Blind Testing

OAST and Blind Detection

Out-of-band testing matters when the target does something dangerous without returning proof in-band.

Where OAST helps

Use OAST for backend-triggered behavior such as blind SSRF, XXE, and similar flows where the server may never return a useful response to the operator.

Provider options

WSHawk can work with interact.sh-style infrastructure or a self-hosted callback endpoint. The key point is to treat callback evidence as one part of the overall review, not as the whole story.

python
1from wshawk.scanner_v2 import WSHawkV2
2 
3scanner = WSHawkV2(url)
4scanner.use_oast = True

Project-backed evidence

In v4, callback activity is most useful when it lands in the same project record as the triggering traffic, notes, and replay context.