Supported attack surfaces | Fluid Attacks Help

Supported attack surfaces

Supported

Currently, these are the attack surfaces supported by Fluid Attacks' DAST and PTaaS:
  1. DNS records
  2. GraphQL API
  3. gRPC API
  4. Headers
  5. HTML content
  6. REST API
  7. SSL connections for encryption suites, protocols, and X509 certificates.
  8. Unauthenticated HTTP endpoints
  9. Webhooks
  10. WebSockets

Unsupported

Fluid Attacks' PTaaS and DAST does not support the following attack surfaces:
  1. Authenticated HTTP endpoints
  2. DOM APIs
  3. OpenAPIs
  4. Postman APIs
  5. SOAP APIs
  6. Swagger APIs
Free trial
Search for vulnerabilities in your apps for free with Fluid Attacks' automated security testing! Start your 21-day free trial and discover the benefits of the Continuous Hacking Essential plan. If you prefer the Advanced plan, which includes the expertise of Fluid Attacks' hacking team, fill out this contact form.