Help us learn about your current experience with the documentation. Take the survey.
DAST 基于浏览器的爬虫漏洞检查
- Tier: Ultimate
- Offering: GitLab.com, GitLab Self-Managed, GitLab Dedicated
DAST 基于浏览器的爬虫提供了用于扫描被测网站漏洞的检查项。
被动检查
| ID | 检查项 | 严重性 | 类型 |
|---|---|---|---|
| 1004.1 | 缺少 HttpOnly 属性的敏感 cookie | Low | Passive |
| 16.1 | 缺少 Content-Type 头 | Low | Passive |
| 16.10 | 内容安全策略 (Content-Security-Policy) 违规 | Info | Passive |
| 16.2 | Server 头暴露版本信息 | Low | Passive |
| 16.3 | X-Powered-By 头暴露版本信息 | Low | Passive |
| 16.4 | X-Backend-Server 头暴露服务器信息 | Info | Passive |
| 16.5 | AspNet 头暴露版本信息 | Low | Passive |
| 16.6 | AspNetMvc 头暴露版本信息 | Low | Passive |
| 16.7 | Strict-Transport-Security 头缺失或无效 | Low | Passive |
| 16.8 | Content-Security-Policy 分析 | Info | Passive |
| 16.9 | Content-Security-Policy-Report-Only 分析 | Info | Passive |
| 200.1 | 向未授权的参与者暴露敏感信息(私有 IP 地址) | Low | Passive |
| 209.1 | 生成包含敏感信息的错误消息 | Low | Passive |
| 209.2 | 生成包含敏感信息的数据库错误消息 | Low | Passive |
| 287.1 | 通过 HTTP 进行不安全的身份验证(基本认证) | Medium | Passive |
| 287.2 | 通过 HTTP 进行不安全的身份验证(摘要认证) | Low | Passive |
| 319.1 | 混合内容 | Info | Passive |
| 352.1 | 缺少反 CSRF 令牌 | Medium | Passive |
| 359.1 | 向未授权的参与者暴露个人身份信息(信用卡) | Medium | Passive |
| 359.2 | 向未授权的参与者暴露个人身份信息(美国社会保障号码) | Medium | Passive |
| 548.1 | 通过目录列表暴露信息 | Low | Passive |
| 598.1 | 使用 GET 请求方法处理敏感查询字符串(会话 ID) | Medium | Passive |
| 598.2 | 使用 GET 请求方法处理敏感查询字符串(密码) | Medium | Passive |
| 598.3 | 使用 GET 请求方法处理敏感查询字符串(Authorization 头详细信息) | Medium | Passive |
| 601.1 | URL 重定向到不受信任的站点(开放重定向) | Low | Passive |
| 614.1 | 缺少 Secure 属性的敏感 cookie | Low | Passive |
| 693.1 | 缺少 X-Content-Type-Options: nosniff | Low | Passive |
| 798.2 | 暴露机密 Adobe Client ID 密钥或令牌(OAuth Web) | High | Passive |
| 798.3 | 暴露机密 Adobe 客户端密钥 | High | Passive |
| 798.4 | 暴露机密 Age 密钥 | High | Passive |
| 798.7 | 暴露机密 Alibaba AccessKey ID | High | Passive |
| 798.8 | 暴露机密 Alibaba Secret Key | High | Passive |
| 798.9 | 暴露机密 Asana 客户端 ID | High | Passive |
| 798.10 | 暴露机密 Asana 客户端密钥 | High | Passive |
| 798.11 | 暴露机密 Atlassian API 令牌 | High | Passive |
| 798.12 | 暴露机密 AWS 访问令牌 | High | Passive |
| 798.13 | 暴露机密 Bitbucket 客户端 ID | High | Passive |
| 798.14 | 暴露机密 Bitbucket 客户端密钥 | High | Passive |
| 798.17 | 暴露机密 Beamer API 令牌 | High | Passive |
| 798.20 | 暴露机密 Clojars 部署令牌 | High | Passive |
