Vulnerability Database

Explore the complete database of vulnerabilities, security misconfigurations, and threats detected by DygDog's continuous scanning engine.

Search Engine Reconnaissance

Checks for sensitive content indexed by search engines via robots.txt, sitemap.xml, and meta robots directives.

Web Server Fingerprinting

Identifies web server software (nginx, Apache, IIS), version numbers, and server-side technologies from headers and responses.

Metadata & Information Leakage

Scans HTML comments, meta tags, and source code for developer notes, internal paths, and sensitive information.

Subdomain Enumeration

Discovers subdomains via DNS enumeration of common prefixes (api, admin, staging, dev, internal).

Subdomain Takeover Detection

Detects dangling DNS CNAMEs pointing to unclaimed cloud resources that could be hijacked by an attacker.

Application Entry Point Mapping

Maps application entry points including forms, URL parameters, API endpoints, and file upload locations.

Framework & CMS Detection

Identifies frontend frameworks (React, Vue, Angular), backend frameworks (Rails, Django, Laravel), and CMS platforms (WordPress, Drupal).

TLS/SSL Configuration

Validates HTTPS enforcement, certificate validity, protocol versions, and cipher suite strength.

HTTP Methods Testing

Tests for dangerous HTTP methods (TRACE, PUT, DELETE, OPTIONS) that may be unintentionally enabled.

Security Headers Analysis

Comprehensive check for HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.

File Extension & MIME Handling

Tests how the server handles various file extensions and MIME types, looking for bypass opportunities.

Backup & Unreferenced File Discovery

Probes for common backup files (.bak, .old, .sql), editor artifacts (.swp, ~), and unreferenced pages.

Admin Interface Exposure

Checks for exposed admin panels (/admin, /wp-admin, /administrator, /phpmyadmin) and management interfaces.

CORS Misconfiguration

Tests Cross-Origin Resource Sharing configuration for wildcard origins, credential leakage, and origin reflection.

Caching Misconfiguration

Audits Cache-Control, Pragma, and Vary headers to detect caching of sensitive content.

User Enumeration Detection

Checks if login/registration pages leak valid usernames through error messages or response timing.

Password Policy Detection

Analyses password field constraints and client-side validation to infer password policy strength.

Authentication Bypass Indicators

Detects signs of weak authentication: default credentials paths, bypass parameters, debug auth modes.

IDOR Pattern Detection

Identifies Insecure Direct Object Reference patterns: sequential IDs in URLs, predictable resource paths, missing authorization checks.

Privilege Escalation Indicators

Detects role parameters, admin paths without protection, and authorization bypass patterns in URLs and forms.

OAuth/OIDC Security Check

Analyses OAuth implementations for deprecated flows (implicit), open redirect in redirect_uri, state parameter usage, and token exposure.

OAuth Provider Risk

Passive inspection of OAuth/OIDC initiation links: wildcard redirect_uri, missing state parameter, deprecated implicit flow, broad scopes, and OIDC issuer mismatch via /.well-known/openid-configuration.

Session Cookie Security

Comprehensive cookie audit: HttpOnly, Secure, SameSite, __Host-/__Secure- prefixes, and entropy analysis.

Session Fixation Indicators

Detects if session tokens are regenerated after authentication by analysing Set-Cookie patterns.

CSRF Protection Analysis

Checks forms for CSRF tokens, SameSite cookie attributes, and custom header requirements.

JWT Security Analysis

Detects JWT tokens, analyses algorithm (none/HS256/RS256), checks for exposed secrets, and validates claims.

XSS Vulnerability Indicators

Passive detection of XSS sinks: innerHTML, document.write, eval, reflected parameters in responses.

SQL Injection Indicators

Detects SQL error messages, query patterns in URLs, and database-specific fingerprints in responses.

Path Traversal Indicators

Checks for file path parameters, local file inclusion patterns, and directory listing exposure.

Open Redirect Detection

Tests URL redirect parameters for open redirect vulnerabilities that enable phishing attacks.

Command Injection Indicators

Detects OS error messages, shell patterns, and input fields that may pass data to system commands.

JavaScript Security Analysis

Scans for outdated libraries (jQuery, Angular, Lodash), dangerous patterns (eval), and exposed source maps.

DOM-Based XSS Analysis

Identifies DOM XSS sources (location, document.URL) and sinks (innerHTML, eval) in JavaScript code.

Clickjacking Protection

Verifies X-Frame-Options and CSP frame-ancestors protection against UI redressing attacks.

WebSocket Security

Detects WebSocket connections, checks for wss:// enforcement, and analyses handshake security.

postMessage Security

Analyses window.postMessage usage for missing origin validation and sensitive data exposure.

Browser Storage Security

Checks localStorage and sessionStorage for sensitive data (tokens, PII, credentials).

Third-Party Script Inventory

Maps all external script origins, identifies tracking/analytics scripts, and checks for SRI hashes.

Cryptographic Implementation

Analyses encryption indicators in cookies, tokens, and API responses for weak or deprecated algorithms.

Error Message Analysis

Detects verbose error messages that disclose stack traces, database queries, or internal paths.

