Manual
Tests
Cohesion comes with a number of security tests. All tests are selected by default. You can, however, select specific tests from the list bellow. For more information on how to select tests, consult with the common options manual.
$ cohesion show tests
| Name | Description |
|---|---|
| reflectedcli | Test for reflected command line injection vulnerabilities. |
| reflectedcrlfi | Test for CR/LF injection vulnerabilities. |
| reflectedeli | Test for reflected expression injection vulnerabilities. |
| reflectedlfi | Test for local file include vulnerabilities. |
| phplfi | Test for local file include vulnerabilities (php varient). |
| reflectedrfi | Test for remote file include vulnerabilities. |
| reflectedrci | Test for remote code injection vulnerabilities. |
| reflectedrciphp | Test for remote code injection vulnerabilities. |
| reflectedredir | Test for reflected open redirect vulnerabilities. |
| vanilasqli | Test for vanila (error-based) SQL Injection vulnerabilities. |
| reflectedsqli | Test for reflected SQL Injection vulnerabilities. |
| timedsqli | Test for time-based SQL Injection vulnerabilities. |
| booleansqli | Test for boolean SQL Injection vulnerabilities. |
| reflectedxss | Test for reflected Cross-site Scripting vulnerabilities. |
| domxss | Test for dom-based Cross-site Scripting vulnerabilities. |
| persistentxss | Test for persistent Cross-site Scripting vulnerabilities. |
| reflectedxxe | Test for reflected XML Entity Injection vulnerabilities. |