Offensive 360 Knowledge base
Initializing search
Offensive 360 Knowledge base
Autoscaping
Begin End Invoke
Cors Allow Origin Wildcard
Certificate Validation Disabled
Cleartext Machine Key
Cleartext Protocols
Code Injection Using Eval Method
Collection Size Or Array Length
Command Injection
Composite Format String
Constructor Argument Value
Cross Site Request Forgery (CSRF)
Cross Site Scripting (XSS)
Destructor Throw
Dynamic Code Execution
Dynamic Render Path RCE
Empty Catch Block
Empty Finally Block
Empty Try Block Vulnerability
Event Validation Disabled
Export Interface
File Path Injection
Forms Authentication - Weak Cookie Protection
HTML Injection
HTTP Header Checking Disabled
Hardcoded Key
Hardcode Password
Hardcoded IP Address Vulnerability
IDisposable Implement
Implicit Memory Aliasing
Information Disclosure
Information Leak
Insecure Cookie Flag
Insecure Deserialization
Insecure Randomness
JSON Output
JWT Signature Validation Disabled
LDAP Injection
Ldap Secure Connection
Mass Assignment
Misconfigured Database
Misconfigured SMTP SSL
Non Async Task Null
NoSQL Injection
Open Redirect
Overwrite Collection Element
Part Creation Policy Not Export
Password Lockout Disabled
Property Accessor
Recursive Type Inheritance
Regular Expression Injection
Right Shift Not Number
SQL Injection
Safe Handle
Serialization Constructor
Serialization Event Implement
Server Side Request Forgery (SSRF)
Session Fixation
Shared Instance
Shared Object Lock
SQL Keyword Delimit
SSL Verification Disabled
Template Injection
Thread Suspend Resume
Unsafe Buffer Allocation
Unsafe HTTP Method
Unsafe runInContext
Use of document.domain
Use of document.write.md
Use of FindDOMNode and Refs
Use of msapp.execunsafelocalfunction
Use of SCE bypass
Use of Unsafe HTML
Use of unsafe innerHTML
View State Mac Disabled
Weak Cipher Mode
Weak Crypto Key Length
Weak Hashing Configuration
Weak Password Configuration
Weak SSL/TLS
Weak Symmetric Algorithm
XPath Injection
XML External Entity (XXE) Processing
404 - Not found