TOC & Recently Viewed

Recently Viewed Topics

Plugin Information

Plugin Families

Tenable.io Web Application Scanning includes the following new plugin families for categorization of web plugins:

Plugin Family

Description

Authentication & Session

Plugins related to authentication and session issues.

Code Execution

Plugins allowing code to be executed on the server and/or the application.

Cross Site Scripting

All types of XSS issues.

Cross Site Request Forgery

XSRF issues.

Data Exposure

Plugins allowing sensitive or relevant information to be collected.

File Inclusion

File can be uploaded using plugins of this family.

General

Plugins used to provide general information.

Injection

Any type of injection (e.g., SQL, noSQL, and Code).

Web Applications

Information and detection collected on the web application.

Web Servers

Information and detection collected on the web server running the web application.

Plugin IDs

The plugin range used by Tenable.io Web Application Scanning is 98000-98999. The following table lists the available plugins for use with Web Application scans.

Plugin ID

Plugin Name

Plugin Family

98000

"Scan Information" Detection

General

98009

"Web Application Sitemap" Detection

General

98047

"Allowed HTTP methods" Detection

Web Applications

98048

"HTTP TRACE" Detection

Web Servers

98050

"Interesting response" Detection

Web Applications

98054

"Unvalidated redirect" Detection

Web Applications

98056

"Missing 'Strict-Transport-Security' header" Detection

Web Applications

98057

"Insecure 'Access-Control-Allow-Origin' header" Detection

Web Applications

98060

"Missing 'X-Frame-Options' header" Detection

Web Applications

98062

"Cookie set for parent domain" Detection

Web Applications

98063

"HttpOnly cookie" Detection

Web Applications

98064

"Insecure cookie" Detection

Web Applications

98065

"Insecure client-access policy" Detection

Web Applications

98067

"Insecure cross-domain policy (allow-access-from)" Detection

Web Applications

98068

Insecure cross-domain policy

Web Applications

98070

"Common administration interface" Detection

Web Applications

98071

"Common sensitive file" Detection

Web Applications

98072

"Common directory" Detection

Web Servers

98077

"Private IP address disclosure" Detection

Data Exposure

98078

"E-mail address disclosure" Detection

Data Exposure

98079

"CVS/SVN user disclosure" Detection

Data Exposure

98080

"Form-based File Upload" Detection

Web Applications

98081

"Password field with auto-complete" Detection

Authentication & Session

98082

"Unencrypted password form" Detection

Authentication & Session

98083

"CAPTCHA protected form" Detection

Web Applications

98084

"Directory listing" Detection

Web Servers

98087

"WebDAV" Detection

Web Servers

98088

"Exposed localstart.asp page" Detection

Web Applications

98091

"Mixed Resource" Detection

Web Applications

98092

"HTML object" Detection

Web Applications

98095

"Misconfiguration in LIMIT directive of .htaccess file" Detection

Web Servers

98096

"Access restriction bypass via origin spoof" Detection

Authentication & Session

98097

"A backdoor file exists on the server" Detection

Backdoors

98098

"Source code disclosure" Detection

Data Exposure

98099

"Publicly writable directory" Detection

Web Servers

98100

"Path Traversal" Detection

Web Applications

98101

"Response Splitting" Detection

Cross Site Scripting

98102

"Session fixation" Detection

Authentication & Session

98103

"Unvalidated DOM redirect" Detection

Web Applications

98104

"Cross-Site Scripting (XSS)" Detection

Cross Site Scripting

98105

"Cross-Site Scripting (XSS) in HTML Tag" Detection

Cross Site Scripting

98106

"Cross-Site Scripting (XSS) in script context" Detection

Cross Site Scripting

98107

"Cross-Site Scripting (XSS) in path" Detection

Cross Site Scripting

98108

"Cross-Site Scripting (XSS) in event tag of HTML element" Detection

Cross Site Scripting

98109

"DOM-based Cross-Site Scripting (XSS)" Detection

Cross Site Scripting

98110

"DOM-based Cross-Site Scripting (XSS) in script context" Detection

Cross Site Scripting

98112

"Cross-Site Request Forgery" Detection

Cross Site Request Forgery

98113

"XML External Entity" Detection

Injection

98114

"XPath Injection" Detection

Injection

98115

"SQL Injection" Detection

Injection

98116

"NoSQL Injection" Detection

Injection

98117

"Blind SQL Injection (differential analysis)" Detection

Injection

98118

"Blind SQL Injection (timing attack)" Detection

Injection

98119

"Blind NoSQL Injection (differential analysis)" Detection

Injection

98120

"Code injection" Detection

Code Execution

98121

"Code injection (php://input wrapper)" Detection

Code Execution

98122

"Code injection (timing attack)" Detection

Code Execution

98123

"Operating system command injection" Detection

Code Execution

98124

"Operating system command injection (timing attack)" Detection

Code Execution

98125

"File Inclusion" Detection

File Inclusion

98126

"Remote File Inclusion" Detection

File Inclusion

98127

"LDAP Injection" Detection

Injection

Copyright 2017 Tenable, Inc. All rights reserved. Tenable Network Security, Nessus, SecurityCenter, SecurityCenter Continuous View and Log Correlation Engine are registered trademarks of Tenable, Inc.  Tenable, Tenable.io, Assure, and The Cyber Exposure Company are trademarks of Tenable, Inc.  All other products or services are trademarks of their respective owners.