Web security testing aims to find security vulnerabilities in Web applications and their configuration. The primary target is the application layer (i.e., what is running on the HTTP protocol).
– SQL Injection
– XSS (Cross Site Scripting)
– Remote Command Execution
– Path Traversal
Majority of Web Application Attacks