DAST browser-based crawler vulnerability checks
Tier: Ultimate
Offering: GitLab.com, Self-managed, GitLab Dedicated
The DAST browser-based crawler provides vulnerability checks that are used to scan for vulnerabilities in the site under test.
Passive Checks
ID | Check | Severity | Type |
---|---|---|---|
1004.1 | Sensitive cookie without HttpOnly attribute | Low | Passive |
16.1 | Missing Content-Type header | Low | Passive |
16.10 | Content-Security-Policy violations | Info | Passive |
16.2 | Server header exposes version information | Low | Passive |
16.3 | X-Powered-By header exposes version information | Low | Passive |
16.4 | X-Backend-Server header exposes server information | Info | Passive |
16.5 | AspNet header exposes version information | Low | Passive |
16.6 | AspNetMvc header exposes version information | Low | Passive |
16.7 | Strict-Transport-Security header missing or invalid | Low | Passive |
16.8 | Content-Security-Policy analysis | Info | Passive |
16.9 | Content-Security-Policy-Report-Only analysis | Info | Passive |
200.1 | Exposure of sensitive information to an unauthorized actor (private IP address) | Low | Passive |
209.1 | Generation of error message containing sensitive information | Low | Passive |
209.2 | Generation of database error message containing sensitive information | Low | Passive |
287.1 | Insecure authentication over HTTP (Basic Authentication) | Medium | Passive |
287.2 | Insecure authentication over HTTP (Digest Authentication) | Low | Passive |
319.1 | Mixed Content | Info | Passive |
352.1 | Absence of anti-CSRF tokens | Medium | Passive |
359.1 | Exposure of Private Personal Information (PII) to an unauthorized actor (credit card) | Medium | Passive |
359.2 | Exposure of Private Personal Information (PII) to an unauthorized actor (United States social security number) | Medium | Passive |
548.1 | Exposure of information through directory listing | Low | Passive |
598.1 | Use of GET request method with sensitive query strings (session ID) | Medium | Passive |
598.2 | Use of GET request method with sensitive query strings (password) | Medium | Passive |
598.3 | Use of GET request method with sensitive query strings (Authorization header details) | Medium | Passive |
601.1 | URL redirection to untrusted site (‘open redirect’) | Low | Passive |
614.1 | Sensitive cookie without Secure attribute | Low | Passive |
693.1 | Missing X-Content-Type-Options: nosniff | Low | Passive |
798.1 | Exposure of confidential secret or token Adafruit API Key | High | Passive |
798.2 | Exposure of confidential secret or token Adobe Client ID (OAuth Web) | High | Passive |
798.3 | Exposure of confidential secret or token Adobe Client Secret | High | Passive |
798.4 | Exposure of confidential secret or token Age secret key | High | Passive |
798.5 | Exposure of confidential secret or token Airtable API Key | High | Passive |
798.6 | Exposure of confidential secret or token Algolia API Key | High | Passive |
798.7 | Exposure of confidential secret or token Alibaba AccessKey ID | High | Passive |
798.8 | Exposure of confidential secret or token Alibaba Secret Key | High | Passive |
798.9 | Exposure of confidential secret or token Asana Client ID | High | Passive |
798.10 | Exposure of confidential secret or token Asana Client Secret | High | Passive |
798.11 | Exposure of confidential secret or token Atlassian API token | High | Passive |
798.12 | Exposure of confidential secret or token AWS | High | Passive |
798.13 | Exposure of confidential secret or token Bitbucket Client ID | High | Passive |
798.14 | Exposure of confidential secret or token Bitbucket Client Secret | High | Passive |
798.15 | Exposure of confidential secret or token Bittrex Access Key | High | Passive |
798.16 | Exposure of confidential secret or token Bittrex Secret Key | High | Passive |
798.17 | Exposure of confidential secret or token Beamer API token | High | Passive |
798.18 | Exposure of confidential secret or token Codecov Access Token | High | Passive |
798.19 | Exposure of confidential secret or token Coinbase Access Token | High | Passive |
798.20 | Exposure of confidential secret or token Clojars API token | High | Passive |
798.21 | Exposure of confidential secret or token Confluent Access Token | High | Passive |
798.22 | Exposure of confidential secret or token Confluent Secret Key | High | Passive |
798.23 | Exposure of confidential secret or token Contentful delivery API token | High | Passive |
798.24 | Exposure of confidential secret or token Databricks API token | High | Passive |
798.25 | Exposure of confidential secret or token Datadog Access Token | High | Passive |
798.26 | Exposure of confidential secret or token Discord API key | High | Passive |
798.27 | Exposure of confidential secret or token Discord client ID | High | Passive |
