网测科技

The Supernova tester can perform vulnerability scanning, replay of attack packets, web attack range, and fuzz testing. In the feature library (1.1.001662. sig), there are 128290 vulnerabilities in the vulnerability scanning library, 10916 attack packets in the attack traffic library, 16340 attack scripts in the web attack range library, and 68 protocols in the fuzz testing library.

Attack traffic library（10916）

Classify by category
Type	Quantity
products attack 19	100
CGI vulnerability	8
DNS DoS vulnerability attack	179
FTP application layer attack	275
HTTPS application layer attack	272
HTTP application layer attack	3584
IMAP application layer attack	265
IP fragmentation attack	10
LDAP attack	31
MixAttacks	263
MySQL application layer attack	140
NETBIOS attack	154
Oracle security vulnerability	123
POP3 application layer attack	240
Portmap application layer attack	697
Shellcode	105
SMB application layer attack	73
SMTP application layer attack	927
SQL injection vulnerability	64
SSH security vulnerability	13
TELNET application layer attack	32
Unknown vulnerability of UDP type	120
Web browser vulnerability	68
XSS cross-site script attack	36
Brute force weak password attack	20
Operation system vulnerability	495
Backdoor program	27
Buffer overflow vulnerability	1022
Botnet programs	100
DoS vulnerability	144
Ransomware	102
Sensitive information disclosure	15
Trojan program	102
Directory traversal vulnerability	44
Memory damage vulnerability	47
Other security vulnerability	30
Bypass identification vulnerability	38
Arbitrary code execution vulnerability	250
Arbitrary command execution vulnerability	64
Arbitrary file creation vulnerability	3
Arbitrary file overwrite vulnerability	3
Arbitrary file download vulnerability	10
Worm attack	420
Scan attack detection	40
Escape attack	58
Elevation of privilege vulnerability	17
Network behavior attack	30
Unauthorized access vulnerability	13
File inclusion vulnerability	20
File upload vulnerability	20
Spurious attack	3

Vulnerability scan library（128290）

Classify by severity
Severity	Quantity
HIGH	52415
MEDIUM	65356
LOW	10918
Classify by CVE year
Year	Quantity
1999	155
2000	90
2001	257
2002	376
2003	418
2004	1261
2005	1472
2006	1434
2007	2293
2008	3359
2009	4601
2010	3695
2011	4620
2012	5042
2013	6302
2014	6959
2015	6814
2016	8400
2017	9230
2018	9790
2019	9166
2020	9252
2021	10053
2022	10889
2023	9636
2024	6152
Classify by category
Type	Quantity
AIX Local Security Checks	1
Amazon Linux Local Security Checks	748
Brute force attacks	9
Buffer overflow	649
CISCO	651
CentOS Local Security Checks	3255
Citrix Xenserver Local Security Checks	30
Compliance	15
Credentials	4
Databases	1139
Debian Local Security Checks	10011
Default Accounts	302
Denial of Service	2253
F5 Local Security Checks	125
FTP	174
Fedora Local Security Checks	26270
FortiOS Local Security Checks	36
FreeBSD Local Security Checks	2009
Gain a shell remotely	109
General	7980
Gentoo Local Security Checks	2191
HP-UX Local Security Checks	15
Huawei	146
Huawei EulerOS Local Security Checks	12503
IT-Grundschutz	195
IT-Grundschutz-15	85
IT-Grundschutz-deprecated	363
JunOS Local Security Checks	136
Mac OS X Local Security Checks	410
Mageia Linux Local Security Checks	5431
Malware	58
Mandrake Local Security Checks	807
Nmap NSE	154
Nmap NSE net	177
Oracle Linux Local Security Checks	1895
Palo Alto PAN-OS Local Security Checks	40
Peer-To-Peer File Sharing	9
Policy	740
Port scanners	9
Privilege escalation	275
Product detection	2984
RPC	4
Red Hat Local Security Checks	1853
Remote file access	56
SMTP problems	54
SNMP	12
SSL and TLS	86
Service detection	249
Settings	11
Slackware Local Security Checks	1612
Solaris Local Security Checks	1
SuSE Local Security Checks	17550
Ubuntu Local Security Checks	8760
Useless services	16
VMware Local Security Checks	60
Web Servers	983
Web application abuses	9273
Windows	280
Windows : Microsoft Bulletins	3436

Fuzzing library（68）

Classify by protocol type
Protocol type	Quantity
ARP	1
BACnet_APDU	1
BGP	1
BGP4+	1
Bitcoin	1
BJNP	1
CM_RC	1
CM_RC_SEND_WRITE_READ	1
CM_UD	1
COAP	1
COTP	1
DCCP	1
DHCPv4	1
DHCPv6	1
DNS	1
DNS_over_TCP	1
FTP	1
GTP	1
HTTP	1
HTTP_graohql	1
HTTP_grpc	1
HTTP_rest	1
HTTP_soap	1
HTTPS	1
ICMPv4	1
ICMPv6	1
IEC61850_CMS	1
IEC61850_GOOSE	1
IEC61850_MMS	1
IMAP	1
IPV4	1
IPV6	1
ISISv4	1
ISISv6	1
LDAP	1
LLC	1
LLDP	1
MDNS	1
MODBUS	1
MQTT	1
NETCONF	1
NTP	1
Omron-Fins	1
OPCUA	1
OpenFlow	1
OSPF	1
Ospfv3	1
POP3	1
RIPv1	1
RTP	1
Rtspv2	1
S7	1
S7COMM_2L	1
SMB	1
SMTP	1
SNMP	1
SSDP	1
SSH	1
SSHv1	1
Syslog	1
TCP	1
TCP	1
TCPv6	1
TFTP	1
UDP	1
UDP	1
VNC	1
Websocket	1

Web attack range library（16340）

Classify by category
Type	Quantity
File Upload	3784
Interesting File / Seen in logs	1868
Misconfiguration / Default File	673
Information Disclosure	859
Injection (XSS/Script/HTML)	1149
Remote File Retrieval - Inside Web Root	740
Denial of Service	83
Remote File Retrieval - Server Wide	322
Command Execution / Remote Shell	408
SQL Injection	3964
Software Identification	511
Remote source inclusion	2354
Administrative Console	242
XML Injection	114
Authentication Bypass	168
WebService	79
Classify by HTTP request mode
Request mode	Quantity
GET	10368
POST	5968
Classify by scenario type
Type	Quantity
Web attack	6955
bWAPP range attack	2244
DVWA range attack	927
Mutillidae II range attack	1139
SqliLabs Range Attack List	34
Pikachu Shooting Range Attack List	150
Web Vulnerability Attack	4891

Supernova L2-7 full stack network tester