What Issues Can Aikido Pentest Find?

OWASP Top 10 & Critical Risks

We cover the full OWASP Top 10, prioritizing the high-impact issues that actually cause data breaches.

• BOLA / IDOR (Cross-Tenant Data Leakage)

  • Broken Object Level Authorization and Insecure Direct Object References. We verify that User A cannot access User B’s private data (e.g., changing an ID in an API call).

• Broken Access Control

  • Privilege escalation (vertical) and unauthorized access to admin functions.

• Injection Flaws

  • Classic SQL Injection (SQLi) and Database Injection flaws.

• Command Injection / Remote Code Execution (RCE)

  • Detecting if untrusted data executes system commands or OS directives.

• Cross-Site Scripting (XSS)

  • Comprehensive scanning for stored and reflected XSS.

• Authentication Failures

  • Weak password policies, credential stuffing, cookie integrity issues, absence of rate limiting and session management failures.

• Server-Side Request Forgery (SSRF)

  • Tricking the server into making requests to internal resources or external systems.

Advanced & Niche Attack Vectors

Beyond the basics, we probe for complex vulnerabilities that often slip through standard scanners.

• LLM & Prompt Injection

  • Securing AI integrations against manipulation. We detect prompt injection, jailbreaking, and attempts to leak system context.

• Business Logic Errors

  • Flaws in application workflows that allow bypasses (e.g., skipping payment steps) and complex input validation errors.

• Exotic Injections

  • NoSQLi, LDAP Injection, XPath Injection, and Server-Side Template Injection (SSTI).

• Files & Misconfigurations

  • Scanning for file system risks including Local File Inclusion (LFI), Unrestricted File Uploads, Directory Listing, and Error Leakage.

• Insecure Deserialization

  • Executing malicious code by manipulating serialized objects.

• Web Cache Poisoning

  • Manipulating caching mechanisms to serve harmful content to other users.

• Client-Side Attacks

  • Cross-Site Scripting (XSS), CSRF, Open Redirects, and DOM-based vulnerabilities.

• Cryptographic Failures

  • Use of broken algorithms, weak signatures (JWT), hard-coded credentials, and sensitive data exposure.

Hardening & Defensive Controls

We assess whether essential defensive controls are correctly implemented and resilient against common bypass techniques. This includes identifying missing, weak, or misconfigured protections that increase exploitability even when no single vulnerability is present.

Our hardening checks include:

• GraphQL hardening gaps – missing depth, complexity, or query cost limits; introspection exposure in production.

• CORS misconfigurations – overly permissive origins, credentials misuse, and unsafe wildcard configurations.

• TLS & transport security issues – weak cipher suites, outdated protocol versions, improper certificate chains, and missing HSTS.

• HTTP security headers – absent or misconfigured headers such as CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, and Permissions-Policy.

• Rate limiting & abuse protection – missing or ineffective controls on authentication, APIs, and sensitive endpoints.

• Security defaults & environment exposure – debug modes, verbose error handling, and non-hardened production settings.

These findings help reduce attack surface and prevent vulnerability chaining, turning “low-risk” issues into meaningful security improvements.

Compliance

Running this pentest satisfies technical controls for SOC 2 Type II, ISO 27001, and HIPAA. You receive a detailed, auditor-ready report, and you can download a concrete example of the deliverables in our sample pentest report.