Vulnerability Database
Explore the complete database of vulnerabilities, security misconfigurations, and threats detected by DygDog's continuous scanning engine.
Search Engine Reconnaissance
Checks for sensitive content indexed by search engines via robots.txt, sitemap.xml, and meta robots directives.
Web Server Fingerprinting
Identifies web server software (nginx, Apache, IIS), version numbers, and server-side technologies from headers and responses.
Metadata & Information Leakage
Scans HTML comments, meta tags, and source code for developer notes, internal paths, and sensitive information.
Subdomain Enumeration
Discovers subdomains via DNS enumeration of common prefixes (api, admin, staging, dev, internal).
Subdomain Takeover Detection
Detects dangling DNS CNAMEs pointing to unclaimed cloud resources that could be hijacked by an attacker.
Application Entry Point Mapping
Maps application entry points including forms, URL parameters, API endpoints, and file upload locations.
Framework & CMS Detection
Identifies frontend frameworks (React, Vue, Angular), backend frameworks (Rails, Django, Laravel), and CMS platforms (WordPress, Drupal).
TLS/SSL Configuration
Validates HTTPS enforcement, certificate validity, protocol versions, and cipher suite strength.
HTTP Methods Testing
Tests for dangerous HTTP methods (TRACE, PUT, DELETE, OPTIONS) that may be unintentionally enabled.
Security Headers Analysis
Comprehensive check for HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.
File Extension & MIME Handling
Tests how the server handles various file extensions and MIME types, looking for bypass opportunities.
Backup & Unreferenced File Discovery
Probes for common backup files (.bak, .old, .sql), editor artifacts (.swp, ~), and unreferenced pages.
Admin Interface Exposure
Checks for exposed admin panels (/admin, /wp-admin, /administrator, /phpmyadmin) and management interfaces.
CORS Misconfiguration
Tests Cross-Origin Resource Sharing configuration for wildcard origins, credential leakage, and origin reflection.
Caching Misconfiguration
Audits Cache-Control, Pragma, and Vary headers to detect caching of sensitive content.
User Enumeration Detection
Checks if login/registration pages leak valid usernames through error messages or response timing.
Password Policy Detection
Analyses password field constraints and client-side validation to infer password policy strength.
Authentication Bypass Indicators
Detects signs of weak authentication: default credentials paths, bypass parameters, debug auth modes.
IDOR Pattern Detection
Identifies Insecure Direct Object Reference patterns: sequential IDs in URLs, predictable resource paths, missing authorization checks.
Privilege Escalation Indicators
Detects role parameters, admin paths without protection, and authorization bypass patterns in URLs and forms.
OAuth/OIDC Security Check
Analyses OAuth implementations for deprecated flows (implicit), open redirect in redirect_uri, state parameter usage, and token exposure.
OAuth Provider Risk
Passive inspection of OAuth/OIDC initiation links: wildcard redirect_uri, missing state parameter, deprecated implicit flow, broad scopes, and OIDC issuer mismatch via /.well-known/openid-configuration.
Session Cookie Security
Comprehensive cookie audit: HttpOnly, Secure, SameSite, __Host-/__Secure- prefixes, and entropy analysis.
Session Fixation Indicators
Detects if session tokens are regenerated after authentication by analysing Set-Cookie patterns.
CSRF Protection Analysis
Checks forms for CSRF tokens, SameSite cookie attributes, and custom header requirements.
JWT Security Analysis
Detects JWT tokens, analyses algorithm (none/HS256/RS256), checks for exposed secrets, and validates claims.
XSS Vulnerability Indicators
Passive detection of XSS sinks: innerHTML, document.write, eval, reflected parameters in responses.
SQL Injection Indicators
Detects SQL error messages, query patterns in URLs, and database-specific fingerprints in responses.
Path Traversal Indicators
Checks for file path parameters, local file inclusion patterns, and directory listing exposure.
Open Redirect Detection
Tests URL redirect parameters for open redirect vulnerabilities that enable phishing attacks.
Command Injection Indicators
Detects OS error messages, shell patterns, and input fields that may pass data to system commands.
JavaScript Security Analysis
Scans for outdated libraries (jQuery, Angular, Lodash), dangerous patterns (eval), and exposed source maps.
DOM-Based XSS Analysis
Identifies DOM XSS sources (location, document.URL) and sinks (innerHTML, eval) in JavaScript code.
Clickjacking Protection
Verifies X-Frame-Options and CSP frame-ancestors protection against UI redressing attacks.
WebSocket Security
Detects WebSocket connections, checks for wss:// enforcement, and analyses handshake security.
postMessage Security
Analyses window.postMessage usage for missing origin validation and sensitive data exposure.
Browser Storage Security
Checks localStorage and sessionStorage for sensitive data (tokens, PII, credentials).
Third-Party Script Inventory
Maps all external script origins, identifies tracking/analytics scripts, and checks for SRI hashes.
Cryptographic Implementation
Analyses encryption indicators in cookies, tokens, and API responses for weak or deprecated algorithms.
Error Message Analysis
Detects verbose error messages that disclose stack traces, database queries, or internal paths.
