•   
  •   
  •    

  • Application Profiling
  • Testing Client-Side Controls
  • Testing Authentication Mechanism
  • Testing Session Management Mechanism
  • Testing Access Controls
  • Testing Encryption Control
  • Testing Input-based Vulnerabilities
  • Testing Function-specific Input Vulnerabilities
  • Miscellaneous Checks