Supported attack surfaces
Supported
Currently, these are the attack surfaces supported by Fluid Attacks'
DAST and
PTaaS:
- DNS records
- GraphQL API
- gRPC API
- Headers
- HTML content
- REST API
- SSL connections for encryption suites, protocols, and X509 certificates.
- Unauthenticated HTTP endpoints
- Webhooks
- WebSockets
Unsupported
Fluid Attacks' PTaaS and DAST does not support the following attack surfaces:
- Authenticated HTTP endpoints
- DOM APIs
- OpenAPIs
- Postman APIs
- SOAP APIs
- Swagger APIs