{
"engine": "mysql",
"connection": {
"host": "127.0.0.1",
"port": 3306,
"user": "tester",
"password": "testerpw",
"database": "testdb"
},
"checks": ["D1_PII_DATA"]
}{
"scan_id": "b86a0aa7-544f-4fe4-88f6-531c378a0674",
"engine": "mysql",
"target": "127.0.0.1:3306/testdb",
"started_at": "2025-08-20T17:56:48Z",
"duration_ms": 1,
"summary": {
"pass": 0,
"warn": 0,
"fail": 1,
"error": 0
},
"results": [
{
"check_id": "D1_PII_DATA",
"status": "FAIL",
"message": "Found 1 column(s) containing plaintext PII",
"evidence": {
"engine": "mysql",
"database": "testdb",
"tables": [
"orders",
"users"
],
"summary": {
"columns_scanned": 3,
"pii_columns_flagged": 3,
"plaintext_pii_columns": 1
},
"findings": [
{
"schema": "testdb",
"table": "users",
"column": "full_name",
"data_type": "varchar(100)",
"signals": {
"flagged_by_name": true,
"pattern_hits": {
"name_like": 3
},
"avg_len": 10.67,
"pct_printable": 100.0,
"fixed_length_hint": false,
"base64ish_hits": 0,
"binary_type": false,
"entropy_bits_per_char": 4.23
},
"risk_score": 4,
"classification": "TOKENIZED_OR_ENCRYPTED_LIKE"
},
{
"schema": "testdb",
"table": "users",
"column": "email",
"data_type": "varchar(150)",
"signals": {
"flagged_by_name": true,
"pattern_hits": {
"email": 3
},
"avg_len": 17.0,
"pct_printable": 100.0,
"fixed_length_hint": false,
"base64ish_hits": 0,
"binary_type": false,
"entropy_bits_per_char": 3.82
},
"risk_score": 5,
"classification": "PLAINTEXT_PII"
},
{
"schema": "testdb",
"table": "orders",
"column": "item",
"data_type": "varchar(100)",
"signals": {
"flagged_by_name": false,
"pattern_hits": {
"name_like": 3,
"address_like": 2
},
"avg_len": 13.5,
"pct_printable": 100.0,
"fixed_length_hint": false,
"base64ish_hits": 0,
"binary_type": false,
"entropy_bits_per_char": 4.7
},
"risk_score": 2,
"classification": "TOKENIZED_OR_ENCRYPTED_LIKE"
}
]
},
"article_refs": [
"Art32"
],
"severity": "high"
}
]
}{
"engine": "mysql",
"connection": {
"host": "127.0.0.1",
"port": 3306,
"user": "tester",
"password": "testerpw",
"database": "testdb"
},
"checks": ["V1_SUPPORTED_VERSION"]
}{
"scan_id": "6a901ded-3edd-496d-926d-0fd0b075f96e",
"engine": "mysql",
"target": "127.0.0.1:3306/testdb",
"started_at": "2025-08-20T17:58:48Z",
"duration_ms": 1,
"summary": {
"pass": 0,
"warn": 0,
"fail": 1,
"error": 0
},
"results": [
{
"check_id": "V1_SUPPORTED_VERSION",
"status": "FAIL",
"message": "EOL reached on 2024-04-30",
"evidence": {
"engine": "mysql",
"line": "8.0",
"eol_date": "2024-04-30",
"version_string": "8.0.43",
"version_comment": "MySQL Community Server - GPL"
},
"article_refs": [
"Art32"
],
"severity": "high"
}
]
}Finds Password fields from selected list of password fields names and checks if its hashed.
{
"engine": "postgresql",
"connection": {
"host": "127.0.0.1",
"port": 5433,
"user": "vulnuser",
"password": "12345",
"database": "vuln_db"
},
"checks": [
"BRUTE_PASSWORD_FIELD_SCAN"
],
{
"engine": "postgresql",
"connection": {
"host": "127.0.0.1",
"port": 5433,
"user": "vulnuser",
"password": "12345",
"database": "vuln_db"
},
"checks": [
"BRUTE_PASSWORD_FIELD_SCAN"
],
"args" : {
"BRUTE_PASSWORD_FIELD_SCAN" : {
"passwordFieldFinder" : "brute", // or "ai"
"passwordChecker" : "brute" // or "ai" not implemented though
}
}
}
}{
"check_id": "BRUTE_PASSWORD_FIELD_SCAN",
"status": "PASS",
"message": "Scanning password fields complete",
"evidence": {
"Password_Fields": [
{
"table": "users",
"password_column": "password",
"detection_result": {
"type": "unknown",
"confidence": 0.2,
"reasons": [
"No format match. Entropy≈3.28"
],
"normalized": null
}
},
{
"table": "not_hashed_users",
"password_column": "credential",
"detection_result": {
"type": "unknown",
"confidence": 0.2,
"reasons": [
"No format match. Entropy≈3.28"
],
"normalized": null
}
}
]
},
"article_refs": [
"Art32"
],
"severity": "high"
}{
"engine": "postgresql",
"connection": {
"host": "127.0.0.1",
"port": 5433,
"user": "vulnuser",
"password": "12345",
"database": "vuln_db"
},
"checks": [
"CONFIG_FILES_SCAN"
],
"timeout_sec": 0,
"args": {
"config_paths": [
"<path_to_config_file>/pg_hba.conf"
],
"remote" : {
"host" : "remote server ip address or localhost",
"username" : "username",
"password" : "password"
}
}
}{
"scan_id": "9e0b44cd-68af-4fc0-9cad-48554c5a9d89",
"engine": "postgresql",
"target": "127.0.0.1:5433/vuln_db",
"started_at": "2025-09-15T16:43:05Z",
"duration_ms": 1,
"summary": {
"pass": 1,
"warn": 0,
"fail": 0,
"error": 0
},
"results": [
{
"check_id": "CONFIG_FILES_SCAN",
"status": "PASS",
"message": "Scanned Config files",
"evidence": {
"Configs": {
"very_weak_password_encryption": true,
"ssl_disabled": true,
"weak_ssl_cipher_preference": true
}
},
"article_refs": [
"Art32"
],
"severity": "high"
}
]
}{
"engine": "postgresql",
"connection": {
"host": "127.0.0.1",
"port": 5433,
"user": "vulnuser",
"password": "12345",
"database": "vuln_db"
},
"checks": [
"USER_AUDIT_001"
],
"args" : {
"admin_users" : ["vulnuser"]
}
}{
"check_id": "USER_AUDIT_001",
"status": "PASS",
"message": "User privilege audit completed",
"evidence": {
"admins": [
"vulnuser"
],
"full_control_users": [],
"potential_issues": [],
"summary": {
"admin_count": 1,
"full_control_count": 0,
"issues_found": 0
},
"users": [
"PUBLIC",
"pg_read_all_stats",
"vulnuser"
]
},
"article_refs": [
"Art32"
],
"severity": "high"
}