Online Trace.axd File Scanner

ASP.NET's includes a powerful mechanism for detailed request tracing called Trace.axd and it can also be used by attackers to gain information about requests and responses to the application.

Short Info

Level

Medium

Type

Single Scan

Can be used by

Everyone

Estimated Time

10 sec

Scan only one

Url

Parent Category

Online Trace.axd File Scanner Detail

ASP.NET's includes a powerful mechanism for detailed request tracing called Trace.axd. The Trace.axd application keeps a very detailed log of all requests made to an application over a period of time but it can also be used by attackers to gain information about requests and responses to the application.

An attacker can obtain information such as:

Session cookies
Session state
Query string and post variables
Physical path of the requested file

This means that the attacker can hijack any active user's session by using their session details.

cyber security services for everyone one. Free security tools, continuous vulnerability scanning and many more.

Try it yourself,
control security posture

Get free usage

Learn More About Product