TOC & Recently Viewed

Recently Viewed Topics

Plugin Information

Plugin Families Web Application Scanning includes the following new plugin families for categorization of web plugins:

Plugin Family


Authentication & Session

Plugins related to authentication and session issues.

Code Execution

Plugins allowing code to be executed on the server and/or the application.

Cross Site Request Forgery

XSRF issues.

Cross Site Scripting

All types of XSS issues.

Data Exposure

Plugins allowing sensitive or relevant information to be collected.

File Inclusion

File can be uploaded using plugins of this family.


Plugins used to provide general information.


Any type of injection (e.g., SQL, noSQL, and Code).

Web Applications

Information and detection collected on the web application.

Web Servers

Information and detection collected on the web server running the web application.

Plugin IDs Web Application Scanning uses the plugin range 98000-98999. See Web Application Scanning Plugin Families for a complete list of the plugins available with Web Application Scanning.

Copyright © 2019 Tenable, Inc. All rights reserved. Tenable,, Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.., Lumin, Assure, and the Cyber Exposure Company are trademarks of Tenable, Inc. All other products or services are trademarks of their respective owners.