In many situations, it was very helpful that someone dedicated to testing performed seemingly ineffective tests with somewhat random test steps. This way, the application is tested for both, for what it is supposed to do, and for what it is not supposed to do. You can even go a little further and use Fuzzing, that means completely random input. This way, you can find many security vulnerabilities.