Go modules · proxy.golang.org

github.com/method-security/webscan

DNS / OAST exfiltration: matched "oast.pro"

Why PkgRadar flagged v0.0.241

Severity	Signal	Evidence
high	DNS / OAST exfiltration	matched "oast.pro" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2017/CVE-2017-14725.yaml
high	DNS / OAST exfiltration	matched "oast.pro" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2018/CVE-2018-11686.yaml
high	DNS / OAST exfiltration	matched "oast.fun" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2019/CVE-2019-18394.yaml
high	DNS / OAST exfiltration	matched "oastify.com" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2020/CVE-2020-11984.yaml
high	DNS / OAST exfiltration	matched "oast.fun" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2020/CVE-2020-26948.yaml
high	DNS / OAST exfiltration	matched "oast.pro" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2021/CVE-2021-40822.yaml
high	DNS / OAST exfiltration	matched "oast.pro" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2022/CVE-2022-0597.yaml
high	DNS / OAST exfiltration	matched "oast.pro" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2022/CVE-2022-23544.yaml
high	DNS / OAST exfiltration	matched "interactsh.com" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2022/CVE-2022-40083.yaml
high	DNS / OAST exfiltration	matched "oast.fun" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2022/CVE-2022-41412.yaml
high	DNS / OAST exfiltration	matched "oast.fun" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2022/CVE-2022-42149.yaml
high	DNS / OAST exfiltration	matched "oast.pro" · github.com/method-security/[email protected]/utils/nuclei/templates/pentest/scan/cve/2023/CVE-2023-22432.yaml

Scanned versions

Version	Verdict	Score	Scanned (UTC)
`v0.0.241`	High risk	142	2026-05-30
`v0.0.239`	High risk	142	2026-05-30
`v0.0.240`	High risk	142	2026-05-30

Related campaigns

dns_or_oast_exfil:matched "oast.fun" — 31 releases, max score 148

Block this in CI

PkgRadar gates github.com/method-security/webscan (and every other dependency) before it merges. One line in your pipeline:

pkgradar gate --ecosystem go github.com/method-security/[email protected]

Start free — 25 scans / mo View full evidence