> ## Documentation Index > Fetch the complete documentation index at: https://support.blackbirdsec.eu/llms.txt > Use this file to discover all available pages before exploring further. # Capabilities > Learn more about BLACKBIRD's capabilities ## Capabilities Below is a non-exhaustive list of BLACKBIRD's capabilities. You are always welcome to [explore our interactive demo](https://app.blackbirdsec.eu/demo?ref=docs) and/or contact us whenever you have a question regarding BLACKBIRD. ### Security testing capabilities A non-extensive list of out-of-the box covered vulnerability types: * OS Command Injection * SQL Injection * Server-Side Request Forgery (SSRF) * Server-Side Template Injection (SSTI) * Local File Inclusion (LFI) * Local File Disclosure (LFD) * Remote File Inclusion (RFI) * CORS Misconfiguration * Cross-Site Scripting (XSS) * Subdomain Takeover * Open URL Redirect * JavaScript Static Code Analysis * Sensitive Data Exposures BLACKBIRD is capable of scanning for almost any type of vulnerability, CWE or CVE! ### Automation features * REST API * BLACKBIRD Burpsuite Integration Extension * Slack, Discord, Telegram and Email instant notification API * CI/CD Integration * GitHub/Jira Issue ticketing system integration ### Reporting capabilities BLACKBIRD allows you to export your data in: * JSON (via the REST API) * CSV * PDF Please do note that CSV and PDF exports may not always be available. ### False positive handling BLACKBIRD employs multiple validation mechanisms to minimize false positives: #### Browser Validation BLACKBIRD deploys a headless web browser for client-side vulnerabilities. This allows BLACKBIRD to report back vulnerabilities with the utmost certainty and leaves no room for false positive results. #### Out-of-Band Validation For Out-of-Band (OOB) validation, BLACKBIRD makes use of your [private OAST server](/oast-server/oast-server) for vulnerability validation. Each reported vulnerability that was discovered through OAST (Out-of-Band Application Security Testing, such as SSRFs, blind SQLis, OOB OS command injections, blind XSS, etc) will [contain a reference](/getting-started/glossary#random-id) to an invocation that you can view in your OAST server logs. #### Response Validation For generic vulnerability types that require us to examine the server's HTTP response, we often make use of strictly defined patterns and anti-patterns as secondary validation rules. These measures ensure that we can minimize false positive results. ### Technical limitations BLACKBIRD has the following limitations put in place with the intent to increase the output quality: * A maximum of 10 targets (base URIs or root domains) are allowed per scan. If you need to scan more targets, we recommend you to launch another scan. * There is a maximum scan timeout duration of 24 hours. If a single scan takes longer than 24 hours, it will time out. Any existing results will be imported. * BLACKBIRD is currently only capable of parsing and testing HTTP requests with the following content types: `application/json`, `application/xml`, `application/x-www-form-urlencoded`, and `multipart/form-data` ## FAQ Find an answer on your question. Yes, BLACKBIRD is capable of scanning for all OWASP Top 10 vulnerabilities. Yes, provided that you create or upload your OpenVPN connection profile. As many as you want. There is no limit on the number of scans you can run. Your license includes unlimited scans. Yes, you can view the public IP of the scanner. Yes, BLACKBIRD can reach authenticated parts of your target application as long as you supply the [authentication HTTP request headers](/pentesting-tools/global-configuration#custom-http-request-headers).