List of Security Checks
The Cohesion command-line toolkit now comes with several built-in commands to help you understand the list of supported vulnerability checks, severity levels and attack methods.
We are very excited to announce the first official release of Cohesion - a devsecops web security penetration testing tool specifically designed to be used as part of Continuous Integration pipelines and more.
Cohesion comes with a built-in scanner, fuzzer, and a proxy. The scanner is a standalone security testing solution which will spider the target and execute tests against all parameterized forms and links. The fuzzer is most suitable or testing individual requests, therefore, it fits perfectly in the production pipeline of web services. Finally, the proxy can be used to dynamically scan any request in transit therefore it can be easily combined with existing unit and integration tests.
Just follow the online documentation to learn more about Cohesion.