- Account take over – Brute Force, Credential Stuffing, password spraying
- Floods – Application DoS, DDoS, Slow attacks
- Vul hunting – XSS, SQLi, Dir traversal, LFI, RFI
WAF testing plans
Web Application – Common Attack Vectors
Base
Brute Forcefrom 500$
- Base scan
- Scheduled scan
- Repot
App DDoS
$500per Policy
- Base scan
Vulnerability hunting
$500per Policy
- Base Policy
Brute Force
$500per Policy
- Base scan
App DDoS
$500per Policy
- Base scan
Vulnerability hunting
$500per Policy
- Base Policy
| Scan only | Scan & Report | Scan Report & consulting | |
| BF | 500 | 1500 | 2500 |
| DDoS | 500 | 1500 | 2500 |
| Vulnerability hunting | 1000 | 4000 | 8000 |
Base scanning plans
| Brute Force | App DDoS | Vulnerability hunting | |
| Scan | 500 | 1500 | 2500 |
| Scan and report | |||
| scan report and conuslting |
Scanning plans: Base
| Brute Force | App DDoS | Vulnerability hunting | |
| Scan | 500 | 1500 | 2500 |
| Scan and report | |||
| scan report and conuslting |
| Brute Force |
| 1500 |
| App DDoS |
| 1500 |
| Brute Force |
| 1500 |
Scanning plans: Base
| Brute Force | App DDoS | Vulnerability hunting | |
| Scan | 500 | 1500 | 2500 |
| Scan and report | |||
| scan report and conuslting |
- All Types: WAF, Bot Manager, RASP
- All Vendors: Commercial, Open Source, inhouse WAF
- All Locations: On premises, Clouds, SaaS WAF