feat: update docs (#133)

docs/02-testing/06-custom-rules/04-Transformations.md

@@ -28,5 +28,5 @@ transform:
 
 ### Properties
 
-- `trigger`: The detectors to trigger the transform, on the request or response.
-- `mutate`: The mutations to apply to the request and replay it.
+- `trigger`: The detectors to trigger the transform, on the request or response. See [Detectors](./detectors)
+- `mutate`: The mutations to apply to the request and replay it. See [Mutators](./mutators)

docs/02-testing/06-custom-rules/index.mdx

@@ -14,11 +14,11 @@ in a simple language that is powerful thanks to Escape's inference engine.
 
 A custom rule is a YAML file that defines the following blocks:
 
-- [Alerting](https://docs.escape.tech/testing/custom-rules/Alerting) is used define the alert format, it's severity…
-- [Detectors](https://docs.escape.tech/testing/custom-rules/Detectors) are used to detect if an alert must be raised by inspecting queries.
-- [Transformations](https://docs.escape.tech/testing/custom-rules/Transformations) are used to mutate the requests (optional).
-- [Mutators](https://docs.escape.tech/testing/custom-rules/Mutators) are used inside the transformations.
-- [Seeders](https://docs.escape.tech/testing/custom-rules/Seeders) are used to seed the scan with requests (optional).
+- [Alerting](./alerting) is used define the alert format, it's severity…
+- [Detectors](./detectors) are used to detect if an alert must be raised by inspecting queries.
+- [Transformations](./transformations) are used to mutate the requests (optional).
+- [Mutators](./mutators) are used inside the transformations.
+- [Seeders](./seeders) are used to seed the scan with requests (optional).
 
 ## Examples
 
@@ -125,7 +125,7 @@ detect:
 ### Properties
 
 - `id`: The unique identifier of the custom rule. It is provided by Escape, do not set it manually.
-- `seed`: A list of requests to seed the scan. See [Seeders](https://docs.escape.tech/testing/custom-rules/Seeders)
-- `transform`: Defines lists of triggers and mutations (combined with AND operators).See [Transformations](https://docs.escape.tech/testing/custom-rules/Transformations)
-- `detect`: The conditions to trigger the alert. See [Detectors](https://docs.escape.tech/testing/custom-rules/Detectors)
-- `alert`: The alert to raise if the detection conditions are met. See [Alerting](https://docs.escape.tech/testing/custom-rules/Alerting)
+- `seed`: A list of requests to seed the scan. See [Seeders](./seeders)
+- `transform`: Defines lists of triggers and mutations (combined with AND operators).See [Transformations](./transformations)
+- `detect`: The conditions to trigger the alert. See [Detectors](./detectors)
+- `alert`: The alert to raise if the detection conditions are met. See [Alerting](./alerting)

docs/02-testing/07-advanced-usage/07-parameters-reference.mdx

@@ -32,7 +32,7 @@ scan:
     Content-Type: application/json
     Content-Length: 194
 
-  profile: surface | cicd | default | deep | unrestricted
+  profile: surface | marketing | cicd | default | deep | unrestricted
   read_only: true | false
   scalars:
     SSET:
@@ -91,6 +91,7 @@ scan:
 ### <a id="ScanProfile"></a>ScanProfile
 
 - `surface`
+- `marketing`
 - `cicd`
 - `default`
 - `deep`

docs/02-testing/09-vulnerabilities/index.mdx

@@ -6,9 +6,9 @@ description: Dive in Escape Security Reference table. This table covers vulnerab
 
 # ✅ Security Tests Reference
 
-### Escape currently supports 116 tests
+### Escape currently supports 119 tests
 
