Dashboard
Dashboard

Documentation

Demo Call with CEO

Blog

Slack

Get Started

CodeAnt AI
Setup
Control Center
Pull Request Review
IDE
Compliance
Anti-Patterns
Code Governance
Infrastructure Security Database
Application Security Database
- Apex
- Bash
- C
- Clojure
- Cpp
- Csharp
  - Dotnet-core
  - Dotnet
  - Jwt-dotnet
  - Lang
    - Audit
    - Best practice
    - Correctness
    - Security
    - Security
  - Mongo
  - Postgres
  - Razor
- Dockerfile
- Elixir
- Fingerprints
- Generic
- Go
- Html
- Java
- Javascript
- Json
- Kotlin
- Ocaml
- Php
- Problem-based-packs
- Python
- Ruby
- Rust
- Scala
- Solidity
- Swift
- Terraform
- Typescript
- Yaml

Lang

Security

missing-hsts-header

The HSTS HTTP response security header is missing, allowing interaction and communication to be sent over the insecure HTTP protocol.
Likelihood: LOW
Confidence: LOW
CWE:
- CWE-346: Origin Validation Error
OWASP:
- A07:2021 - Identification and Authentication Failures

stacktrace-disclosure

Stacktrace information is displayed in a non-Development environment. Accidentally disclosing sensitive stack trace information in a production environment aids an attacker in reconnaissance and information gathering.
Likelihood: LOW
Confidence: HIGH
CWE:
- CWE-209: Generation of Error Message Containing Sensitive Information
OWASP:
- A06:2017 - Security Misconfiguration
- A04:2021 - Insecure Design

open-redirect

A query string parameter may contain a URL value that could cause the web application to redirect the request to a malicious website controlled by an attacker. Make sure to sanitize this parameter sufficiently.
Likelihood: MEDIUM
Confidence: LOW
CWE:
- CWE-601: URL Redirection to Untrusted Site (‘Open Redirect’)
OWASP:
- A01:2021 - Broken Access Control

Sslcertificatetrust Ad

twitter linkedin

Powered by Mintlify

Assistant

Responses are generated using AI and may contain mistakes.