{ "security_assessment": { "scan_date": "2026-01-31T23:26:50.792111", "target": "https://api.example.com", "session_id": "778a0bced55b6b4d", "summary": { "total_tests": 5, "vulnerabilities_found": 23, "critical_issues": 9, "high_issues": 9, "medium_issues": 4, "low_issues": 1 }, "detailed_results": [ { "test_type": "business_logic", "vulnerabilities": [ { "type": "price_manipulation", "payload": { "product_id": "123", "quantity": 1, "price": -100, "currency": "USD" }, "risk": "HIGH", "description": "Negative price allows free products" }, { "type": "coupon_stacking", "payload": { "items": [ { "id": "prod1", "price": 100 } ], "coupons": [ "SAVE10", "SAVE20", "SAVE30" ] }, "expected_behavior": "Only one coupon should apply", "vulnerability": true, "risk": "HIGH" }, { "type": "parameter_pollution", "endpoint": "/api/admin/users", "payload": "user_id=123&user_id=456", "vulnerability": "May access unauthorized user data", "risk": "CRITICAL" } ], "race_conditions": [ { "endpoint": "/api/purchase", "method": "POST", "scenario": "Concurrent purchases exceeding inventory", "payload": { "product_id": "456", "quantity": 100 }, "concurrent_requests": 50, "vulnerability": true, "risk": "MEDIUM" } ], "timestamp": "2026-01-31T23:26:50.792140" }, { "test_type": "authentication", "vulnerabilities": [ { "endpoint": "/api/user/profile", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "endpoint": "/api/admin/dashboard", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "endpoint": "/api/orders/create", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "endpoint": "/api/wallet/balance", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "type": "weak_token_validation", "token": "12345", "endpoint": "/api/protected", "accepted": true, "risk": "CRITICAL" }, { "type": "weak_token_validation", "token": "admin", "endpoint": "/api/protected", "accepted": true, "risk": "CRITICAL" }, { "type": "weak_token_validation", "token": "token", "endpoint": "/api/protected", "accepted": true, "risk": "CRITICAL" }, { "type": "weak_token_validation", "token": "", "endpoint": "/api/protected", "accepted": true, "risk": "CRITICAL" }, { "type": "weak_token_validation", "token": "null", "endpoint": "/api/protected", "accepted": true, "risk": "CRITICAL" }, { "type": "weak_token_validation", "token": "undefined", "endpoint": "/api/protected", "accepted": true, "risk": "CRITICAL" }, { "type": "algorithm_none", "payload": "{\"alg\": \"none\", \"typ\": \"JWT\"}.{\"user\": \"admin\", \"role\": \"admin\"}.", "risk": "CRITICAL" }, { "type": "key_confusion", "payload": "Public key used as private key", "risk": "HIGH" } ], "tested_endpoints": [ { "endpoint": "/api/user/profile", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "endpoint": "/api/admin/dashboard", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "endpoint": "/api/orders/create", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" }, { "endpoint": "/api/wallet/balance", "method": "GET", "auth_required": true, "test_without_auth": true, "status_code": 200, "vulnerability": "Endpoint accessible without authentication", "risk": "HIGH" } ], "timestamp": "2026-01-31T23:26:50.792181" }, { "test_type": "rate_limiting", "endpoints_tested": [ { "endpoint": "/api/login", "method": "POST", "requests_per_minute": 1000, "rate_limit_enforced": false, "observed_limit": "None detected", "vulnerability": "No rate limiting implemented", "risk": "MEDIUM" }, { "endpoint": "/api/register", "method": "POST", "requests_per_minute": 1000, "rate_limit_enforced": false, "observed_limit": "None detected", "vulnerability": "No rate limiting implemented", "risk": "MEDIUM" }, { "endpoint": "/api/search", "method": "POST", "requests_per_minute": 1000, "rate_limit_enforced": false, "observed_limit": "None detected", "vulnerability": "No rate limiting implemented", "risk": "MEDIUM" }, { "endpoint": "/api/data/export", "method": "POST", "requests_per_minute": 1000, "rate_limit_enforced": false, "observed_limit": "None detected", "vulnerability": "No rate limiting implemented", "risk": "MEDIUM" } ], "bypass_attempts": [ { "technique": "IP rotation via X-Forwarded-For header", "header": "X-Forwarded-For", "bypass_successful": true, "risk": "MEDIUM" }, { "technique": "User-Agent rotation", "header": "User-Agent", "bypass_successful": true, "risk": "LOW" }, { "technique": "Session token manipulation", "method": "Cookie rotation", "bypass_successful": false, "risk": "LOW" } ], "timestamp": "2026-01-31T23:26:50.792220" }, { "test_type": "data_exposure", "leakage_points": [ { "endpoint": "/api/user/999999", "error_type": "User not found", "response": "User with ID 999999 does not exist in database 'production_db'", "information_disclosed": [ "Database name", "Table structure", "Internal paths" ], "risk": "MEDIUM" }, { "endpoint": "/api/admin/config", "error_type": "Configuration error", "response": "Configuration file /etc/app/config.json not found", "information_disclosed": [ "File system paths", "Configuration details" ], "risk": "LOW" }, { "endpoint": "/api/docs", "exposed_info": [ "Internal database schema", "Authentication mechanisms", "Rate limiting configurations", "Deprecated endpoints" ], "risk": "MEDIUM" } ], "sensitive_data_found": [ { "endpoint": "/api/user/profile", "sensitive_fields": [ "password_hash", "ssn", "credit_card_number", "api_secret_key" ], "exposed": true, "risk": "CRITICAL" }, { "endpoint": "/api/debug/info", "sensitive_fields": [ "database_connection_string", "private_key", "jwt_secret" ], "exposed": true, "risk": "CRITICAL" } ], "timestamp": "2026-01-31T23:26:50.792255" }, { "test_type": "cors_csp", "cors_issues": [ { "origin": "https://evil.com", "allowed": true, "header": "Access-Control-Allow-Origin: *", "vulnerability": "Wildcard CORS allows any origin", "risk": "HIGH" }, { "origin": "null", "allowed": true, "header": "Access-Control-Allow-Origin: null", "vulnerability": "Null origin allowed", "risk": "MEDIUM" }, { "origin": "https://malicious-site.com", "allowed": true, "credentials": true, "vulnerability": "Credentials allowed for untrusted origin", "risk": "CRITICAL" }, { "type": "mixed_content", "description": "HTTP resources loaded from HTTPS page", "vulnerability": true, "risk": "MEDIUM" } ], "csp_bypasses": [ { "csp_policy": "script-src 'self' unsafe-inline", "bypass_method": "Inline script execution", "bypass_successful": true, "risk": "HIGH" }, { "csp_policy": "default-src 'self'", "bypass_method": "JSONP endpoint abuse", "bypass_successful": true, "risk": "MEDIUM" }, { "csp_policy": "script-src 'self' cdn.example.com", "bypass_method": "CDN compromise", "bypass_successful": false, "risk": "LOW" } ], "timestamp": "2026-01-31T23:26:50.792287" } ] } }