Browse every security term
Full definitions for SSRF, XSS, JWT bypass, OAuth 2.0, mTLS, and the rest of the vocabulary used on this page.
Resources
Vulnerability database
Pentrova organises the web, API, and infrastructure flaws we detect into five taxonomic classes: Injection, Access Control, Cryptography, Infrastructure, and Application Security. The classes are deliberately broader than CWE so one class can map cleanly to the coverage that hunts it, and narrower than OWASP Top 10 so each entry points at a concrete detection and exploitation technique.
Every entry below describes the class, the signal our agents look for, and the shape of the deterministic proof the platform ships when a finding is confirmed. Specific catalog sizes and coverage inventories are available to evaluators under NDA via the product console and Trust Center.
The database is curated, not exhaustive. A full CWE cross-walk lives inside the product where it can stay accurate as the catalog changes. The entries here are the ones we expect a security engineer to recognise at a glance while evaluating Pentrova on a first read.
Every detection ends at the same artifact: a replayable PoC bundle that an engineer, an auditor, or an incident responder can verify without calling us. That discipline is what makes the taxonomy useful — each class is a bet on producing deterministic evidence, not probabilistic severity.
See also
Injection
Unsafe composition of attacker-controlled input into commands, queries, templates, or markup.
-
SQL Injection (SQLi)
Parameter concatenation into SQL statements enables data extraction, authentication bypass, and file reads.
-
Cross-Site Scripting (XSS)
Reflected, stored, or DOM-based injection that reaches a scripting sink in the victim origin.
-
Server-Side Template Injection (SSTI)
User input evaluated by a server-side template engine; frequent path to remote code execution.
-
XML External Entity (XXE)
XML parsers dereferencing external entities, enabling file reads, SSRF, or denial of service.
Access Control
Missing or inconsistent authorisation checks that let one principal act on another principal’s resources.
-
Insecure Direct Object Reference (IDOR)
Object identifiers accepted from the client without a server-side ownership check.
-
Broken Object-Level Authorization (BOLA)
The API-native sibling of IDOR; top item in the OWASP API Security Top 10.
-
JWT Authentication Bypass
Weak JWT validation — `alg=none`, HS256/RS256 key confusion, unverified `kid` headers.
Cryptography
Cryptographic primitives used incorrectly: weak algorithms, predictable randomness, or misconfigured TLS.
-
mTLS Misconfiguration
Server-side acceptance of expired, self-signed, or CN-mismatched client certificates.
-
CORS Policy Bypass
Reflected `Access-Control-Allow-Origin` combined with `Allow-Credentials: true`; adjacent to the CSRF class.
Infrastructure
Server-side requests, file reads, and remote code execution exposed through infrastructure primitives.
-
Server-Side Request Forgery (SSRF)
Application fetches URLs supplied by the attacker; pivots into internal services and cloud metadata.
-
Remote Code Execution (RCE)
Arbitrary command or code execution on the target — canonical example is the Log4Shell chain.
-
Log4Shell (CVE-2021-44228)
JNDI-triggering log strings reach a vulnerable Log4j 2.x version and load attacker-controlled classes.
Application Security
Business-logic and application-layer flaws that are specific to how the service composes its own features.
-
Race Condition
Correctness depends on the relative timing of concurrent requests — classic time-of-check-to-time-of-use.
-
Cross-Site Request Forgery (CSRF)
A malicious origin induces a browser to send an authenticated state-changing request to a target site.
-
OAuth 2.0 Flow Abuse
Misconfigured redirect URIs, missing PKCE, and state-parameter drift in delegated authorisation flows.
-
Business-Logic Bypass
Workflows enforced in the UI but not on the server — step skipping, coupon reuse, negative-quantity purchases.
See the catalog inside the product
Every class above is backed by dedicated coverage. Book a demo and we will walk the catalog end-to-end against a target of your choice.