I am trying to figure out scenarios for different web application security testing approaches with Selenium WebDriver. I am aware of XSS and SQL injection but have not tried executing such tests with Selenium. Although Selenium is supposed to be used as a UI functional test automation tool, I feel that we can use it to test some security aspects of a website too.
My questions are:
1. Has anyone worked on automated security testing of web apps using Selenium? Can you please share your experiences or ways you achieved it using Selenium?
2. What could be possible security testing from web UI I could perform using Selenium as my tool?