SQL Injection
Parameter Tampering
Cross Site Scripting (XSS)
Client Side Request Forgery (CSRF)
Server-Side Request Forgery (SSRF)
Service-Side Request Forgery (SSRF)
Command Injection
Host Header Attack
Information disclosure
FILE Inclusions
Insure file uploading
XML Entity
Brute Force Attacks
  • Small (87,650 words)
  • Medium (2,20,546 words)
  • Big (12,73,819 words)
  • Basic (6038 words)
Traffic analysis (HTTP, HTTPS)
Insecure Data Storage Vulnerabilities
Weak crypto and authorization vulnerabilities
Insecure logging
Client-side injections
Bypassing root detections (if any)
Dumping encryption keys
Bypassing SSL pinning
Disassembling Reversing and patching applications
Passive reconnaissance
Active reconnaissance
Known vulnerability hunt (includes buffer overflows)
Gaining access
Includes Buffer Overflows
Privilege escalation