Business Logic Indicators

Detects patterns that may enable business logic abuse: price manipulation fields, quantity limits, workflow bypass paths.

Rate Limiting Detection

Checks for rate limiting headers (X-RateLimit-*), retry-after responses, and CAPTCHA implementations on sensitive endpoints.

Exposed Secrets & API Keys

Scans page source for leaked credentials: AWS keys, API tokens, database connection strings, private keys.

Email Authentication (SPF/DMARC)

Validates SPF, DKIM, and DMARC DNS records for email spoofing protection.

DNS Security (CAA/DNSSEC)

Checks DNS CAA records for certificate authority restrictions and DNSSEC deployment status.

API Surface Discovery

Identifies exposed API endpoints, GraphQL introspection, Swagger/OpenAPI documentation, and API versioning.

CVE/EPSS Threat Intelligence

Enriches findings with NVD CVSS scores, FIRST EPSS exploit probability, and CISA KEV status.

Supply Chain Vulnerability Check

Cross-references detected libraries against OSV.dev for known vulnerabilities in dependencies.

Compliance Framework Mapping

Maps findings to SOC 2 TSC, ISO 27001:2022, GDPR articles, PCI DSS, and OWASP Top 10 2021.

AI Remediation Guidance

Generates infrastructure-aware fix instructions tailored to your detected technology stack.

Brand Impersonation Risk

Generates typosquat variants, checks certificate transparency for lookalike domains, and monitors brand abuse.

Domain Reputation & Blocklists

Checks domain against URLhaus, PhishTank, and other malware/phishing blocklists.

AI Chatbot & Agent Detection

Identifies embedded chatbots (Intercom, Drift, custom LLM) and assesses prompt injection risk.

Security Regression Detection

Compares against historical baseline to detect security posture degradation.

DNS Blacklist Audit

Checks your IP and domain against 20+ authoritative DNS blocklists including Spamhaus ZEN, Barracuda, SpamCop, SURBL, and DroneBL.

Content Security Policy Deep Analysis

Parses the Content-Security-Policy header for unsafe directives ('unsafe-inline', 'unsafe-eval', wildcard or HTTP script-src) and checks whether CSP violation reporting is configured.

Subresource Integrity (SRI) Checks

Counts external scripts and stylesheets lacking integrity= attributes. Without SRI hashes, a compromised CDN can silently serve malicious code to all users.

robots.txt & security.txt Analysis

Fetches /robots.txt and checks Disallow entries for sensitive paths (admin, api, backup, config, etc.). Also checks for a /.well-known/security.txt vulnerability disclosure file.

Cross-Origin Isolation Headers

Checks for Cross-Origin-Embedder-Policy (COEP), Cross-Origin-Opener-Policy (COOP), and Cross-Origin-Resource-Policy (CORP) response headers.

DNS CAA Record Check

Queries the Google DNS-over-HTTPS API for a CAA (Certification Authority Authorisation) record on the target domain.

HTTP/2 and HTTP/3 Support

Checks whether the site is served over HTTPS (a prerequisite for HTTP/2) and whether HTTP/3 is advertised via the Alt-Svc response header.

GraphQL Introspection Exposure

Probes common GraphQL paths (/graphql, /api/graphql, /gql, /v1/graphql) for enabled introspection. A valid __schema response in production exposes the full API schema — types, mutations, and admin fields — to any unauthenticated caller.

HTML Form Security

Parses all <form> elements and checks for GET-method forms, password inputs without autocomplete="off", and the absence of CSRF token patterns (_token, csrf, _wpnonce, authenticity_token).

Meta Tag Security Analysis

Inspects HTML meta tags for a UTF-8 charset declaration (prevents charset-sniffing XSS), a viewport tag, and unexpected noindex directives on public pages.

HTML Content Security Analysis

Inspects page HTML for excessive inline scripts, mixed content (HTTP resources on HTTPS pages), and other content-level security weaknesses.

JavaScript Source Map Exposure

Probes publicly accessible .map files for each detected JavaScript bundle. Source maps allow reconstruction of original, unminified source code.

Social Engineering Indicators

Reserved for social engineering surface analysis. Typosquat variant generation has been consolidated into the Brand Impersonation module.

Phishing & Malware URL Check

Queries the URLhaus abuse.ch database to determine whether the target domain is listed as actively distributing malware or hosting phishing content.

Ghost CMS Security Audit

Detects exposed Ghost CMS admin panels, version disclosure, insecure API endpoints, and misconfigured member/subscription endpoints.

Typosquat Domain Detection

Generates domain permutations (deletion, transposition, keyboard-adjacency, homoglyph, insertion) and resolves each via Google DNS-over-HTTPS. Registered and resolving variants are classified by WHOIS age.

IDN Homograph Detection

Generates Unicode confusable variants (Cyrillic, Greek, accented) of the domain and encodes them as Punycode ACE labels. Each is checked via Google DNS-over-HTTPS and crt.sh for active TLS certificates not issued to the real domain.

Subdomain CNAME Takeover

Resolves CNAME records for the target domain via Google DNS-over-HTTPS, then probes each CNAME destination against 27 known unclaimed-resource fingerprints. A fingerprint match confirms an active takeover vector.