API security testing vulnerability checks
- Tier: Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
API security testing provides vulnerability checks that are used to scan for vulnerabilities in the API under test.
Passive checks
| Check | Severity | Type | Profiles |
|---|---|---|---|
| Application information check | Medium | Passive | Passive, Passive-Quick, Active-Quick, Active-Full, Quick, Full |
| Cleartext authentication check | High | Passive | Passive, Passive-Quick, Active-Quick, Active-Full, Quick, Full |
| JSON hijacking | Medium | Passive | Passive, Passive-Quick, Active-Quick, Active-Full, Quick, Full |
| Sensitive information | High | Passive | Passive, Passive-Quick, Active-Quick, Active-Full, Quick, Full |
| Session cookie | Medium | Passive | Passive, Passive-Quick, Active-Quick, Active-Full, Quick, Full |
Active checks
| Check | Severity | Type | Profiles |
|---|---|---|---|
| CORS | Medium | Active | Active-Full, Full |
| DNS rebinding | Medium | Active | Active-Full, Full |
| Framework debug mode | High | Active | Active-Quick, Active-Full, Quick, Full |
| Heartbleed OpenSSL vulnerability | High | Active | Active-Full, Full |
| HTML injection check | Medium | Active | Active-Quick, Active-Full, Quick, Full |
| Insecure HTTP methods | Medium | Active | Active-Quick, Active-Full, Quick, Full |
| JSON injection | Medium | Active | Active-Quick, Active-Full, Quick, Full |
| Open redirect | Medium | Active | Active-Full, Full |
| OS command injection | High | Active | Active-Quick, Active-Full, Quick, Full |
| Path traversal | High | Active | Active-Full, Full |
| Sensitive file | Medium | Active | Active-Full, Full |
| Shellshock | High | Active | Active-Full, Full |
| SQL injection | High | Active | Active-Quick, Active-Full, Quick, Full |
| TLS configuration | High | Active | Active-Full, Full |
| Authentication token | High | Active | Active-Quick, Active-Full, Quick, Full |
| XML external entity | High | Active | Active-Full, Full |
| XML injection | Medium | Active | Active-Quick, Active-Full, Quick, Full |
API security testing checks by profile
Passive-Quick
- Application information check
- Cleartext authentication check
- JSON hijacking
- Sensitive information
- Session cookie
Active-Quick
- Application information check
- Cleartext authentication check
- Framework debug mode
- HTML injection check
- Insecure HTTP methods
- JSON hijacking
- JSON injection
- OS command injection
- Sensitive information
- Session cookie
- SQL injection
- Authentication token
- XML injection
Active-Full
- Application information check
- Cleartext authentication check
- CORS
- DNS rebinding
- Framework debug mode
- Heartbleed OpenSSL vulnerability
- HTML injection check
- Insecure HTTP methods
- JSON hijacking
- JSON injection
- Open redirect
- OS command injection
- Path traversal
- Sensitive file
- Sensitive information
- Session cookie
- Shellshock
- SQL injection
- TLS configuration
- Authentication token
- XML injection
- XML external entity
Quick
- Application information check
- Cleartext authentication check
- Framework debug mode
- HTML injection check
- Insecure HTTP methods
- JSON hijacking
- JSON injection
- OS command injection
- Sensitive information
- Session cookie
- SQL injection
- Authentication token
- XML injection
Full
- Application information check
- Cleartext authentication check
- CORS
- DNS rebinding
- Framework debug mode
- Heartbleed OpenSSL vulnerability
- HTML injection check
- Insecure HTTP methods
- JSON hijacking
- JSON injection
- Open redirect
- OS command injection
- Path traversal
- Sensitive file
- Sensitive information
- Session cookie
- Shellshock
- SQL injection
- TLS configuration
- Authentication token
- XML injection
- XML external entity