Skip to content

Penetration Testing

  • Below are the list of Open Web Application Security Projects (OWASP) Testing Guide checklist to perform pen-testing
  • The below checklist is of my own interest, feel free to add if you have one
  • Star (⭐) denoted testing is strongly recommended for testing web applications
Category Testing Guide Remarks
Information Gathering Conduct Search Engine Discovery and Reconnaissance for Information Leakage
Fingerprint Web Server ⭐
Review Webserver Metafiles for Information Leakage ⭐
Enumerate Applications on Webserver ⭐
Review Webpage Comments and Metadata for Information Leakage ⭐
Identify application entry points
Map execution paths through application
Fingerprint Web Application Framework ⭐
Fingerprint Web Application
Map Application Architecture
Configuration and Deploy Management Testing Test Network/Infrastructure Configuration
Test Application Platform Configuration
Test File Extensions Handling for Sensitive Information
Review Old, Backup and Unreferenced Files for Sensitive Information
Enumerate Infrastructure and Application Admin Interfaces ⭐
Test HTTP Methods ⭐
Test HTTP Strict Transport Security ⭐
Test RIA Cross Domain Policy
Test File Permission
Test for Subdomain Takeover
Test Cloud Storage
Identity Management Testing Test Role Definitions
Test User Registration Process
Test Account Provisioning Process
Testing for Account Enumeration and Guessable User Account ⭐
Testing for Weak or Unenforced Username Policy ⭐
Authentication Testing Testing for Credentials Transported over an Encrypted Channel
Testing for Default Credentials
Testing for Weak Lock Out Mechanism
Testing for Bypassing Authentication Schema
Testing for Vulnerable Remember Password
Testing for Browser Cache Weaknesses
Testing for Weak Password Policy
Testing for Weak Security Question Answer
Testing for Weak Password Change or Reset Functionalities
Testing for Weaker Authentication in Alternative Channel
Authorization Testing Testing Directory Traversal File Include
Testing for Bypassing Authorization Schema
Testing for Privilege Escalation
Testing for Insecure Direct Object References
Session Management Testing Testing for Session Management Schema
Testing for Cookies Attributes
Testing for Session Fixation
Testing for Exposed Session Variables
Testing for Cross Site Request Forgery
Testing for Logout Functionality
Testing Session Timeout
Testing for Session Puzzling
Data Validation Testing Testing for Reflected Cross Site Scripting ⭐
Testing for Stored Cross Site Scripting
Testing for HTTP Verb Tampering ⭐
Testing for HTTP Parameter Pollution ⭐
Testing for SQL Injection
Testing for Oracle
Testing for MySQL
Testing for SQL Server
Testing PostgreSQL
Testing for MS Access
Testing for NoSQL Injection
Testing for LDAP Injection
Testing for ORM Injection
Testing for XML Injection
Testing for SSI Injection
Testing for XPath Injection
Testing for IMAP SMTP Injection
Testing for Code Injection
Testing for Local File Inclusion
Testing for Remote File Inclusion
Testing for Command Injection
Testing for Format String Injection
Testing for Incubated Vulnerability
Testing for HTTP Splitting Smuggling
Testing for HTTP Incoming Requests
Testing for Client-side
Testing for Host Header Injection
Testing for Server-side Template Injection
Error Handling Testing for Improper Error Handling ⭐
Cryptography Testing for Weak Encryption ⭐
Testing for Padding Oracle ⭐
Testing for Sensitive Information Sent via Unencrypted Channels ⭐
Testing for Weak Transport Layer Security ⭐
Business Logic Testing Test Business Logic Data Validation
Test Ability to Forge Requests ⭐
Test Integrity Checks
Test for Process Timing ⭐
Test Number of Times a Function Can Be Used Limits ⭐
Testing for the Circumvention of Work Flows ⭐
Test Defenses Against Application Misuse ⭐
Test Upload of Unexpected File Types
Test Upload of Malicious Files
Client Side Testing Testing for DOM-Based Cross Site Scripting ⭐
Testing for JavaScript Execution
Testing for HTML Injection
Testing for Client-side URL Redirect
Testing for CSS Injection
Testing for Client-side Resource Manipulation
Testing Cross Origin Resource Sharing
Testing for Cross Site Flashing
Testing for Clickjacking
Testing WebSockets
Testing Web Messaging
Testing Browser Storage
Testing for Cross Site Script Inclusion