| 798.23 | 暴露机密 Contentful 交付 API 令牌 | High | Passive |
| 798.24 | 暴露机密 Databricks API 令牌 | High | Passive |
| 798.26 | 暴露机密 Discord API 密钥 | High | Passive |
| 798.27 | 暴露机密 Discord 客户端 ID | High | Passive |
| 798.28 | 暴露机密 Discord 客户端密钥 | High | Passive |
| 798.29 | 暴露机密 Doppler API 令牌 | High | Passive |
| 798.30 | 暴露机密 Dropbox API 密钥/密钥 | High | Passive |
| 798.31 | 暴露机密 Dropbox 长期 API 令牌 | High | Passive |
| 798.32 | 暴露机密 Dropbox 短期 API 令牌 | High | Passive |
| 798.34 | 暴露机密 Duffel API 令牌 | High | Passive |
| 798.35 | 暴露机密 Dynatrace API 令牌 | High | Passive |
| 798.36 | 暴露机密 EasyPost 生产 API 密钥 | High | Passive |
| 798.37 | 暴露机密 EasyPost 测试 API 密钥 | High | Passive |
| 798.39 | 暴露机密 Facebook 令牌 | High | Passive |
| 798.40 | 暴露机密 Fastly API 用户或自动化令牌 | High | Passive |
| 798.41 | 暴露机密 Finicity 客户端密钥 | High | Passive |
| 798.42 | 暴露机密 Finicity API 令牌 | High | Passive |
| 798.46 | 暴露机密 Flutterwave 测试密钥 | High | Passive |
| 798.47 | 暴露机密 Flutterwave 测试加密密钥 | High | Passive |
| 798.48 | 暴露机密 Frame.io API 令牌 | High | Passive |
| 798.50 | 暴露机密 GoCardless API 令牌 | High | Passive |
| 798.52 | 暴露机密 GitHub 个人访问令牌(经典版) | High | Passive |
| 798.53 | 暴露机密 GitHub OAuth 访问令牌 | High | Passive |
| 798.54 | 暴露机密 GitHub 应用令牌 | High | Passive |
| 798.55 | 暴露机密 GitHub 刷新令牌 | High | Passive |
| 798.56 | 暴露机密 GitLab 个人访问令牌 | High | Passive |
| 798.58 | 暴露机密 HashiCorp Terraform API 令牌 | High | Passive |
| 798.59 | 暴露机密 Heroku API 密钥或应用程序授权令牌 | High | Passive |
| 798.60 | 暴露机密 HubSpot 私有应用 API 令牌 | High | Passive |
| 798.61 | 暴露机密 Intercom API 令牌 | High | Passive |
| 798.66 | 暴露机密 Linear API 令牌 | High | Passive |
| 798.67 | 暴露机密 Linear 客户端密钥或 ID(OAuth 2.0) | High | Passive |
| 798.68 | 暴露机密 LinkedIn 客户端 ID | High | Passive |
| 798.69 | 暴露机密 LinkedIn 客户端密钥 | High | Passive |
| 798.70 | 暴露机密 Lob API 密钥 | High | Passive |
| 798.72 | 暴露机密 Mailchimp API 密钥 | High | Passive |
| 798.74 | 暴露机密 Mailgun 私有 API 令牌 | High | Passive |
| 798.75 | 暴露机密 Mailhook 签名密钥 | High | Passive |
| 798.78 | 暴露机密 MessageBird 访问密钥 | High | Passive |
| 798.81 | 暴露机密 New Relic 用户 API 密钥 | High | Passive |
| 798.82 | 暴露机密 New Relic 用户 API ID | High | Passive |
| 798.83 | 暴露机密 New Reli 摄入浏览器 API 令牌 | High | Passive |
| 798.84 | 暴露机密 npm 访问令牌 | High | Passive |
| 798.90 | 暴露机密 PlanetScale 密码 | High | Passive |
| 798.91 | 暴露机密 PlanetScale API 令牌 | High | Passive |
