed ‘diff’ data about how files have been changed - which could reveal source code snippets that were never intended to be made public..

Exposure of Mercurial repository

Mon, 01 Jan 0001 00:00:00 +0000

Exposure of SVN repository

Mon, 01 Jan 0001 00:00:00 +0000

File/path candidate parameter

Mon, 01 Jan 0001 00:00:00 +0000

Flags request parameters and JSON keys commonly associated with high-impact findings (open redirect, SSRF, IDOR, file/path traversal).

Generated by OWASP PTK DAST Module

Firebase config exposed

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Form action manipulated by tainted route or body input

Mon, 01 Jan 0001 00:00:00 +0000

Tainted route, body, or messaging value changed form action.

Generated by OWASP PTK IAST Module

Form action manipulated from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value assigned to form action.

Generated by OWASP PTK IAST Module

formAction manipulated by tainted route or body input

Mon, 01 Jan 0001 00:00:00 +0000

Tainted route, body, or messaging value changed formAction.

Generated by OWASP PTK IAST Module

Function.apply() from storage/referrer taint

Mon, 01 Jan 0001 00:00:00 +0000

Storage/referrer taint reached Function.apply().

Generated by OWASP PTK IAST Module

Function() from storage/referrer taint

Mon, 01 Jan 0001 00:00:00 +0000

Storage/referrer taint reached Function constructor.

Generated by OWASP PTK IAST Module

GitHub token pattern

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Google API key pattern

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

GraphiQL / GraphQL Playground detected

Mon, 01 Jan 0001 00:00:00 +0000

Detects exposure of API documentation, specs, and interactive consoles observed in traffic.

Generated by OWASP PTK DAST Module

GraphQL endpoint observed

Mon, 01 Jan 0001 00:00:00 +0000

Detects exposure of API documentation, specs, and interactive consoles observed in traffic.

Generated by OWASP PTK DAST Module

GraphQL path observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

HSTS max-age too low or missing includeSubDomains

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

HTML references .map files

Mon, 01 Jan 0001 00:00:00 +0000

Detects source map references and common debug artifacts in observed HTML/JS responses. These are high-value recon leads for code disclosure and hidden endpoints.

Generated by OWASP PTK DAST Module

IDOR candidate parameter

Mon, 01 Jan 0001 00:00:00 +0000

Flags request parameters and JSON keys commonly associated with high-impact findings (open redirect, SSRF, IDOR, file/path traversal).

Generated by OWASP PTK DAST Module

IFrame content injection via srcdoc

Mon, 01 Jan 0001 00:00:00 +0000

Tainted HTML assigned to iframe.srcdoc, enabling DOM-based XSS inside the frame.

Generated by OWASP PTK IAST Module

IFrame navigation via src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL assigned to iframe.src, causing navigation to untrusted content.

Generated by OWASP PTK IAST Module

Inline event handler built from dynamic data

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Internal file path disclosure

Mon, 01 Jan 0001 00:00:00 +0000

Detects common framework stack traces, error pages, and path disclosures in observed responses.

Generated by OWASP PTK DAST Module

Internal IP address leaked in response

Mon, 01 Jan 0001 00:00:00 +0000

Detects internal hostnames/IPs and environment hints (staging/dev/local) disclosed in observed responses.

Generated by OWASP PTK DAST Module

Java stack trace

Mon, 01 Jan 0001 00:00:00 +0000

Detects common framework stack traces, error pages, and path disclosures in observed responses.

Generated by OWASP PTK DAST Module

JavaScript includes sourceMappingURL

Mon, 01 Jan 0001 00:00:00 +0000

Detects source map references and common debug artifacts in observed HTML/JS responses. These are high-value recon leads for code disclosure and hidden endpoints.

Generated by OWASP PTK DAST Module

javascript: URL assigned to form action

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL assigned to form action.

Generated by OWASP PTK IAST Module

javascript: URL assigned to formAction

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL assigned to formAction.

Generated by OWASP PTK IAST Module

javascript: URL assigned to href

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL assigned to href and likely to execute in the current browsing context.

Generated by OWASP PTK IAST Module

javascript: URL assigned to iframe.src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL assigned to iframe.src.

Generated by OWASP PTK IAST Module

javascript: URL assigned to src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL assigned to a generic src attribute and interpreted as executable content.

Generated by OWASP PTK IAST Module

javascript: URL navigated via location.assign

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL passed to location.assign.

