With the rapid increase in cybercrime, companies are taking great measures to guard against its occurrence. The impact of these attacks can tremendously affect companies in many ways; such as data theft, financial loss, denial of service, and reputation damage. Penetration testing is used to search for vulnerabilities that might exist in a system. The testing usually involves simulating different types of attacks on the target system. This type of testing provides an organized and controlled way to identify security shortcomings. The resources and time required for comprehensive testing can make penetration testing cost intensive. Consequently, such tests are usually only performed during important milestones. In this project, we have covered several attacks based on web applications vulnerabilities, in order to investigate the target system limitations.