Vulnerability Scanning Modules - Trickest Platform Documentation

Vulnerability Scanning

Analyze JavaScript Code

Inputs

urls

Outputs

endpointscodepath-wordlistparameter-wordlistfindings

Identify vulnerabilities, collect useful data, and prepare JavaScript code for manual review

mhmdiaa-trickest2024-11-07

Vulnerability Scanning

Scan for Misconfigured Software

Inputs

urlsheaderrate-limitheader-file

Outputs

findings

Scan for web misconfigurations that can expose sensitive functionality

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan for Outdated Software

Inputs

urlsheaderrate-limitheader-file

Outputs

findings

Scan for outdated software with known publicly exploitable vulnerabilities from the CVE and CNVD databases

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan for Sensitive Files

Inputs

urlsheaderrate-limitheader-file

Outputs

findings

Scan for exposed sensitive files that may leak sensitive information

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan for Exposed Admin Panels

Inputs

urlsheaderrate-limitheader-file

Outputs

findings

Scan for web administrative panels that may provide an entry point to an asset, and check them for default credentials

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan for Exposed Backups

Inputs

urlsheaderrate-limitheader-file

Outputs

findings

Scan for exposed backup files that may leak sensitive information

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan for Exposed Secrets

Inputs

urlsheaderrate-limitheader-file

Outputs

findings

Scan HTTP responses for exposed tokens, credentials, and other sensitive information

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan for Technology-Specific Vulnerabilities

Inputs

headerheader-fileweb-technologies

Outputs

findingsweb-technologies

Scan the identified technologies on your attack surface using tailored checks and methodologies for each

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Fuzz Web Applications for Vulnerabilities

Inputs

urlsheaderin-scoperate-limitheader-fileout-of-scope

Outputs

findings

Scan for vulnerabilities in web applications actively by crawling the app and fuzzing inputs

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan Network Services for Misconfigurations

Inputs

rate-limitport-details

Outputs

findings

Scan for network service misconfigurations that range from disclosing information and exposing sensitive functionality to enabling complete

mhmdiaa-trickest2024-08-12

Vulnerability Scanning

Scan Network Services for Weak Credentials

Inputs

rate-limitftp-password-wordlistftp-username-wordlistssh-password-wordlistssh-username-wordlistmssql-password-wordlistmssql-username-wordlistmysql-password-wordlistmysql-username-wordlistnetwork-service-detailspostgresql-password-wordlistpostgresql-username-wordlist

Outputs

findings

Scan the identified network services on your attack surface for weak credentials

mhmdiaa-trickest2024-08-12

Library

Analyze JavaScript Code

Inputs

Outputs

Scan for Misconfigured Software

Inputs

Outputs

Scan for Outdated Software

Inputs

Outputs

Scan for Sensitive Files

Inputs

Outputs

Scan for Exposed Admin Panels

Inputs

Outputs

Scan for Exposed Backups

Inputs

Outputs

Scan for Exposed Secrets

Inputs

Outputs

Scan for Technology-Specific Vulnerabilities

Inputs

Outputs

Fuzz Web Applications for Vulnerabilities

Inputs

Outputs

Scan Network Services for Misconfigurations

Inputs

Outputs

Scan Network Services for Weak Credentials

Inputs

Outputs