Changes
- Upgrade browserker to version
0.0.89(!624) - Enable
209.2passive check browserker!684 - Update
829.1to only match requests that are http(s) and in scope browserker!689 - Update
359.1to only match requests that are http(s) and in scope browserker!690 - Update
359.2to only match requests that are http(s) and in scope browserker!691 - Upgrade vulnerability checks to version
1.0.28browserker!694- Update
209.2uniqueness template to request method and request path dast-cwe-checks!134
- Update
- Upgrade vulnerability checks to version
1.0.29browserker!694- Remove all
798checks dast-cwe-checks!136 - Add
798.1Exposure of confidential secret or token Adafruit API Key dast-cwe-checks!136 - Add
798.2Exposure of confidential secret or token Adobe Client ID (Oauth Web) dast-cwe-checks!136 - Add
798.3Exposure of confidential secret or token Adobe Client Secret dast-cwe-checks!136 - Add
798.4Exposure of confidential secret or token Age secret key dast-cwe-checks!136 - Add
798.5Exposure of confidential secret or token Airtable API Key dast-cwe-checks!136 - Add
798.6Exposure of confidential secret or token Algolia API Key dast-cwe-checks!136 - Add
798.7Exposure of confidential secret or token Alibaba AccessKey ID dast-cwe-checks!136 - Add
798.8Exposure of confidential secret or token Alibaba Secret Key dast-cwe-checks!136 - Add
798.9Exposure of confidential secret or token Asana Client ID dast-cwe-checks!136 - Add
798.10Exposure of confidential secret or token Asana Client Secret dast-cwe-checks!136 - Add
798.11Exposure of confidential secret or token Atlassian API token dast-cwe-checks!136 - Add
798.12Exposure of confidential secret or token AWS dast-cwe-checks!136 - Add
798.13Exposure of confidential secret or token BitBucket Client ID dast-cwe-checks!136 - Add
798.14Exposure of confidential secret or token BitBucket Client Secret dast-cwe-checks!136 - Add
798.15Exposure of confidential secret or token Bittrex Access Key dast-cwe-checks!136 - Add
798.16Exposure of confidential secret or token Bittrex Secret Key dast-cwe-checks!136 - Add
798.17Exposure of confidential secret or token Beamer API token dast-cwe-checks!136 - Add
798.18Exposure of confidential secret or token Codecov Access Token dast-cwe-checks!136 - Add
798.19Exposure of confidential secret or token Coinbase Access Token dast-cwe-checks!136 - Add
798.20Exposure of confidential secret or token Clojars API token dast-cwe-checks!136 - Add
798.21Exposure of confidential secret or token Confluent Access Token dast-cwe-checks!136 - Add
798.22Exposure of confidential secret or token Confluent Secret Key dast-cwe-checks!136 - Add
798.23Exposure of confidential secret or token Contentful delivery API token dast-cwe-checks!136 - Add
798.24Exposure of confidential secret or token Databricks API token dast-cwe-checks!136 - Add
798.25Exposure of confidential secret or token Datadog Access Token dast-cwe-checks!136 - Add
798.26Exposure of confidential secret or token Discord API key dast-cwe-checks!136 - Add
798.27Exposure of confidential secret or token Discord client ID dast-cwe-checks!136 - Add
798.28Exposure of confidential secret or token Discord client secret dast-cwe-checks!136 - Add
798.29Exposure of confidential secret or token Doppler API token dast-cwe-checks!136 - Add
798.30Exposure of confidential secret or token Dropbox API secret dast-cwe-checks!136 - Add
798.31Exposure of confidential secret or token Dropbox long lived API token dast-cwe-checks!136 - Add
798.32Exposure of confidential secret or token Dropbox short lived API token dast-cwe-checks!136 - Add
798.33Exposure of confidential secret or token Droneci Access Token dast-cwe-checks!136 - Add
798.34Exposure of confidential secret or token Duffel API token dast-cwe-checks!136 - Add
798.35Exposure of confidential secret or token Dynatrace API token dast-cwe-checks!136 - Add
798.36Exposure of confidential secret or token EasyPost API token dast-cwe-checks!136 - Add
798.37Exposure of confidential secret or token EasyPost test API token dast-cwe-checks!136 - Add
798.38Exposure of confidential secret or token Etsy Access Token dast-cwe-checks!136 - Add
798.39Exposure of confidential secret or token facebook dast-cwe-checks!136 - Add
