Abstract: In today's scenario, every facility is being digitalized. These facilities and luxuries are the result of several work-hours of rigorous work put in by the team of developers, be it a standalone application or a massively multiplayer gaming network. But security is seldom the priority of developers unless the system is designed to provide security itself. And the fact remains that people with malicious intent still try to take advantage of the security loopholes left by the developers, mostly for profit and sometimes just for fun. Given the facility is a critical system like a power plant, such attacks may lead to nationwide distress. On the other hand, vulnerabilities in a system like a banking network can cause economic loss to numerous individuals. However, more than 75% of these vulnerabilities exist on the application level. These are mostly the implementation and programming mistakes. Some of them are: integer overflow, buffer overflow, faulty string formatting, double free etc. Though this lead to most of the exploitation which are easily avoidable by simple practices and awareness, like VAPT, input validation, input sanitization, etc. These are the few topics that I would be discussing and demonstrating.