-| Name | Category | GraphQL Support(100)| REST Support(88) | Default Severity | OWASP 2023 |
+| Name | Category | GraphQL Support(103)| REST Support(91) | Default Severity | OWASP 2023 |
 | ---- | -------- | --------------- | ------------ | ---------------- | ---------- |
 | [Private data](./access_control/private_data) | [Access control](../access_control)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API3:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa3-broken-object-property-level-authorization.md) |
 | [Private fields](./access_control/private_fields) | [Access control](../access_control)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API1:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa1-broken-object-level-authorization.md) |
@@ -48,6 +48,7 @@ description: Dive in Escape Security Reference table. This table covers vulnerab
 | [Stacktrace](./information_disclosure/stacktrace) | [Information disclosure](../information_disclosure)  | ✅ | ✅ |**<span className="medium-severity">MEDIUM</span>** | [API7:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa7-server-side-request-forgery.md) |
 | [Vulnerable Package](./information_disclosure/potential_cve) | [Information disclosure](../information_disclosure)  | ✅ | ✅ |**<span className="medium-severity">MEDIUM</span>** | [API8:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa8-security-misconfiguration.md) |
 | [Debug mode](./information_disclosure/debug_mode) | [Information disclosure](../information_disclosure)  | ✅ | ✅ |**<span className="low-severity">LOW</span>** | [API7:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa7-server-side-request-forgery.md) |
+| [Field Suggestion](./information_disclosure/rest_field_suggestion) | [Information disclosure](../information_disclosure)  | ✅ | ✅ |**<span className="low-severity">LOW</span>** | [API3:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa3-broken-object-property-level-authorization.md) |
 | [File disclosure](./information_disclosure/file_disclosure) | [Information disclosure](../information_disclosure)  |  | ✅ |**<span className="low-severity">LOW</span>** | [API7:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa7-server-side-request-forgery.md) |
 | [Private IP](./information_disclosure/private_ip) | [Information disclosure](../information_disclosure)  |  | ✅ |**<span className="low-severity">LOW</span>** | [API1:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa1-broken-object-level-authorization.md) |
 | [Software Component Leak](./information_disclosure/software_component_leak) | [Information disclosure](../information_disclosure)  | ✅ | ✅ |**<span className="low-severity">LOW</span>** | [API8:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa8-security-misconfiguration.md) |
@@ -68,6 +69,7 @@ description: Dive in Escape Security Reference table. This table covers vulnerab
 | [SQL Injection](./injection/sql) | [Injection](../injection)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API9:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa9-improper-inventory-management.md) |
 | [SSTI (Server-Side Template Injection)](./injection/ssti) | [Injection](../injection)  |  | ✅ |**<span className="high-severity">HIGH</span>** | [API10:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xaa-unsafe-consumption-of-apis.md) |
 | [Stored Improper Input Validation Injection](./injection/improper_input_stored) | [Injection](../injection)  | ✅ |  |**<span className="high-severity">HIGH</span>** | [API10:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xaa-unsafe-consumption-of-apis.md) |
+| [Vulnerable LLM](./injection/llm) | [Injection](../injection)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API8:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa8-security-misconfiguration.md) |
 | [XXE Injection](./injection/xxe) | [Injection](../injection)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API10:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xaa-unsafe-consumption-of-apis.md) |
 | [CRLF Injection](./injection/crlf) | [Injection](../injection)  | ✅ | ✅ |**<span className="medium-severity">MEDIUM</span>** | [API10:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xaa-unsafe-consumption-of-apis.md) |
 | [SSL Certificate](./protocol/ssl_certificate) | [Protocol](../protocol)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API2:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa2-broken-authentication.md) |
@@ -98,6 +100,7 @@ description: Dive in Escape Security Reference table. This table covers vulnerab
 | [GET based CSRF](./request_forgery/csrf_get_based) | [Request forgery](../request_forgery)  | ✅ |  |**<span className="medium-severity">MEDIUM</span>** | [API2:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa2-broken-authentication.md) |
 | [POST based CSRF](./request_forgery/csrf_post_based) | [Request forgery](../request_forgery)  | ✅ |  |**<span className="medium-severity">MEDIUM</span>** | [API2:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa2-broken-authentication.md) |
 | [SSRF Injection in headers](./request_forgery/ssrf_header) | [Request forgery](../request_forgery)  |  | ✅ |**<span className="low-severity">LOW</span>** | [API10:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xaa-unsafe-consumption-of-apis.md) |
+| [Resource limiting bypass](./resource_limitation/resource_limiting_bypass) | [Resource limitation](../resource_limitation)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API4:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa4-unrestricted-resource-consumption.md) |
 | [Security timeout](./resource_limitation/timeout) | [Resource limitation](../resource_limitation)  | ✅ | ✅ |**<span className="high-severity">HIGH</span>** | [API7:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa7-server-side-request-forgery.md) |
 | [Depth limit](./resource_limitation/graphql_depth_limit) | [Resource limitation](../resource_limitation)  | ✅ |  |**<span className="medium-severity">MEDIUM</span>** | [API4:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa4-unrestricted-resource-consumption.md) |
 | [Directive overloading](./resource_limitation/graphql_directive_overload) | [Resource limitation](../resource_limitation)  | ✅ |  |**<span className="medium-severity">MEDIUM</span>** | [API8:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa8-security-misconfiguration.md) |

docs/02-testing/09-vulnerabilities/information_disclosure/rest_field_suggestion.mdx

