Web Application Test Suite is used for testing web applications. The suite requires a capture from a Web browsing session which is then anomalized and driven against the target Web Application. HTTP archive (HAR) captures and plaintext HTTP session files are supported. Additionally to fuzzing, Web Application Test Suite tests and detects also many vulnerabilities which are characteristic to web applications. The test suite tests SQL and LDAP injections and cross-site scripting attacks, and detects missing XSRF tokens. Web Application Test Suite supports OAuth 1.0(a) and 2.0 Authorization sequences. This makes it possible to test OAuth implementations and Web application functionality, which requires authorization. Suite can also act as an OpenID end user, and pass on (and fuzz) parameters between relying party and OpenID provider.