EasyAudit WEB and NET services cover all the 26 WASC Threat Classification Version 2 Classes.

  1. Attacks
    1. Abuse of Functionality
    2. Brute Force
    3. Buffer Overflow
    4. Content Spoofing
    5. Credential/Session Prediction
    6. Cross-Site Scripting
    7. Cross-Site Request Forgery
    8. Denial of Service
    9. Fingerprinting
    10. Format String
    11. HTTP Response Smuggling
    12. HTTP Response Splitting
    13. HTTP Request Smuggling
    14. HTTP Request Splitting
    15. Integer Overflows
    16. LDAP Injection
    17. Mail Command Injection
    18. Null Byte Injection
    19. OS Commanding
    20. Path Traversal
    21. Predictable Resource Location
    22. Remote File Inclusion (RFI)
    23. Routing Detour
    24. Session Fixation
    25. SOAP Array Abuse
    26. SSI Injection
    27. SQL Injection
    28. URL Redirector Abuse
    29. XPath Injection
    30. XML Attribute Blowup
    31. XML External Entities
    32. XML Entity Expansion
    33. XML Injection
    34. XQuery Injection
  2. Weaknesses
    1. Application Misconfiguration
    2. Directory Indexing
    3. Improper Filesystem Permissions
    4. Improper Input Handling
    5. Improper Output Handling
    6. Information Leakage
    7. Insecure Indexing
    8. Insufficient Anti-automation
    9. Insufficient Authentication
    10. Insufficient Authorization
    11. Insufficient Password Recovery
    12. Insufficient Process Validation
    13. Insufficient Session Expiration
    14. Insufficient Transport Layer Protection
    15. Server Misconfiguration