- HTTP Method & Authentication Testing
- Sensitive Data Exposure Vulnerabilities
- Broken Authentication Attacks (Attacking Login Forms, Bypassing Authentication etc)
- Session Security Testing (Session Hijacking, Session Fixation & CSRF)
- Cross-Site Request Forgery (CSRF)
- Injection & Input Validation Attacks (Command Injection, Code Injection)
- Security Misconfigurations