Generated by OWASP PTK IAST Module

javascript: URL navigated via location.href

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL assigned to location.href.

Generated by OWASP PTK IAST Module

javascript: URL navigated via location.replace

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL passed to location.replace.

Generated by OWASP PTK IAST Module

javascript: URL opened via window.open

Mon, 01 Jan 0001 00:00:00 +0000

Tainted javascript: URL passed to window.open.

Generated by OWASP PTK IAST Module

JSONP callback parameter controls JavaScript response

Mon, 01 Jan 0001 00:00:00 +0000

Tests callback-like parameters for JSONP-style JavaScript responses where user input controls the executed callback name.

Generated by OWASP PTK DAST Module

JWT None Algorithm (Authorization header)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT None Algorithm (Cookie)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT None Algorithm (Form body param)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT None Algorithm (JSON body)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT Probe (Authorization + JWT cookies removed)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT Probe (Authorization header removed)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT Probe (JWT cookies removed)

Mon, 01 Jan 0001 00:00:00 +0000

This attack occurs when an attacker alters the token and changes the hashing algorithm to indicate, through the none keyword, that the integrity of the token has already been verified

Generated by OWASP PTK DAST Module

JWT-like value in URL

Mon, 01 Jan 0001 00:00:00 +0000

Detects access tokens, JWTs, and API keys present in URLs or query strings observed in traffic.

Generated by OWASP PTK DAST Module

Lit unsafeHTML taint flow

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic client-side template compilation/rendering where attacker-controlled templates or outputs are injected into the DOM.

Generated by OWASP PTK SAST Module

localhost/127.0.0.1 referenced in response

Mon, 01 Jan 0001 00:00:00 +0000

Detects internal hostnames/IPs and environment hints (staging/dev/local) disclosed in observed responses.

Generated by OWASP PTK DAST Module

location.assign redirect from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value passed to location.assign.

Generated by OWASP PTK IAST Module

location.href redirect from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value navigated location.href.

Generated by OWASP PTK IAST Module

location.replace redirect from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value passed to location.replace.

Generated by OWASP PTK IAST Module

Mapbox token exposed

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Message handler without origin validation

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

Missing Content-Security-Policy header

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Missing or invalid X-Content-Type-Options

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Missing or weak Referrer-Policy

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Missing Strict-Transport-Security header (on HTTPS)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

navigation.navigate redirect from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value passed to navigation.navigate.

Generated by OWASP PTK IAST Module

Next.js build metadata exposed

Mon, 01 Jan 0001 00:00:00 +0000

Detects source map references and common debug artifacts in observed HTML/JS responses. These are high-value recon leads for code disclosure and hidden endpoints.

Generated by OWASP PTK DAST Module

Node.js / Express stack trace

Mon, 01 Jan 0001 00:00:00 +0000

Detects common framework stack traces, error pages, and path disclosures in observed responses.

Generated by OWASP PTK DAST Module

OIDC well-known configuration observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags security-relevant well-known resources and metadata files when they appear in observed traffic.

Generated by OWASP PTK DAST Module

Open redirect candidate parameter

Mon, 01 Jan 0001 00:00:00 +0000

Flags request parameters and JSON keys commonly associated with high-impact findings (open redirect, SSRF, IDOR, file/path traversal).

Generated by OWASP PTK DAST Module

Open redirect reflected in body destination

Mon, 01 Jan 0001 00:00:00 +0000

Tests for open redirect by forcing redirect-like parameters to an external, benign domain.

Generated by OWASP PTK DAST Module

Open redirect reflected in form action

Mon, 01 Jan 0001 00:00:00 +0000

Tests for open redirect by forcing redirect-like parameters to an external, benign domain.

Generated by OWASP PTK DAST Module

Open redirect via common param names

Mon, 01 Jan 0001 00:00:00 +0000

Tests for open redirect by forcing redirect-like parameters to an external, benign domain.

Generated by OWASP PTK DAST Module

Open redirect via Navigation API

Mon, 01 Jan 0001 00:00:00 +0000

Tainted destination URL used in navigation.navigate.

Generated by OWASP PTK IAST Module

Open redirect via window.open

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL used in window.open (possible open redirect).

Generated by OWASP PTK IAST Module

OpenAPI spec detected

Mon, 01 Jan 0001 00:00:00 +0000

Detects exposure of API documentation, specs, and interactive consoles observed in traffic.