Business Logic Indicators
Detects patterns that may enable business logic abuse: price manipulation fields, quantity limits, workflow bypass paths.
Rate Limiting Detection
Checks for rate limiting headers (X-RateLimit-*), retry-after responses, and CAPTCHA implementations on sensitive endpoints.
Exposed Secrets & API Keys
Scans page source for leaked credentials: AWS keys, API tokens, database connection strings, private keys.
Email Authentication (SPF/DMARC)
Validates SPF, DKIM, and DMARC DNS records for email spoofing protection.
DNS Security (CAA/DNSSEC)
Checks DNS CAA records for certificate authority restrictions and DNSSEC deployment status.
API Surface Discovery
Identifies exposed API endpoints, GraphQL introspection, Swagger/OpenAPI documentation, and API versioning.
CVE/EPSS Threat Intelligence
Enriches findings with NVD CVSS scores, FIRST EPSS exploit probability, and CISA KEV status.
Supply Chain Vulnerability Check
Cross-references detected libraries against OSV.dev for known vulnerabilities in dependencies.
Compliance Framework Mapping
Maps findings to SOC 2 TSC, ISO 27001:2022, GDPR articles, PCI DSS, and OWASP Top 10 2021.
AI Remediation Guidance
Generates infrastructure-aware fix instructions tailored to your detected technology stack.
Brand Impersonation Risk
Generates typosquat variants, checks certificate transparency for lookalike domains, and monitors brand abuse.
Domain Reputation & Blocklists
Checks domain against URLhaus, PhishTank, and other malware/phishing blocklists.
AI Chatbot & Agent Detection
Identifies embedded chatbots (Intercom, Drift, custom LLM) and assesses prompt injection risk.
Security Regression Detection
Compares against historical baseline to detect security posture degradation.
DNS Blacklist Audit
Checks your IP and domain against 20+ authoritative DNS blocklists including Spamhaus ZEN, Barracuda, SpamCop, SURBL, and DroneBL.
Content Security Policy Deep Analysis
Parses the Content-Security-Policy header for unsafe directives ('unsafe-inline', 'unsafe-eval', wildcard or HTTP script-src) and checks whether CSP violation reporting is configured.
Subresource Integrity (SRI) Checks
Counts external scripts and stylesheets lacking integrity= attributes. Without SRI hashes, a compromised CDN can silently serve malicious code to all users.
robots.txt & security.txt Analysis
Fetches /robots.txt and checks Disallow entries for sensitive paths (admin, api, backup, config, etc.). Also checks for a /.well-known/security.txt vulnerability disclosure file.
Cross-Origin Isolation Headers
Checks for Cross-Origin-Embedder-Policy (COEP), Cross-Origin-Opener-Policy (COOP), and Cross-Origin-Resource-Policy (CORP) response headers.
DNS CAA Record Check
Queries the Google DNS-over-HTTPS API for a CAA (Certification Authority Authorisation) record on the target domain.
HTTP/2 and HTTP/3 Support
Checks whether the site is served over HTTPS (a prerequisite for HTTP/2) and whether HTTP/3 is advertised via the Alt-Svc response header.
GraphQL Introspection Exposure
Probes common GraphQL paths (/graphql, /api/graphql, /gql, /v1/graphql) for enabled introspection. A valid __schema response in production exposes the full API schema — types, mutations, and admin fields — to any unauthenticated caller.
HTML Form Security
Parses all <form> elements and checks for GET-method forms, password inputs without autocomplete="off", and the absence of CSRF token patterns (_token, csrf, _wpnonce, authenticity_token).
Meta Tag Security Analysis
Inspects HTML meta tags for a UTF-8 charset declaration (prevents charset-sniffing XSS), a viewport tag, and unexpected noindex directives on public pages.
HTML Content Security Analysis
Inspects page HTML for excessive inline scripts, mixed content (HTTP resources on HTTPS pages), and other content-level security weaknesses.
JavaScript Source Map Exposure
Probes publicly accessible .map files for each detected JavaScript bundle. Source maps allow reconstruction of original, unminified source code.
Social Engineering Indicators
Reserved for social engineering surface analysis. Typosquat variant generation has been consolidated into the Brand Impersonation module.
Phishing & Malware URL Check
Queries the URLhaus abuse.ch database to determine whether the target domain is listed as actively distributing malware or hosting phishing content.
Ghost CMS Security Audit
Detects exposed Ghost CMS admin panels, version disclosure, insecure API endpoints, and misconfigured member/subscription endpoints.
Typosquat Domain Detection
Generates domain permutations (deletion, transposition, keyboard-adjacency, homoglyph, insertion) and resolves each via Google DNS-over-HTTPS. Registered and resolving variants are classified by WHOIS age.
IDN Homograph Detection
Generates Unicode confusable variants (Cyrillic, Greek, accented) of the domain and encodes them as Punycode ACE labels. Each is checked via Google DNS-over-HTTPS and crt.sh for active TLS certificates not issued to the real domain.
Subdomain CNAME Takeover
Resolves CNAME records for the target domain via Google DNS-over-HTTPS, then probes each CNAME destination against 27 known unclaimed-resource fingerprints. A fingerprint match confirms an active takeover vector.