I have a web-based jsp site that I need to do some security testing. Some of the test case in security testing will involve different combinations of username and pwd with some wild characters and the other test will be the hacking of URL. Can somebody hack the secure URL? I need to test both cases and if you know of any other, please do let me know.