Generated by OWASP PTK DAST Module

Origin check uses host fragment only

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

OS Command Injection - Unix cat /etc/passwd (pipe)

Mon, 01 Jan 0001 00:00:00 +0000

OS command injection (also known as shell injection) is a web security vulnerability that allows an attacker to execute arbitrary operating system (OS) commands on the server that is running an application, and typically fully compromise the application and all its data.

Generated by OWASP PTK DAST Module

PHP fatal error / warning

Mon, 01 Jan 0001 00:00:00 +0000

Detects common framework stack traces, error pages, and path disclosures in observed responses.

Generated by OWASP PTK DAST Module

phpinfo endpoint observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

postMessage to cross-origin target with tainted payload

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data sent via window.postMessage to a different origin.

Generated by OWASP PTK IAST Module

postMessage to wildcard origin with tainted payload

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data sent via window.postMessage to wildcard ‘*’ targetOrigin.

Generated by OWASP PTK IAST Module

Potential .git exposure path observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

Potential backup file observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

Potentially authenticated content lacks no-store

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Private key material exposed

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Prototype pollution influenced fetch() init

Mon, 01 Jan 0001 00:00:00 +0000

A prior tainted prototype write influenced inherited fetch() init fields.

Generated by OWASP PTK IAST Module

Public-Key-Pins is deprecated

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Python traceback

Mon, 01 Jan 0001 00:00:00 +0000

Detects common framework stack traces, error pages, and path disclosures in observed responses.

Generated by OWASP PTK DAST Module

React dangerouslySetInnerHTML taint flow

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic client-side template compilation/rendering where attacker-controlled templates or outputs are injected into the DOM.

Generated by OWASP PTK SAST Module

Response field parsed via createContextualFragment

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived HTML parsed via Range.createContextualFragment.

Generated by OWASP PTK IAST Module

Response field parsed via DOMParser

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived HTML parsed via DOMParser.parseFromString.

Generated by OWASP PTK IAST Module

Response field rendered via document.write

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived data reached document.write.

Generated by OWASP PTK IAST Module

Response field rendered via DOM mutation

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived data reached DOM mutation sinks.

Generated by OWASP PTK IAST Module

Response field rendered via innerHTML

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived data reached innerHTML.

Generated by OWASP PTK IAST Module

Response field rendered via insertAdjacentHTML

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived HTML reached insertAdjacentHTML.

Generated by OWASP PTK IAST Module

Response field rendered via outerHTML

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived data reached outerHTML.

Generated by OWASP PTK IAST Module

Response field rendered via setHTMLUnsafe

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived HTML reached Element.setHTMLUnsafe.

Generated by OWASP PTK IAST Module

Response field rendered via ShadowRoot.setHTMLUnsafe

Mon, 01 Jan 0001 00:00:00 +0000

Response-derived HTML reached ShadowRoot.setHTMLUnsafe.

Generated by OWASP PTK IAST Module

Review assignments to href/src/action

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Review direct Axios destination usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects client-side request destinations for beacon, EventSource, and Axios that can be influenced by attacker-controlled input.

Generated by OWASP PTK SAST Module

Review DOMParser.parseFromString with dynamic HTML/XML

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Review dynamic import usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Review EventSource constructor usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects client-side request destinations for beacon, EventSource, and Axios that can be influenced by attacker-controlled input.

Generated by OWASP PTK SAST Module

Review importScripts usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Review jQuery getScript usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Review message event listeners

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

Review sendBeacon body content

Mon, 01 Jan 0001 00:00:00 +0000

Detects client-side request destinations for beacon, EventSource, and Axios that can be influenced by attacker-controlled input.

Generated by OWASP PTK SAST Module

Review sendBeacon destination

Mon, 01 Jan 0001 00:00:00 +0000

Detects client-side request destinations for beacon, EventSource, and Axios that can be influenced by attacker-controlled input.

Generated by OWASP PTK SAST Module

Review serviceWorker.register usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Review SharedWorker constructor usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Review System.import usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Review uses of appendChild

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Review Vue v-html template usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic client-side template compilation/rendering where attacker-controlled templates or outputs are injected into the DOM.

Generated by OWASP PTK SAST Module

Review Worker constructor usage

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Route-controlled history.pushState

Mon, 01 Jan 0001 00:00:00 +0000

Client route state influenced history.pushState.

Generated by OWASP PTK IAST Module

Route-controlled history.replaceState

Mon, 01 Jan 0001 00:00:00 +0000

Client route state influenced history.replaceState.

