Glossary¶

A—M¶

Administrator: A role that defines user permissions in the system. The administrator has access to a wide range of additional features, allowing them to perform all possible actions within their organization.; In UNIX systems it is the root account, a special user with advanced privileges. Most installation operations for SolidPoint require running commands as the administrator.
Access Token: A unique digital key for confirming user rights to access integration operations in SolidPoint: interaction with the API and automation of the scanning process.
Analyst: A role that defines user permissions in the system. The analyst has access to limited functionality. Reading, downloading, following links, and generating PDF scan reports within their organization are available.
Attack: Planned malicious action against the system. The goal of the attack may be, for example, stealing sensitive data or disrupting the system's operation.
Authentication Token: A unique digital key for confirming access to the scan target. With authentication enabled, scanning efficiency will be improved. See the Authentication in scanned applications section for more details.
Bruteforce Attack: One of the most common ways hackers gain access to systems through account search. This method involves automatically (or in rare cases manually) selecting a username and password combination. Additionally, attackers may automate the collection of encryption keys and other information to access the targeted system.
Client-Side Prototype Pollution (CSPP): A method of attacking a system where an attacker makes changes to the object prototypes in the application's code. For example, the prototypes can be rewritten for JavaScript applications. This attack extends the modified properties of the prototype to all related objects in the system.
Command-Line Interface (CLI): A component for user-system interaction without an advanced graphical interface (the user enters commands in a terminal).
Cross-Site Scripting (XSS): An attack method in which a malicious script is injected into a trusted website. This can result in the spread of viruses or user data leaks. This term can also refer to the vulnerability of a website or application to such an attack.
Default Organization: The organization that is the technical owner of the SolidPoint installation, maintains and manages it.
Deserialization: The reverse process of serialization. Insecure deserialization is a common type of vulnerability where the system leaks malicious materials from an attacker during the recovery of serialized data.
Dirbusting: The method for identifying server content by a blind search of server access points from a dictionary.
Discovery: Part of the process of scanning a website, web application, or API. It involves identifying application resources and endpoints, importing API specifications, and importing traffic from SolidWall WAF. Other methods may also be used.
Endpoint: The address for an application to interact with a server or another application. Endpoints are typically represented by URLs that can receive HTTP requests and send data back.
False Positive: A condition in which the system mistakenly detects malicious activity that did not actually occur. This can happen due to inaccuracies in detection algorithms or because some legitimate programs have features that make them appear like malware.
Fuzzing: In SolidPoint, fuzzing refers to simulating an attack on a web application in order to test its security against specific attack methods. This process corresponds to the issue detection scanning phase.
Issue: A flaw in the system detected during a scan. It could be used by hackers to carry out threats against the system's security and cause it to malfunction.
Issue Detection: Part of the process of scanning a website or web application, which involves searching for issues and identifying potential weaknesses in the application that should be addressed. See also: Fuzzing.
Module: A software component used for scanning applications. Different combinations of modules can be used to search for issues and vulnerabilities in the system. Modules for endpoint discovery and issue detection are listed in the Finding issues section.

N—Z¶

Organization: An allocated space with its own set of targets and scan results, available to an authorized group of users.
Out-of-band attack: An attack technique in which an attacker receives data from an application indirectly through an external resource under the attacker's control. A specially formed payload is sent to the target application which, if a vulnerability exists, processes the payload in a way that causes it to send a request to the external resource. This technique can be used in various attacks, such as SQL injection, insecure deserialization, or SSTI.
Payload: The general term for the tools and techniques that attackers can use to breach a system. A payload can include both actions performed by intruders, such as exploiting vulnerabilities in the attacked resource, and the vulnerabilities themselves. The human factor can also be considered a payload.
Raw Scan Report: A preliminary technical scan report in JSON format, which allows specialists to obtain more information about the scan.
Read Only: A role that defines user permissions in the system. Users with this role have access to limited functionality. Reading, downloading, and following links within their organization are available.
Reflected Cross-Site Scripting (Reflected XSS): An attack method that exploits the principle of cross-site scripting, where a malicious script is embedded in a forged request to a website and included in the response it receives. In this scenario, the user's web browser (or similar client application) treats the response from the website as data from a trustworthy source and runs the malicious script.
Report: A PDF report that provides information about the scan, including the target data, scan statistics, a summary of vulnerabilities, and other relevant details.
Requests Per Second (RPS): The value that determines the frequency of the scanner's impact on the target application. Limiting the number of requests can reduce the impact of scanning on the performance of the target application, but at the same time, if you increase the number of requests per second, the scan will be faster. You can customize or disable this restriction when creating or modifying a scan target.
Resources: In the context of resources and endpoints: static pages and files identified by discovery modules in the scanned application.
Scan: The result of a scanning process. It is a summary that includes details about the scanned target, the procedure, the status of the scanning modules, any issues found, and other relevant information.
Scanner: A software product that collects and analyzes information about an application to identify its issues and vulnerabilities. The SolidPoint scanner is based on Fuchsia technology and works with web applications and APIs.
Scanning: The procedure of checking applications for potential issues and vulnerabilities. Scanning consists of two phases: discovery and fuzzing.
Serialization: A process of transforming information used in data exchange between applications and services. It helps to make data more convenient for storage and transmission by changing its format. For example, strings can be converted into bytes of information.
Server-Side Template Injection (SSTI): A type of attack where an attacker injects fragments of template code into a web application through vulnerabilities in the input fields of a website. Once the system recognizes the injected code as part of its own, the attacker can take control of operations on the server.
Severity: An estimate of the danger level associated with a detected vulnerability used to prioritize deficiencies in a system. There are five severity levels: critical, high, medium, low, and info. Due to the specifics of the criteria, it can be difficult to assess severity. It will then be shown as unknown.
Shell Injection: A type of attack where an attacker gains access to a server running a web application and executes operating system commands. This type of attack becomes possible due to a lack of input security, which allows unsafe user data to be passed to the system shell.
SQL Injection (SQLi): A type of attack that involves the insertion of malicious code into a system, which is then processed as an SQL query. This code can be embedded in a form on a website or in a URL. If the code is executed, it can give an attacker control over individual records, the entire database, or even the whole server.
Stored Cross-Site Scripting (Stored XSS): A type of attack that uses the principle of cross-site scripting. A malicious script is inserted into a website through an input form, such as a field for entering a name or adding a comment. This could potentially lead to the spread of viruses or a data leak for future visitors of the affected website.
Super Administrator: A role that defines user permissions in the system. The super administrator has complete access to all available features. This role can only belong to users from the default organization (e.g., the default user). The default user is always a super administrator.
Target: A scanned application with a known URL and predefined settings.
Token: A unique string of characters that serves as a secure digital key to verify transactions, gain access to resources, and authorize actions in various applications and services. Tokens typically have a limited lifespan.
Unknown (User): A role that defines user permissions in the system. An unknown user is someone who has not been activated and therefore cannot perform any actions in the system, including reading.
User: A role that defines user permissions in the system. The user has access to basic functionality, such as creating scans and targets.; A person who interacts with a system, such as a website or app. In some cases, the user may be a legal entity or an organization.
Web Crawling: An automated process of traversing and analyzing the content of web application resources. Web crawling can be static, in which case the interaction with the web application is limited to link navigation. Alternatively, it can be dynamic, where the crawler interacts with the application's interface.