QA002 - Security Penetration Testing

[Dedebrianna]

User Story:

As a security tester
I want to verify the platform resists real attacks
So that CTF challenges don't become actual vulnerabilities

Acceptance Criteria (Definition of Done) ::

• Session hijacking attempts
• SQL injection testing
• XSS vulnerability scanning
• CSRF protection verification
• Authentication bypass testing

Dependencies:
CD003, CD004

[steadhac]

Test Cases https://docs.google.com/spreadsheets/d/1mdelmXYfarn7_xPNvNlSc9N5WH5S9kHQ2cEdPJmXeyA/edit?usp=sharing