- Knowledge Base
- Web Application Scanning
- Scan profiles
-
Security Announcements
-
Product News
-
Next-Gen Vulnerability Management
-
Getting Started
-
General
-
Operating Status
-
System & Network Scanning
-
Web Application Scanning
-
Cloud Scanning (CSPM)
-
API Scanning
-
Phishing & Awareness Training
-
Scanner Appliance
-
Device Agent
-
On-premise platform deployment
-
Asset Management
-
Vulnerability Manager
-
Reports
-
Digest Reports
-
Organizer
-
Continuous Monitoring
-
Integrations
-
Platform API
-
Remediation
-
Users
-
PCI DSS
-
Terms & Conditions
-
Dashboard
What are advanced vulnerability plugins?
These plugins focus on checking for specific web vulnerabilities. Due to their specialized nature, they are not part of the default scan configuration and must be added explicitly to the scan profile. These plugins are designed for particular vulnerabilities and are intended for users who want to perform a more detailed and specific security assessment of their web applications. It's important to note that they are more time-consuming due to the in-depth analysis methods selected.Here is the list of Advanced Vulnerability Plugins:
- HID-3-0-10184 Web Cache Poisoning (Fat Get)
- HID-3-0-10172 HTTP Parameter Discovery
- HID-3-0-10158 Unvalidated Host-Header in Connection State
- HID-3-0-10156 Virtual Host Brute Forcing Using Host Header Injection
- HID-3-0-10148 Request URL override
- HID-3-1-00017 File Inclusion vulnerability
- HID-3-1-10017 Persistent server side include vulnerability
- HID-3-0-10185 Web Cache Poisoning (Path Based)
- HID-3-0-10183 Web Cache Poisoning (Header Based)
Add additional tests to your scan profile.
To include specific vulnerability tests in your scan profile, see this article's information under Vulnerability Selection.
https://support.holmsecurity.com/knowledge/what-does-the-scan-profile-settings-mean-1