LICENSE
README.md
pyproject.toml
src/websec_validator/__init__.py
src/websec_validator/briefing.py
src/websec_validator/calibration.json
src/websec_validator/calibration.py
src/websec_validator/cli.py
src/websec_validator/constitution.py
src/websec_validator/corpus.json
src/websec_validator/dynamic.py
src/websec_validator/findings.py
src/websec_validator/probes.py
src/websec_validator/proof.py
src/websec_validator/recon.py
src/websec_validator/report.py
src/websec_validator/scanners.py
src/websec_validator.egg-info/PKG-INFO
src/websec_validator.egg-info/SOURCES.txt
src/websec_validator.egg-info/dependency_links.txt
src/websec_validator.egg-info/entry_points.txt
src/websec_validator.egg-info/top_level.txt
src/websec_validator/extractors/__init__.py
src/websec_validator/extractors/auth.py
src/websec_validator/extractors/authz.py
src/websec_validator/extractors/base.py
src/websec_validator/extractors/client_exposure.py
src/websec_validator/extractors/client_integrity.py
src/websec_validator/extractors/graphql.py
src/websec_validator/extractors/iac_ci.py
src/websec_validator/extractors/integrations.py
src/websec_validator/extractors/pii_exposure.py
src/websec_validator/extractors/policy_consistency.py
src/websec_validator/extractors/routes.py
src/websec_validator/extractors/schemas.py
src/websec_validator/extractors/stack.py
src/websec_validator/extractors/surface.py
src/websec_validator/extractors/tenant.py
src/websec_validator/extractors/transport_security.py
src/websec_validator/extractors/upload_security.py
src/websec_validator/rules/error-stack-disclosure.yml
src/websec_validator/rules/insecure-default-secret.yml
src/websec_validator/templates/probes/_lib.py
src/websec_validator/templates/probes/appsync-cswsh.sh
src/websec_validator/templates/probes/appsync-introspection.sh
src/websec_validator/templates/probes/appsync-subscription-bola.sh
src/websec_validator/templates/probes/bola-cross-tenant.sh
src/websec_validator/templates/probes/bola-write-verbs.py
src/websec_validator/templates/probes/client-integrity-checklist.sh
src/websec_validator/templates/probes/compare-roles.sh
src/websec_validator/templates/probes/dlp-bypass-offline.py
src/websec_validator/templates/probes/error-disclosure-probe.sh
src/websec_validator/templates/probes/forged-token.sh
src/websec_validator/templates/probes/hs256-brute-force.py
src/websec_validator/templates/probes/jwt-attacks.sh
src/websec_validator/templates/probes/mass-assignment.py
src/websec_validator/templates/probes/password-reuse.sh
src/websec_validator/templates/probes/pii-output-diff.sh
src/websec_validator/templates/probes/race-conditions.py
src/websec_validator/templates/probes/rate-limit-burst.sh
src/websec_validator/templates/probes/s3-assess.sh
src/websec_validator/templates/probes/ssrf-probes.sh
src/websec_validator/templates/probes/unauth-baseline.sh
src/websec_validator/templates/probes/upload-matrix.sh
src/websec_validator/templates/probes/webhook-forgery.py
src/websec_validator/templates/reports/FINDINGS-SUMMARY.md.template
src/websec_validator/templates/reports/access-control-matrix.md.template
src/websec_validator/templates/reports/findings-triage.md.template
src/websec_validator/templates/reports/pentest-handover-brief.md.template
src/websec_validator/templates/reports/per-tool-FINDINGS.md.template
tests/test_hardening.py
tests/test_pentest_regressions.py
tests/test_recon.py