798.40Exposure of confidential secret or token Fastly API key dast-cwe-checks!136 - Add
798.41Exposure of confidential secret or token Finicity Client Secret dast-cwe-checks!136 - Add
798.42Exposure of confidential secret or token Finicity API token dast-cwe-checks!136 - Add
798.43Exposure of confidential secret or token Flickr Access Token dast-cwe-checks!136 - Add
798.44Exposure of confidential secret or token Finnhub Access Token dast-cwe-checks!136 - Add
798.45Exposure of confidential secret or token Finicity Public Key dast-cwe-checks!136 - Add
798.46Exposure of confidential secret or token Flutterwave Secret Key dast-cwe-checks!136 - Add
798.47Exposure of confidential secret or token Flutterwave Encryption Key dast-cwe-checks!136 - Add
798.48Exposure of confidential secret or token Frame.io API token dast-cwe-checks!136 - Add
798.49Exposure of confidential secret or token Freshbooks Access Token dast-cwe-checks!136 - Add
798.50Exposure of confidential secret or token GoCardless API token dast-cwe-checks!136 - Add
798.51Exposure of confidential secret or token GCP API key dast-cwe-checks!136 - Add
798.52Exposure of confidential secret or token GitHub Personal Access Token dast-cwe-checks!136 - Add
798.53Exposure of confidential secret or token GitHub OAuth Access Token dast-cwe-checks!136 - Add
798.54Exposure of confidential secret or token GitHub App Token dast-cwe-checks!136 - Add
798.55Exposure of confidential secret or token GitHub Refresh Token dast-cwe-checks!136 - Add
798.56Exposure of confidential secret or token Gitlab Personal Access Token dast-cwe-checks!136 - Add
798.57Exposure of confidential secret or token Gitter Access Token dast-cwe-checks!136 - Add
798.58Exposure of confidential secret or token HashiCorp Terraform user/org API token dast-cwe-checks!136 - Add
798.59Exposure of confidential secret or token Heroku API Key dast-cwe-checks!136 - Add
798.60Exposure of confidential secret or token HubSpot API Token dast-cwe-checks!136 - Add
798.61Exposure of confidential secret or token Intercom API Token dast-cwe-checks!136 - Add
798.62Exposure of confidential secret or token Kraken Access Token dast-cwe-checks!136 - Add
798.63Exposure of confidential secret or token Kucoin Access Token dast-cwe-checks!136 - Add
798.64Exposure of confidential secret or token Kucoin Secret Key dast-cwe-checks!136 - Add
798.65Exposure of confidential secret or token Launchdarkly Access Token dast-cwe-checks!136 - Add
798.66Exposure of confidential secret or token Linear API Token dast-cwe-checks!136 - Add
798.67Exposure of confidential secret or token Linear Client Secret dast-cwe-checks!136 - Add
798.68Exposure of confidential secret or token LinkedIn Client ID dast-cwe-checks!136 - Add
798.69Exposure of confidential secret or token LinkedIn Client secret dast-cwe-checks!136 - Add
798.70Exposure of confidential secret or token Lob API Key dast-cwe-checks!136 - Add
798.71Exposure of confidential secret or token Lob Publishable API Key dast-cwe-checks!136 - Add
798.72Exposure of confidential secret or token Mailchimp API key dast-cwe-checks!136 - Add
798.73Exposure of confidential secret or token Mailgun public validation key dast-cwe-checks!136 - Add
798.74Exposure of confidential secret or token Mailgun private API token dast-cwe-checks!136 - Add
798.75Exposure of confidential secret or token Mailgun webhook signing key dast-cwe-checks!136 - Add
798.76Exposure of confidential secret or token MapBox API token dast-cwe-checks!136 - Add
798.77Exposure of confidential secret or token Mattermost Access Token dast-cwe-checks!136 - Add
798.78Exposure of confidential secret or token MessageBird API token dast-cwe-checks!136 - Add
798.79Exposure of confidential secret or token MessageBird client ID dast-cwe-checks!136 - Add
798.80Exposure of confidential secret or token Netlify Access Token dast-cwe-checks!136 - Add
798.81Exposure of confidential secret or token New Relic user API Key dast-cwe-checks!136 - Add
798.82Exposure of confidential secret or token New Relic user API ID dast-cwe-checks!136 - Add
798.83Exposure of confidential secret or token New Relic ingest browser API token dast-cwe-checks!136 - Add
798.84Exposure of confidential secret or token npm access token dast-cwe-checks!136 - Add