| 798.93 | 暴露机密 Postman API 令牌 | High | Passive |
| 798.94 | 暴露机密 SSH 私有密钥 | High | Passive |
| 798.95 | 暴露机密 Pulumi API 令牌 | High | Passive |
| 798.96 | 暴露机密 PyPi 上传令牌 | High | Passive |
| 798.97 | 暴露机密 RubyGems API 令牌 | High | Passive |
| 798.101 | 暴露机密 SendGrid API 令牌 | High | Passive |
| 798.102 | 暴露机密 Brevo API 令牌 | High | Passive |
| 798.104 | 暴露机密 Shippo API 令牌 | High | Passive |
| 798.105 | 暴露机密 Shopify 个人访问令牌 | High | Passive |
| 798.106 | 暴露机密 Shopify 自定义应用访问令牌 | High | Passive |
| 798.107 | 暴露机密 Shopify 私有应用访问令牌 | High | Passive |
| 798.108 | 暴露机密 Shopify 共享密钥 | High | Passive |
| 798.109 | 暴露机密 Slack 机器人用户 OAuth 令牌 | High | Passive |
| 798.110 | 暴露机密 Slack webhook | High | Passive |
| 798.111 | 暴露机密 Stripe 生产环境密钥 | High | Passive |
| 798.117 | 暴露机密 Twilio API 密钥 | High | Passive |
| 798.118 | 暴露机密 Twitch OAuth 客户端密钥 | High | Passive |
| 798.121 | 暴露机密 X 令牌 | High | Passive |
| 798.124 | 暴露机密 Typeform 个人访问令牌 | High | Passive |
| 798.130 | 暴露机密 Anthropic API 密钥 | High | Passive |
| 798.131 | 暴露机密 CircleCI 访问令牌 | High | Passive |
| 798.132 | 暴露机密 CircleCI 个人访问令牌 | High | Passive |
| 798.133 | 暴露机密 Contentful 预览 API 令牌 | High | Passive |
| 798.134 | 暴露机密 Contentful 个人访问令牌 | High | Passive |
| 798.135 | 暴露机密 DigitalOcean OAuth 访问令牌 | High | Passive |
| 798.136 | 暴露机密 DigitalOcean 个人访问令牌 | High | Passive |
| 798.137 | 暴露机密 DigitalOcean 刷新令牌 | High | Passive |
| 798.138 | 暴露机密 GCP OAuth 客户端密钥 | High | Passive |
| 798.139 | 暴露机密 Google (GCP) 服务账户 | High | Passive |
| 798.140 | 暴露机密 GitLab 个人访问令牌(可路由) | High | Passive |
| 798.141 | 暴露机密 GitLab 个人访问令牌(可路由) | High | Passive |
| 798.142 | 暴露机密 GitLab 管道触发令牌 | High | Passive |
| 798.143 | 暴露机密 GitLab Runner 注册令牌 | High | Passive |
| 798.144 | 暴露机密 GitLab Runner 身份验证令牌 | High | Passive |
| 798.145 | 暴露机密 GitLab Feed 令牌 | High | Passive |
| 798.146 | 暴露机密 GitLab OAuth 应用密钥 | High | Passive |
| 798.147 | 暴露机密 GitLab Feed 令牌 v2 | High | Passive |
| 798.148 | 暴露机密 GitLab Kubernetes 代理令牌 | High | Passive |
| 798.149 | 暴露机密 GitLab 入站邮件令牌 | High | Passive |
| 798.150 | 暴露机密 GitLab 部署令牌 | High | Passive |
| 798.151 | 暴露机密 GitLab SCIM OAuth 令牌 | High | Passive |
| 798.152 | 暴露机密 GitLab CI 构建令牌 | High | Passive |
| 798.153 | 暴露机密 Grafana API 令牌 | High | Passive |
| 798.154 | 暴露机密 HashiCorp Vault 批处理令牌 | High | Passive |
| 798.155 | 暴露机密 Instagram 访问令牌 | High | Passive |
