• execute privileged programs,
• impersonate another user by getting unauthorized access to his or her credentials,
• crack weak passwords,
• buffer and format string overflows,
• abuse temporary files and system memory,
• tamper with parameters in Web-based applications,
• abuse weak input validation techniques, and
• exploit application-specific vulnerabilities.