798.85Exposure of confidential secret or token Nytimes Access Token dast-cwe-checks!136 - Add
798.86Exposure of confidential secret or token Okta Access Token dast-cwe-checks!136 - Add
798.87Exposure of confidential secret or token Plaid Client ID dast-cwe-checks!136 - Add
798.88Exposure of confidential secret or token Plaid Secret key dast-cwe-checks!136 - Add
798.89Exposure of confidential secret or token Plaid API Token dast-cwe-checks!136 - Add
798.90Exposure of confidential secret or token PlanetScale password dast-cwe-checks!136 - Add
798.91Exposure of confidential secret or token PlanetScale API token dast-cwe-checks!136 - Add
798.92Exposure of confidential secret or token PlanetScale OAuth token dast-cwe-checks!136 - Add
798.93Exposure of confidential secret or token Postman API token dast-cwe-checks!136 - Add
798.94Exposure of confidential secret or token Private Key dast-cwe-checks!136 - Add
798.95Exposure of confidential secret or token Pulumi API token dast-cwe-checks!136 - Add
798.96Exposure of confidential secret or token PyPI upload token dast-cwe-checks!136 - Add
798.97Exposure of confidential secret or token Rubygem API token dast-cwe-checks!136 - Add
798.98Exposure of confidential secret or token RapidAPI Access Token dast-cwe-checks!136 - Add
798.99Exposure of confidential secret or token Sendbird Access ID dast-cwe-checks!136 - Add
798.100Exposure of confidential secret or token Sendbird Access Token dast-cwe-checks!136 - Add
798.101Exposure of confidential secret or token SendGrid API token dast-cwe-checks!136 - Add
798.102Exposure of confidential secret or token Sendinblue API token dast-cwe-checks!136 - Add
798.103Exposure of confidential secret or token Sentry Access Token dast-cwe-checks!136 - Add
798.104Exposure of confidential secret or token Shippo API token dast-cwe-checks!136 - Add
798.105Exposure of confidential secret or token Shopify access token dast-cwe-checks!136 - Add
798.106Exposure of confidential secret or token Shopify custom access token dast-cwe-checks!136 - Add
798.107Exposure of confidential secret or token Shopify private app access token dast-cwe-checks!136 - Add
798.108Exposure of confidential secret or token Shopify shared secret dast-cwe-checks!136 - Add
798.109Exposure of confidential secret or token Slack token dast-cwe-checks!136 - Add
798.110Exposure of confidential secret or token Slack Webhook dast-cwe-checks!136 - Add
798.111Exposure of confidential secret or token Stripe dast-cwe-checks!136 - Add
798.112Exposure of confidential secret or token Square Access Token dast-cwe-checks!136 - Add
798.113Exposure of confidential secret or token Squarespace Access Token dast-cwe-checks!136 - Add
798.114Exposure of confidential secret or token SumoLogic Access ID dast-cwe-checks!136 - Add
798.115Exposure of confidential secret or token SumoLogic Access Token dast-cwe-checks!136 - Add
798.116Exposure of confidential secret or token Travis CI Access Token dast-cwe-checks!136 - Add
798.117Exposure of confidential secret or token Twilio API Key dast-cwe-checks!136 - Add
798.118Exposure of confidential secret or token Twitch API token dast-cwe-checks!136 - Add
798.119Exposure of confidential secret or token Twitter API Key dast-cwe-checks!136 - Add
798.120Exposure of confidential secret or token Twitter API Secret dast-cwe-checks!136 - Add
798.121Exposure of confidential secret or token Twitter Access Token dast-cwe-checks!136 - Add
798.122Exposure of confidential secret or token Twitter Access Secret dast-cwe-checks!136 - Add
798.123Exposure of confidential secret or token Twitter Bearer Token dast-cwe-checks!136 - Add
798.124Exposure of confidential secret or token Typeform API token dast-cwe-checks!136 - Add
798.125Exposure of confidential secret or token Yandex API Key dast-cwe-checks!136 - Add
798.126Exposure of confidential secret or token Yandex AWS Access Token dast-cwe-checks!136 - Add
798.127Exposure of confidential secret or token Yandex Access Token dast-cwe-checks!136 - Add
798.128Exposure of confidential secret or token Zendesk Secret Key dast-cwe-checks!136
- Remove all
- Replace ZAP rules 10023 and 90022 with 209.2 in browser based scan (!624)