| 798.156 | 暴露机密 Intercom 客户端密钥或客户端 ID | High | Passive |
| 798.157 | 暴露机密 Ionic 个人访问令牌 | High | Passive |
| 798.158 | 暴露机密 Artifactory API 密钥 | High | Passive |
| 798.159 | 暴露机密 Artifactory 身份令牌 | High | Passive |
| 798.160 | 暴露机密 MaxMind 许可证密钥 | High | Passive |
| 798.161 | 暴露机密 Meta 访问令牌 | High | Passive |
| 798.162 | 暴露机密 Oculus 访问令牌 | High | Passive |
| 798.163 | 暴露机密 Onfido Live API 令牌 | High | Passive |
| 798.164 | 暴露机密 OpenAI API 密钥 | High | Passive |
| 798.165 | 暴露机密 URL 中的密码 | High | Passive |
| 798.166 | 暴露机密 PGP 私有密钥 | High | Passive |
| 798.167 | 暴露机密 PKCS8 私有密钥 | High | Passive |
| 798.168 | 暴露机密 RSA 私有密钥 | High | Passive |
| 798.169 | 暴露机密 Segment 公共 API 令牌 | High | Passive |
| 798.170 | 暴露机密 Brevo SMTP 令牌 | High | Passive |
| 798.171 | 暴露机密 Shippo 测试 API 令牌 | High | Passive |
| 798.172 | 暴露机密 Slack 应用级别令牌 | High | Passive |
| 798.173 | 暴露机密 SSH (DSA) 私有密钥 | High | Passive |
| 798.174 | 暴露机密 SSH (EC) 私有密钥 | High | Passive |
| 798.175 | 暴露机密 Stripe 生产环境受限密钥 | High | Passive |
| 798.176 | 暴露机密 Stripe 可发布的生产环境密钥 | High | Passive |
| 798.177 | 暴露机密 Stripe 测试环境密钥 | High | Passive |
| 798.178 | 暴露机密 Stripe 测试环境受限密钥 | High | Passive |
| 798.179 | 暴露机密 Stripe 可发布的测试环境密钥 | High | Passive |
| 798.180 | 暴露机密 Tailscale 密钥 | High | Passive |
| 798.181 | 暴露机密 Yandex Cloud IAM cookie v1-1 | High | Passive |
| 798.182 | 暴露机密 Yandex Cloud IAM cookie v1-2 | High | Passive |
| 798.183 | 暴露机密 Yandex Cloud IAM cookie v1-3 | High | Passive |
| 798.184 | 暴露机密 Yandex Cloud AWS API 兼容访问密钥 | High | Passive |
| 829.1 | 来自不受信任控制范围的功能包含 | Low | Passive |
| 829.2 | 检测到无效的子资源完整性值 | Medium | Passive |
主动检查
| ID | 检查项 | 严重性 | 类型 |
|---|---|---|---|
| 113.1 | HTTP 头中 CRLF 序列的不当净化 | High | Active |
| 1336.1 | 服务器端模板注入 | High | Active |
| 16.11 | 启用了 TRACE HTTP 方法 | High | Active |
| 22.1 | 对路径名限制不当(路径遍历) | High | Active |
| 611.1 | 外部 XML 实体注入 (XXE) | High | Active |
| 74.1 | XSLT 注入 | High | Active |
| 78.1 | 操作系统命令注入 | High | Active |
| 79.1 | 跨站脚本攻击 (XSS) | High | Active |
| 89.1 | SQL 注入 | High | Active |
| 917.1 | 表达式语言注入 | High | Active |
| 918.1 | 服务器端请求伪造 (SSRF) | High | Active |
| 94.1 | 服务器端代码注入(PHP) | High | Active |
| 94.2 | 服务器端代码注入(Ruby) | High | Active |
| 94.3 | 服务器端代码注入(Python) | High | Active |
| 94.4 | 服务器端代码注入(NodeJS) | High | Active |
| 943.1 | 数据查询逻辑中特殊元素的不当净化 | High | Active |
| 98.1 | PHP 远程文件包含 | High | Active |