gistfile1.txt

Information Disclosure: Look for endpoints that leak sensitive data.
Broken Object-Level Authorization (BOLA/IDOR): Accessing objects not meant for the authenticated user.
Broken User Authentication: Bypassing authentication mechanisms.
Rate Limiting: Test for unprotected endpoints against DoS or brute-force attacks.
HTTP Verb Tampering: Changing the HTTP verb (e.g., from GET to POST).
Missing Function Level Access Control: Accessing unauthorized functionalities.
Parameter Tampering: Altering parameters to manipulate responses.
SQL Injection: Injecting malicious SQL queries in input.
Command Injection: Injecting malicious commands in input.
Unsecured Endpoints: Looking for endpoints that lack security measures.
Mass Assignment: Exploiting APIs that use client-supplied data without validation.
API Enumeration: Checking sequential values to discover hidden data.
Insecure Direct Object References (IDOR): Accessing unauthorized objects via direct references.
Cross-Site Scripting (XSS): Injecting malicious scripts.
API Key Exposure: Finding exposed API keys in URLs, code, or documentation.
Token Generation Weakness: Predictable token generation.
OAuth Flaws: Misconfigurations in OAuth implementations.
Server-Side Request Forgery (SSRF): Forcing the server to make unauthorized requests.
Cross-Origin Resource Sharing (CORS) Misconfiguration: Exploiting improper CORS headers.
API Fuzzing: Sending unexpected/random data to probe for vulnerabilities.
XML External Entity (XXE) Attacks: Exploiting XML parsers.
Insecure API Versioning: Checking outdated or deprecated API versions.
Host Header Injection: Manipulating the host header.
File Upload Vulnerabilities: Uploading malicious files.
JSON Web Token (JWT) Attacks: Exploiting JWT implementations for unauthorized actions.
HTTP Response Splitting: Injecting data to split HTTP responses.
HTTP Request Smuggling: Sending ambiguous requests to bypass security.
GraphQL Specific Attacks: Exploring overly verbose errors or exploiting nested queries.
API Gateway Misconfigurations: Bypassing gateway protections or exploiting misconfigured routes.
API DDoS Attacks: Exploiting costly API calls.
Business Logic Bypass: Exploiting overlooked logical flaws.
Parameter Pollution: Injecting extra parameters to manipulate the API request.
Misconfigured SSL: Weak SSL ciphers or certificates.
Cache Poisoning: Exploiting caching mechanisms.
Path/Directory Traversal: Accessing unauthorized directories.
Replay Attacks: Reusing valid data transactions.
WSDL Enumeration: For SOAP-based web services, enumerate WSDL for sensitive operations.
Data Exposure From Backend Systems: Over-fetching of data from back-end systems.
Subdomain Takeover: Exploiting misconfigured DNS records related to the API.
Custom Error Messages: Revealing sensitive information.
Exposed Git/Folder Directories: Checking if directories (.git, .env) are exposed.
Stack Traces Exposure: Revealing sensitive information about the application's structure.
Header Injections: Injecting malicious headers to manipulate requests or responses.
Session Fixation: Forcing a user's session ID to a known value.
Race Conditions: Exploiting processes that aren't atomic.
GraphQL Introspection: Revealing all available API schema/data.
Redirection Attacks: Redirecting users to malicious sites.
API Key Rotation Policies: Exploiting keys that aren’t rotated or revoked properly.
Logging Sensitive Data: Information leaked via logs.
Missing Security Headers: Checking for headers that secure the API like Strict-Transport-Security, Content-Security-Policy, etc.