Probabilistic Techniques
034. Insecure generation of random numbers035. Weak credential policy041. Enabled default credentials050. Guessed weak credentials053. Lack of protection against brute force attacks277. Weak credential policy - Password Expiration296. Weak credential policy - Password Change Limit330. Lack of protection against brute force attacks - Credentials459. Observable Timing Discrepancy460. Insecure or unset HTTP headers - Cross-Origin-Resource-Policy