Generated by OWASP PTK IAST Module

Route-controlled Navigation API transition

Mon, 01 Jan 0001 00:00:00 +0000

Client route state influenced navigation.navigate.

Generated by OWASP PTK IAST Module

Same-origin URL mutations

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

security.txt observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags security-relevant well-known resources and metadata files when they appear in observed traffic.

Generated by OWASP PTK DAST Module

Sensitive cookies missing security flags

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Sentry DSN exposed

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Server banner discloses software/version

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

setInterval(string) from storage/referrer taint

Mon, 01 Jan 0001 00:00:00 +0000

Storage/referrer taint reached setInterval(string).

Generated by OWASP PTK IAST Module

setTimeout(string) from storage/referrer taint

Mon, 01 Jan 0001 00:00:00 +0000

Storage/referrer taint reached setTimeout(string).

Generated by OWASP PTK IAST Module

Slack token pattern

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Social Security Number

Mon, 01 Jan 0001 00:00:00 +0000

SPA hash DOM XSS

Mon, 01 Jan 0001 00:00:00 +0000

Tests hash-based SPA parameters (http://host/#/route?param=…) for DOM XSS by mutating the hash in a dedicated attack tab and inspecting the DOM.

Generated by OWASP PTK DAST Module

Specify postMessage targetOrigin

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

Spring Boot actuator endpoint observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

SQL Injection - Double Quote (after)

Mon, 01 Jan 0001 00:00:00 +0000

A SQL injection attack consists of insertion or injection of a SQL query via the input data from the client to the application. A successful SQL injection exploit can read sensitive data from the database, modify database data (Insert/Update/Delete), execute administration operations on the database (such as shutdown the DBMS), recover the content of a given file present on the DBMS file system and in some cases issue commands to the operating system. SQL injection attacks are a type of injection attack, in which SQL commands are injected into data-plane input in order to affect the execution of predefined SQL commands.

SQL Injection - Double Quote (before)

Mon, 01 Jan 0001 00:00:00 +0000

SQL Injection - Single Quote (after)

Mon, 01 Jan 0001 00:00:00 +0000

SQL Injection - Single Quote (before)

Mon, 01 Jan 0001 00:00:00 +0000

SSRF / webhook URL candidate parameter

Mon, 01 Jan 0001 00:00:00 +0000

Flags request parameters and JSON keys commonly associated with high-impact findings (open redirect, SSRF, IDOR, file/path traversal).

Generated by OWASP PTK DAST Module

Strict-Transport-Security sent over HTTP (ineffective)

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

Stripe publishable key exposed

Mon, 01 Jan 0001 00:00:00 +0000

Flags secret-like tokens and exposed configuration values in observed HTML/JS/JSON responses. These are recon leads; validate sensitivity before reporting.

Generated by OWASP PTK DAST Module

Swagger UI detected

Mon, 01 Jan 0001 00:00:00 +0000

Detects exposure of API documentation, specs, and interactive consoles observed in traffic.

Generated by OWASP PTK DAST Module

Swagger/OpenAPI path observed

Mon, 01 Jan 0001 00:00:00 +0000

Flags high-value endpoint patterns observed in traffic (admin panels, debug endpoints, consoles, and backup/config file paths).

Generated by OWASP PTK DAST Module

Tainted dangerous key used in prototype write

Mon, 01 Jan 0001 00:00:00 +0000

Tainted data reached a dangerous prototype key write.

Generated by OWASP PTK IAST Module

Tainted data compiled as AngularJS template

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Tainted data passed to AngularJS $parse

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Tainted network destination URL

Mon, 01 Jan 0001 00:00:00 +0000

Detects client-side request destinations for beacon, EventSource, and Axios that can be influenced by attacker-controlled input.

Generated by OWASP PTK SAST Module

Tainted string executed via setInterval

Mon, 01 Jan 0001 00:00:00 +0000

Tainted string passed as the first argument to setInterval(), leading to repeated code execution.

Generated by OWASP PTK IAST Module

Tainted string executed via setTimeout

Mon, 01 Jan 0001 00:00:00 +0000

Tainted string passed as the first argument to setTimeout(), leading to code execution.

Generated by OWASP PTK IAST Module

Tainted URL assigned to element.href

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL assigned to an element href attribute.

Generated by OWASP PTK IAST Module

Tainted URL assigned to element.src

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL assigned to a non-script/iframe/src element src attribute.

