Product Documentation

Whitehat WASC Signature Types for WAF Use

Aug 31, 2016

The Citrix NetScaler Application Firewall accepts and generates blocking rules for all vulnerability types that the Whitehat scanners generate. However, certain vulnerabilities are most applicable to a web application firewall. Following are lists of those vulnerabilities, categorized by whether they are addressed by WASC 1.0, WASC 2.0, or best practices signature types.

WASC 1.0 Signature Types

  • HTTP Request Smuggling
  • HTTP Response Splitting
  • HTTP Response Smuggling
  • Null Byte Injection
  • Remote File Inclusion
  • URL Redirector Abuse

WASC 2.0 Signature Types

  • Abuse of Functionality
  • Brute Force
  • Content Spoofing
  • Denial of Service
  • Directory Indexing
  • Information Leakage
  • Insufficient Anti-automation
  • Insufficient Authentication
  • Insufficient Authorization
  • Insufficient Session Expiration
  • LDAP Injection
  • Session Fixation

Best Practices

  • Autocomplete Attribute
  • Insufficient Cookie Access Control
  • Insufficient Password Strength
  • Invalid HTTP Method Usage
  • Non-HttpOnly Session Cookie
  • Persistent Session Cookie
  • Personally Identifiable Information
  • Secured Cachable HTTP Messages
  • Unsecured Session Cookie