BACK TO HOME
Voria Internal Documentation

🛡️ Voria Security & Reliability Test Suite

Voria v0.0.5 features an advanced suite of 52 specialized tests across 5 major categories. These tests range from static code analysis to dynamic production simulations.

🔒 Security (Pentesting)

Deep-dive analysis into vulnerabilities and attack vectors.

Test IDNameDescriptionImpactType
terminal
sql_injection
SQL Injection ScanChecks for improper sanitization of database queries.CriticalStatic
terminal
xss
Cross-Site Scripting (XSS)Checks for reflected or stored XSS vulnerabilities.HighStatic
terminal
csrf
CSRF Protection AuditVerifies presence of CSRF tokens in requests.HighStatic
terminal
path_traversal
Path Traversal ProbeDetects insecure file path handling.HighStatic
terminal
insecure_deserialization
Insecure DeserializationIdentifies unsafe decoding of serialized data.CriticalStatic
terminal
command_injection
Command Injection ScanChecks for shell commands built using untrusted input.CriticalStatic
terminal
hardcoded_secrets
Hardcoded Secret DetectionScans for API keys, passwords, and certificates.CriticalStatic
terminal
ssrf
Server-Side Request ForgeryDetects making requests to internal URLs.HighStatic
terminal
xxe
XML External Entity (XXE)Checks for insecure XML parsers.HighStatic
terminal
insecure_upload
Insecure File UploadAnalyzes file upload handling for potential exploits.HighStatic
terminal
vulnerable_components
Known Vulnerable ComponentsAudit dependencies against CVE databases.HighStatic
terminal
broken_access_control
Broken Access ControlAnalyzes authorization logic for bypasses.HighStatic
terminal
weak_crypto
Weak CryptographyDetects use of MD5, SHA1, etc.HighStatic
terminal
sensitive_data_exposure
Sensitive Data ExposureChecks for PII leaked in logs or errors.HighStatic
terminal
insecure_jwt
Insecure JWT HandlingChecks for weak algorithms or lack of verification.HighStatic
terminal
rate_limiting
Lack of Rate LimitingChecks for API endpoints vulnerable to abuse.MediumStatic
terminal
bruteforce_protection
Bruteforce ProtectionIdentifies lack of rate limiting or lockout logic.MediumStatic
terminal
session_management
Improper Session ManagementAnalyzes session lifecycle and fixation.MediumStatic
terminal
integrity_checks
Lack of Integrity ChecksChecks if assets lack checksum verification.MediumStatic
terminal
open_redirect
Open Redirect AuditChecks for unsafe redirection URLs.MediumStatic
terminal
security_headers
Security Headers AuditVerifies CSP, HSTS, and X-Content-Type.MediumStatic
terminal
clickjacking
Clickjacking VulnerabilityChecks for X-Frame-Options or suitable CSP.LowStatic
terminal
info_leakage
Information Leakage ScanDetects version info or stack traces.LowStatic
terminal
error_handling_leak
Error Handling LeakageVerifies catch blocks don't expose internals.LowStatic

🏭 Production & Reliability

Ensuring your code survives in a real-world environment.

Test IDNameDescriptionImpactType
terminal
deadlock_detection
Potential Deadlock ScanAnalyzes lock acquisition order.HighStatic
terminal
race_condition
Race Condition CheckIdentifies non-atomic operations on shared state.HighStatic
terminal
unhandled_exceptions
Unhandled Exception ScanChecks for paths where exceptions could crash.HighStatic
terminal
connection_exhaustion
Conn Pool Exhaustion ProbeAnalyzes resource cleanup.HighStatic
terminal
slow_query
Slow Query DetectionScans for unoptimized DB queries without indices.MediumStatic
terminal
memory_leak_static
Memory Leak Static ScanIdentifies patterns like unclosed resources.MediumStatic
terminal
cache_consistency
Cache Inconsistency ScanChecks for missing cache invalidation.MediumStatic
terminal
timeout_handling
Missing Timeout LogicDetects blocking calls without timeouts.MediumStatic
terminal
latency_baseline
Latency Baseline AuditEstablishes baseline response times.MediumDynamic
terminal
circular_dep
Circular Dependency AuditMaps module imports for circularities.LowStatic

⚡ Performance & Stress

Measuring the limits of your application.

Test IDNameDescriptionImpactType
terminal
concurrent_users
High Concurrency SimulationSimulates massive parallel user requests.HighDynamic
terminal
cpu_stress
CPU Stress ResilienceSimulates heavy computational load.MediumDynamic
terminal
mem_stress
Memory Stress ResilienceSimulates high memory allocation.MediumDynamic
terminal
payload_stress
Large Payload ResilienceTests handling of large input data.MediumDynamic
terminal
throughput_max
Max Throughput BenchmarkDetermines saturation point of service.MediumDynamic
terminal
p99_latency
P99 Latency AuditMeasures tail latency under normal load.MediumDynamic
terminal
db_index_audit
DB Index OptimizationSuggests missing indices.MediumStatic
terminal
network_latency
Network Latency SimulationSimulates slow network conditions.LowDynamic
terminal
cold_start
Cold Start AnalysisMeasures startup and init performance.LowDynamic
terminal
bundle_size
Asset Bundle Size AuditAnalyzes production assets size.LowStatic

💎 Code Quality & Compliance

Standards and maintainability audit.

Test IDNameDescriptionImpactType
terminal
license_compliance
License Compliance AuditChecks for restrictive licenses.MediumStatic
terminal
coverage_gap
Test Coverage Gap AnalysisIdentifies paths missing tests.MediumStatic
terminal
lint_security
Security-focused LintingRuns specialized security linter rules.MediumStatic
terminal
dep_graph
Dependency Health AuditAnalyzes depth and variety of dependencies.LowStatic
terminal
doc_completeness
Documentation CompletenessChecks for missing docstrings or docs.LowStatic
terminal
complexity_drift
Complexity Drift ScanDetects increasing cyclomatic complexity.LowStatic
terminal
redundant_calls
Redundant API Call DetectionIdentifies duplicate data fetching.LowStatic

🚀 Running Tests

Use the CLI to run any specific test or a full category scan:

bash
# Run a specific security test
voria test sql_injection

# Run a full security audit
voria scan --category security

# Run parallel stress tests
voria test cpu_stress,mem_stress --concurrency 5