Generated by OWASP PTK IAST Module

Tainted URL assigned to form action

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL assigned to a form action attribute.

Generated by OWASP PTK IAST Module

Tainted URL assigned to formAction

Mon, 01 Jan 0001 00:00:00 +0000

Tainted URL assigned to a formAction attribute.

Generated by OWASP PTK IAST Module

Tainted worker or script loader URL

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic script, worker, and service-worker loader endpoints that can be influenced by attacker-controlled client-side data.

Generated by OWASP PTK SAST Module

Template injection (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic client-side template compilation/rendering where attacker-controlled templates or outputs are injected into the DOM.

Generated by OWASP PTK SAST Module

Template output injected into DOM

Mon, 01 Jan 0001 00:00:00 +0000

Detects dynamic client-side template compilation/rendering where attacker-controlled templates or outputs are injected into the DOM.

Generated by OWASP PTK SAST Module

template.innerHTML with dynamic content

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Untrusted DOM data into createHTMLDocument

Mon, 01 Jan 0001 00:00:00 +0000

Detects untrusted DOM data being written into form metadata (formAction/target/method/value/placeholder), inline style surfaces (style/cssText/background*), document.title, history state, or createHTMLDocument — mutations that influence UI/navigation state without covering classic href/src/action sinks already handled elsewhere.

Generated by OWASP PTK SAST Module

Untrusted DOM data into navigation-adjacent sinks

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Untrusted DOM data into UI mutation sinks

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK SAST Module

Web Message Injection (taint flow)

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

Webpack dev-server / hot reload artifacts

Mon, 01 Jan 0001 00:00:00 +0000

Detects source map references and common debug artifacts in observed HTML/JS responses. These are high-value recon leads for code disclosure and hidden endpoints.

Generated by OWASP PTK DAST Module

Wildcard reply from message handler

Mon, 01 Jan 0001 00:00:00 +0000

Detects unsafe postMessage usage and message event handling issues (missing origin validation, wildcard targetOrigin, tainted data flowing into DOM/code sinks).

Generated by OWASP PTK SAST Module

window.open redirect from tainted source

Mon, 01 Jan 0001 00:00:00 +0000

Tainted value passed to window.open.

Generated by OWASP PTK IAST Module

ws:// from HTTPS context

Mon, 01 Jan 0001 00:00:00 +0000

Looks for common WebSocket endpoints and insecure patterns such as ws:// from HTTPS pages.

Generated by OWASP PTK DAST Module

X-Powered-By header or equivalent present

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

X-XSS-Protection header is a legacy directive

Mon, 01 Jan 0001 00:00:00 +0000

Generated by OWASP PTK DAST Module

XSS - attribute context img onerror

Mon, 01 Jan 0001 00:00:00 +0000

Reflected Cross-site Scripting (XSS) is another name for non-persistent XSS, where the attack doesn’t load with the vulnerable web application but is originated by the victim loading the offending URI. In this article we will see some ways to test a web application for this kind of vulnerability.

XSS - attribute-name event injection

Mon, 01 Jan 0001 00:00:00 +0000

XSS - double-quoted attribute event injection

Mon, 01 Jan 0001 00:00:00 +0000

XSS - Img onerror

Mon, 01 Jan 0001 00:00:00 +0000

XSS - Img onerror

Mon, 01 Jan 0001 00:00:00 +0000

XSS - JS block comment break-out

Mon, 01 Jan 0001 00:00:00 +0000

XSS - JS expression replacement

Mon, 01 Jan 0001 00:00:00 +0000

XSS - JS single-quoted string break-out

Mon, 01 Jan 0001 00:00:00 +0000

XSS - JS slash/regex literal break-out

Mon, 01 Jan 0001 00:00:00 +0000

XSS - JS string break-out

Mon, 01 Jan 0001 00:00:00 +0000

XSS - JS template literal break-out

Mon, 01 Jan 0001 00:00:00 +0000

XSS - Script tag after noscript tag

Mon, 01 Jan 0001 00:00:00 +0000

XSS - single-quoted attribute event injection

Mon, 01 Jan 0001 00:00:00 +0000

XSS - SVG onload polyglot

Mon, 01 Jan 0001 00:00:00 +0000

XSS - Svg tag with animation event

Mon, 01 Jan 0001 00:00:00 +0000

XSS - tag-name SVG onload injection

Mon, 01 Jan 0001 00:00:00 +0000