Issues discovered by Mayhem for API are categorized by Rule. Each Rule corresponds to one or more checkers that are executed as part of a fuzzing run.
The following is a list of supported Rules. Click a link below to view the details of a specific rule.
- Authentication Bypass (
- Command Injection (
- Internal Server Error (
- Invalid Response Spec (
- NoSQL Injection (
- Path Traversal (
- Reported by a custom error-classifying plugin. (
- SQL Injection (
- Server Crash (
- Server Side Request Forgery (SSRF) (