@@ -0,0 +1,148 @@
+---
+title: Field Suggestion
+---
+
+# Field Suggestion
+
+## Description
+
+**Field Suggestion** allows users to infer the entire schema. Example of errors: ``` Error: Field "XYZ" is missing ```. 
+
+## Remediation
+
+Avoid providing verbose error messages to users in production.
+
+
+
+### REST Specific
+
+<details>
+    <summary>Asp_net</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Ruby_on_rails</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Next_js</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Laravel</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Express_js</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Django</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Symfony</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Spring_boot</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Flask</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Nuxt</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+<details>
+    <summary>Fastapi</summary>
+
+Avoid returning verbose error messages.
+
+</details>
+
+## Configuration
+
+> Identifier: `information_disclosure/rest_field_suggestion`
+
+
+
+### Examples
+
+
+
+#### Ignore this check
+
+```yaml
+checks:
+  information_disclosure/rest_field_suggestion:
+    skip: true
+```
+
+
+
+
+## Score
+
+- Escape Severity: **<span className="low-severity">LOW</span>**
+
+### Compliance
+
+- OWASP: **[API3:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa3-broken-object-property-level-authorization.md)**
+- pci: **5.2.6**
+
+
+
+
+
+
+
+### Classification
+
+
+
+
+
+
+### Score
+
+
+
+
+## References
+
+- [https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A3-Sensitive_Data_Exposure](https://owasp.org/www-project-top-ten/OWASP_Top_Ten_2017/Top_10-2017_A3-Sensitive_Data_Exposure)
+  - [https://cheatsheetseries.owasp.org/cheatsheets/Error_Handling_Cheat_Sheet.html](https://cheatsheetseries.owasp.org/cheatsheets/Error_Handling_Cheat_Sheet.html)
+  

docs/02-testing/09-vulnerabilities/injection/llm.mdx

@@ -0,0 +1,82 @@
+---
+title: Vulnerable LLM
+---
+
+# Vulnerable LLM
+
+## Description
+
+Large Language Models (LLMs) are powerful tools that can be used to generate text, code, and other content. However, they can also be used to generate malicious content. To prevent these attacks, it is important to carefully validate and sanitize user input before passing it to an LLM.
+LLM vulnerabilities can arise when users input data that manipulates the model to produce harmful or unintended outputs. These vulnerabilities are categorized under the LLM OWASP Top 10, a set of guidelines and potential risks associated with LLM deployment.
+A successful exploitation of LLM vulnerabilities can lead to a variety of adverse effects, such as unauthorized access to sensitive data, unintended disclosure of information, manipulation of the model's responses to perform harmful actions, and the generation of offensive or misleading content. For instance, an attacker might craft inputs to trick the LLM into producing text that discloses confidential information, or they might induce the model to generate code that could compromise the security of a system.
+Mitigating these risks requires robust security measures, including input validation, rate limiting, and continuous monitoring of the model's outputs. Additionally, implementing comprehensive logging and alerting mechanisms can help identify and respond to suspicious activities promptly.
+By understanding and addressing the LLM OWASP Top 10 vulnerabilities, organizations can better secure their LLM implementations and protect against potential threats.
+
+
+## Remediation
+
+To remediate a vulnerability named "Vulnerable LLM," follow these steps:
+
+1. Update the software or system that contains the "Vulnerable LLM" to the latest version provided by the vendor.
+2. If a patch is available specifically for the vulnerability, apply it immediately following the vendor's instructions.
+3. Review and apply the principle of least privilege to limit access to the affected component.
+4. Monitor for any unusual activity that may indicate exploitation attempts.
+5. If possible, enable additional security features or controls that can mitigate the risk of exploitation.
+6. Ensure that all dependencies and related software are also updated to prevent indirect exploitation.
+7. Conduct regular vulnerability scans to ensure the issue is resolved and no new related vulnerabilities have emerged.
+8. Educate users and administrators about the vulnerability and best practices for avoiding similar issues in the future.
+
+
+
+## Configuration
+
+> Identifier: `injection/llm`
+
+
+
+### Examples
+
+
+
+#### Ignore this check
+
+```yaml
+checks:
+  injection/llm:
+    skip: true
+```
+
+
+
+
+## Score
+
+- Escape Severity: **<span className="high-severity">HIGH</span>**
+
+### Compliance
+
+- OWASP: **[API8:2023](https://github.com/OWASP/API-Security/blob/master/editions/2023/en/0xa8-security-misconfiguration.md)**
+- pci: **6.5.10**
+- gdpr: **Article-32**
+- soc2: **CC6**
+- psd2: **Article-95**
+- iso27001: **A.12.6**
+- nist: **SP800-53**
+- fedramp: **SI-10**
+
+### Classification
+
+
+
+
+
+
+### Score
+
+- CVSS_VECTOR: **CVSS:3.1/AV:N/AC:L/PR:N/UI:R/S:C/C:H/I:H/A:H**
+- CVSS_SCORE: **5.3**
+
+## References
+
+- [https://owasp.org/www-project-top-10-for-large-language-model-applications/](https://owasp.org/www-project-top-10-for-large-language-model-applications/)
+