Identification should include
backdoors
buffer overflows
Structured Query Language (SQL) injections
cross-site scripting
zero day.