Qodex.ai
Qodex.ai
Introduction
AWS IAM & Organization Audit
Get account aliaseGet Account SummaryPassword Policy CheckGenerate IAM Credential ReportAnalyse IAM Credential ReportList UsersList groupsList RolesList PoliciesGenerate Service Last Accessed DetailsGet Service Last Accessed DetailsPost to Slack
Aggregating Sub-domain Certificate Information
Get Subdomain Certificates
Get Certificates for Subdomains
Reporting
Visualize as TablePush to Slack
Check for Common API Vulnerabilities
CORS Misconfiguration
Trusted Unauthorised Subdomain Test
Security Headers
Check for Security Headers
Authentication
Check response with other users access token
Directory Traversal
Check vulnerability for sequences stripped with superfluous URL-decode
SQL Injection
SQL injection Test 1SQL injection Test 2
CSP Evaluator
Evaluate CSP
Domain Expiry Monitor
Fetch hosted zonesfetch paginated hosted zonescheck domain validityPost to slack - Success
Emails Exposed in Data Breach
Get employeesCheck employee emailSuccess
Environment Scanner
Scan leaked keyAccess the contents of workspaces accessible to youAccess contents of a specific environment
Find Fake Chrome Apps Using Postman
Chrome web-store XHRequest
Get Web Store ExtensionsAlert on Slack
Open Redirect Checks
Get URLsCheck URL
Retrieve secret from AWS Secrets Manager
GetSecretValueGet Variable
Slack Secret Scanner
Get ChannelsScan MessagesJoin ChannelSend Report
TLS Version Monitor
Fetch Hosted ZonesFetch Paginated Hosted ZonesFetch Resource RecordsFetch Paginated Resource RecordsCheck TLS VersionPush to Slack
The Good Bank APIs
Health
Ping
Bank User-Authentication
Update User InformationGet User InformationUser Change PasswordUser Logout
Bank User
Create UserUser Login
Bank Account
Account summaryAccount transactions
Bank Admin
Our customersCredit amountDebit amount
Working with AWS Secrets Manager Vault
List MFA CredentialsGet STS Token
Working with HashiCorp Vault
Configure Environment
Introduction
AWS IAM & Organization Audit
Get account aliaseGet Account SummaryPassword Policy CheckGenerate IAM Credential ReportAnalyse IAM Credential ReportList UsersList groupsList RolesList PoliciesGenerate Service Last Accessed DetailsGet Service Last Accessed DetailsPost to Slack
Aggregating Sub-domain Certificate Information
Get Subdomain Certificates
Get Certificates for Subdomains
Reporting
Visualize as TablePush to Slack
Check for Common API Vulnerabilities
CORS Misconfiguration
Trusted Unauthorised Subdomain Test
Security Headers
Check for Security Headers
Authentication
Check response with other users access token
Directory Traversal
Check vulnerability for sequences stripped with superfluous URL-decode
SQL Injection
SQL injection Test 1SQL injection Test 2
CSP Evaluator
Evaluate CSP
Domain Expiry Monitor
Fetch hosted zonesfetch paginated hosted zonescheck domain validityPost to slack - Success
Emails Exposed in Data Breach
Get employeesCheck employee emailSuccess
Environment Scanner
Scan leaked keyAccess the contents of workspaces accessible to youAccess contents of a specific environment
Find Fake Chrome Apps Using Postman
Chrome web-store XHRequest
Get Web Store ExtensionsAlert on Slack
Open Redirect Checks
Get URLsCheck URL
Retrieve secret from AWS Secrets Manager
GetSecretValueGet Variable
Slack Secret Scanner
Get ChannelsScan MessagesJoin ChannelSend Report
TLS Version Monitor
Fetch Hosted ZonesFetch Paginated Hosted ZonesFetch Resource RecordsFetch Paginated Resource RecordsCheck TLS VersionPush to Slack
The Good Bank APIs
Health
Ping
Bank User-Authentication
Update User InformationGet User InformationUser Change PasswordUser Logout
Bank User
Create UserUser Login
Bank Account
Account summaryAccount transactions
Bank Admin
Our customersCredit amountDebit amount
Working with AWS Secrets Manager Vault
List MFA CredentialsGet STS Token
Working with HashiCorp Vault
Configure Environment
HomeCheck for Common API VulnerabilitiesSecurity Headers

Security Headers

Number of APIs: 1

  1. Check for Security Headers GET {{base_url}}
Previous
Trusted Unauthorised Subdomain Test
Next
Check for Security Headers