Documentation
Search
K
Comment on page

Security Tests Coverage

Explore Pynt's extensive security test coverage in our documentation! Discover how Pynt's security tests provide comprehensive security coverage for your APIs.
Test case
Category
[BL001] User data leakage to other users - Resource-ID authorization
Business Logic
[BL002] User data leakage to other users - User-ID authorization
Business Logic
[BL003] User data leakage to other users - Resource-ID and User-ID authorization
Business Logic
[BL004] User data leakage to other users - credentials authorization
Business Logic
[BL005] User data manipulation by other users - Resource-ID authorization
Business Logic
[BL006] User data manipulation by other users - User-ID authorization
Business Logic
[BL007] User data manipulation by other users - Resource-ID and User-ID authorization
Business Logic
[BL008] User data manipulation by other users - credentials authorization
Business Logic
[BL009] Guessable resource identifier
Business Logic
[INJ001] SQL Injection
Injections
[INJ002] MS-SQL Injection
Injections
[INJ003] MySQL Injection
Injections
[INJ004] SQLite Injection
Injections
[INJ005] PostgreSQL Injection
Injections
[INJ006] NoSQL Injection
Injections
[INJ007] Command Injection
Injections
[INJ008] Server-side template injection
Injections
[AB001] Ignored authentication token
Authentication bypass
[AB002] No signature validation in JWT
Authentication bypass
[AB003] JWT hashed without secret
Authentication bypass
[AB004] No signature in JWT
Authentication bypass
[AB005] Unsigned JWT
Authentication bypass
[MA001] Mass assignment by manipulation of hidden attributes
Mass Assignment
[MA002] Mass assignment by flag overloading
Mass Assignment
[SSRF001] Local file access
Server-Side request forgery
[ST001] Stack trace in response
Stack trace in response
[RES001] Resources limiting
Lack of Resources and Rate Limiting
[FM001] File path manipulation
File path manipulation