798.28 | Exposure of confidential secret or token Discord client secret | High | Passive |
798.29 | Exposure of confidential secret or token Doppler API token | High | Passive |
798.30 | Exposure of confidential secret or token Dropbox API secret | High | Passive |
798.31 | Exposure of confidential secret or token Dropbox long lived API token | High | Passive |
798.32 | Exposure of confidential secret or token Dropbox short lived API token | High | Passive |
798.33 | Exposure of confidential secret or token Drone CI Access Token | High | Passive |
798.34 | Exposure of confidential secret or token Duffel API token | High | Passive |
798.35 | Exposure of confidential secret or token Dynatrace API token | High | Passive |
798.36 | Exposure of confidential secret or token EasyPost API token | High | Passive |
798.37 | Exposure of confidential secret or token EasyPost test API token | High | Passive |
798.38 | Exposure of confidential secret or token Etsy Access Token | High | Passive |
798.39 | Exposure of confidential secret or token Facebook | High | Passive |
798.40 | Exposure of confidential secret or token Fastly API key | High | Passive |
798.41 | Exposure of confidential secret or token Finicity Client Secret | High | Passive |
798.42 | Exposure of confidential secret or token Finicity API token | High | Passive |
798.43 | Exposure of confidential secret or token Flickr Access Token | High | Passive |
798.44 | Exposure of confidential secret or token Finnhub Access Token | High | Passive |
798.46 | Exposure of confidential secret or token Flutterwave Secret Key | High | Passive |
798.47 | Exposure of confidential secret or token Flutterwave Encryption Key | High | Passive |
798.48 | Exposure of confidential secret or token Frame.io API token | High | Passive |
798.49 | Exposure of confidential secret or token FreshBooks Access Token | High | Passive |
798.50 | Exposure of confidential secret or token GoCardless API token | High | Passive |
798.52 | Exposure of confidential secret or token GitHub personal access token | High | Passive |
798.53 | Exposure of confidential secret or token GitHub OAuth Access Token | High | Passive |
798.54 | Exposure of confidential secret or token GitHub App Token | High | Passive |
798.55 | Exposure of confidential secret or token GitHub Refresh Token | High | Passive |
798.56 | Exposure of confidential secret or token GitLab personal access token | High | Passive |
798.57 | Exposure of confidential secret or token Gitter Access Token | High | Passive |
798.58 | Exposure of confidential secret or token HashiCorp Terraform user/org API token | High | Passive |
798.59 | Exposure of confidential secret or token Heroku API Key | High | Passive |
798.60 | Exposure of confidential secret or token HubSpot API Token | High | Passive |
798.61 | Exposure of confidential secret or token Intercom API Token | High | Passive |
798.62 | Exposure of confidential secret or token Kraken Access Token | High | Passive |
798.63 | Exposure of confidential secret or token Kucoin Access Token | High | Passive |
798.64 | Exposure of confidential secret or token Kucoin Secret Key | High | Passive |
798.65 | Exposure of confidential secret or token LaunchDarkly Access Token | High | Passive |
798.66 | Exposure of confidential secret or token Linear API Token | High | Passive |
798.67 | Exposure of confidential secret or token Linear Client Secret | High | Passive |
798.68 | Exposure of confidential secret or token LinkedIn Client ID | High | Passive |
798.69 | Exposure of confidential secret or token LinkedIn Client secret | High | Passive |
798.70 | Exposure of confidential secret or token Lob API Key | High | Passive |
798.72 | Exposure of confidential secret or token Mailchimp API key | High | Passive |
798.74 | Exposure of confidential secret or token Mailgun private API token | High | Passive |
798.75 | Exposure of confidential secret or token Mailgun webhook signing key | High | Passive |
798.77 | Exposure of confidential secret or token Mattermost Access Token | High | Passive |
798.78 | Exposure of confidential secret or token MessageBird API token | High | Passive |
798.80 | Exposure of confidential secret or token Netlify Access Token | High | Passive |
798.81 | Exposure of confidential secret or token New Relic user API Key | High | Passive |
798.82 | Exposure of confidential secret or token New Relic user API ID | High | Passive |
798.83 | Exposure of confidential secret or token New Relic ingest browser API token | High | Passive |
798.84 | Exposure of confidential secret or token npm access token | High | Passive |
798.86 | Exposure of confidential secret or token Okta Access Token | High | Passive |
798.87 | Exposure of confidential secret or token Plaid Client ID | High | Passive |
