- Vulnerability assessment
- Network scanning
- Search for open ports, services, and versions
- OSINT
- Search for CVE
- Search for publicly available exploits
- SQL injection
- XSS injection (Stored, Reflected, DOMbased)
- Os command injection
- LFI/RFI
- Session testing
- Authorization bypass
- CSRF
- Source code review
- Directory traversal and access to different website folders
- Remote code execution
- Credentials brute force
- Searching for the existence of an admin resource
- URL parameters test
- Testing for resistance to DDoS attacks