URL Guessing, HTML Injection, Cookies Manipulation, SQL Injection, Raise Errors, Upload, Path Traversal and Path Disclosure, Null Bytes, URL Encoding, HTTP Header Manipulation, HTML Form-Fields Manipulation, HTML Comments, Default Accounts, Broken Access Control