798.88 | Exposure of confidential secret or token Plaid Secret key | High | Passive |
798.89 | Exposure of confidential secret or token Plaid API Token | High | Passive |
798.90 | Exposure of confidential secret or token PlanetScale password | High | Passive |
798.91 | Exposure of confidential secret or token PlanetScale API token | High | Passive |
798.92 | Exposure of confidential secret or token PlanetScale OAuth token | High | Passive |
798.93 | Exposure of confidential secret or token Postman API token | High | Passive |
798.94 | Exposure of confidential secret or token Private Key | High | Passive |
798.95 | Exposure of confidential secret or token Pulumi API token | High | Passive |
798.96 | Exposure of confidential secret or token PyPI upload token | High | Passive |
798.97 | Exposure of confidential secret or token RubyGems API token | High | Passive |
798.98 | Exposure of confidential secret or token RapidAPI Access Token | High | Passive |
798.99 | Exposure of confidential secret or token Sendbird Access ID | High | Passive |
798.100 | Exposure of confidential secret or token Sendbird Access Token | High | Passive |
798.101 | Exposure of confidential secret or token SendGrid API token | High | Passive |
798.102 | Exposure of confidential secret or token Sendinblue API token | High | Passive |
798.103 | Exposure of confidential secret or token Sentry Access Token | High | Passive |
798.104 | Exposure of confidential secret or token Shippo API token | High | Passive |
798.105 | Exposure of confidential secret or token Shopify access token | High | Passive |
798.106 | Exposure of confidential secret or token Shopify custom access token | High | Passive |
798.107 | Exposure of confidential secret or token Shopify private app access token | High | Passive |
798.108 | Exposure of confidential secret or token Shopify shared secret | High | Passive |
798.109 | Exposure of confidential secret or token Slack token | High | Passive |
798.110 | Exposure of confidential secret or token Slack Webhook | High | Passive |
798.111 | Exposure of confidential secret or token Stripe | High | Passive |
798.112 | Exposure of confidential secret or token Square Access Token | High | Passive |
798.113 | Exposure of confidential secret or token Squarespace Access Token | High | Passive |
798.114 | Exposure of confidential secret or token SumoLogic Access ID | High | Passive |
798.115 | Exposure of confidential secret or token SumoLogic Access Token | High | Passive |
798.116 | Exposure of confidential secret or token Travis CI Access Token | High | Passive |
798.117 | Exposure of confidential secret or token Twilio API Key | High | Passive |
798.118 | Exposure of confidential secret or token Twitch API token | High | Passive |
798.119 | Exposure of confidential secret or token Twitter API Key | High | Passive |
798.120 | Exposure of confidential secret or token Twitter API Secret | High | Passive |
798.121 | Exposure of confidential secret or token Twitter Access Token | High | Passive |
798.122 | Exposure of confidential secret or token Twitter Access Secret | High | Passive |
798.123 | Exposure of confidential secret or token Twitter Bearer Token | High | Passive |
798.124 | Exposure of confidential secret or token Typeform API token | High | Passive |
798.125 | Exposure of confidential secret or token Yandex API Key | High | Passive |
798.126 | Exposure of confidential secret or token Yandex AWS Access Token | High | Passive |
798.127 | Exposure of confidential secret or token Yandex Access Token | High | Passive |
798.128 | Exposure of confidential secret or token Zendesk Secret Key | High | Passive |
829.1 | Inclusion of Functionality from Untrusted Control Sphere | Low | Passive |
829.2 | Invalid Sub-Resource Integrity values detected | Medium | Passive |
Active Checks
ID | Check | Severity | Type |
---|---|---|---|
113.1 | Improper Neutralization of CRLF Sequences in HTTP Headers | High | Active |
1336.1 | Server-Side Template Injection | High | Active |
16.11 | TRACE HTTP method enabled | High | Active |
22.1 | Improper limitation of a pathname to a restricted directory (Path traversal) | High | Active |
611.1 | External XML Entity Injection (XXE) | High | Active |
74.1 | XSLT Injection | High | Active |
78.1 | OS Command Injection | High | Active |
89.1 | SQL Injection | High | Active |
917.1 | Expression Language Injection | High | Active |
918.1 | Server-Side Request Forgery | High | Active |
94.1 | Server-side code injection (PHP) | High | Active |
94.2 | Server-side code injection (Ruby) | High | Active |
94.3 | Server-side code injection (Python) | High | Active |
94.4 | Server-side code injection (NodeJS) | High | Active |
943.1 | Improper neutralization of special elements in data query logic | High | Active |
98.1 | PHP Remote File Inclusion | High | Active |