diff --git a/Cases-Collection/Vulnerability Testing.csv b/Cases-Collection/Vulnerability Testing.csv
new file mode 100644
index 0000000..325662f
--- /dev/null
+++ b/Cases-Collection/Vulnerability Testing.csv	
@@ -0,0 +1,21 @@
+S.No,Test Case,Type of Test Case (Positive / Negative),Remarks
+1,Verify if the product fits for latest CVEs,Negative,
+2,Verify that the API has proper rate limitings,Negative,
+3,Verify the user entry for special characters,Negative,
+4,Verify the product has proper sessions,Negative,
+5,Verify that the product uses CAPTCHA as and when required,Positive,
+6,Verify the endpoints for Open Redirection,Negative,
+7,Verify the user inputs for IDOR,Negative,
+8,Verify that the product is not vulnerable to CSRF and/or SSRF,Negative,
+9,Verify that the product is not vulnerable to Host Header Injection,Negative,
+10,Verify that the product is not vulnerable to Local / Remote File Inclusion vulnerability,Negative,
+11,Verify that the product is not vulnerable to SMTP Injection,Negative,
+12,Verify that the product is not vulnerable to SQL Injection,Negative,
+13,Verify that the product is not vulnerable to Subdomain Takeover,Negative,
+14,Verify that the product is not vulnerable to XSS,Negative,
+15,"Verify that the product is not vulnerable to PHP Object Injection, File Deletion, and Arbitrary File Upload",Negative,
+16,Verify that the product is not sending data over unencrypted networks,Negative,
+17,Verify that the product is not vulnerable to Unauthenticated Cache Purge,Negative,
+18,Verify that the product is not vulnerable to HTML Injection,Negative,
+19,Verify that the product is not vulnerable to Application level DOS,Negative,
+20,Verify that the product is not vulnerable to Parameter Pollution,Negative,
\ No newline at end of file