SlideShare a Scribd company logo

Web Application Penetration Testing Checklist

โ€ข
โ€ข
P
priyanshamadhwal2

Cybersecurity is a journey, not a destination! Our ๐–๐ž๐› ๐€๐ฉ๐ฉ ๐๐ž๐ง๐ž๐ญ๐ซ๐š๐ญ๐ข๐จ๐ง ๐“๐ž๐ฌ๐ญ๐ข๐ง๐  ๐‚๐ก๐ž๐œ๐ค๐ฅ๐ข๐ฌ๐ญ is your roadmap to a strengthened digital fortress. Every phase explained in this carousel is a crucial defense. How secure is your digital castle? Share your security strategies below!

Education
1 of 26
Download to read offline
CHECKLIST WEB APPLICATION PENETRATION TESTING
www.infosectrain.com Test Name Test Case Result Identify Web Server, Technologies, and Database Verify that the website is hosted on an HTTP server, front-end technologies, and back-end with PostgreSQL database. ASN (Autonomous System Number) & IP Space Enumeration and Service Enumeration Ensure the enumeration toolโ€™s accuracy in obtaining ASNs, identifying IP addresses within a specified range, and detecting open ports and services on a target IP address. Google Dorking Ensure that the Google Dorking technique effectively retrieves sensitive information from public internet search engine results. Directory Enumeration Ensure that the directory enumeration process accurately identifies and lists directories and files within a specified web server directory. Reverse Lookup Ensure that the reverse lookup functionality accurately maps IP addresses to domain names. JS Files Analysis Confirm that the JS files analysis function accurately identifies vulnerabilities and security issues in JavaScript files. Subdomain Enumeration and Bruteforcing Confirm that the subdomain enumeration and brute-forcing functionality accurately discover subdomains associated with the target domain Port Scanning Verify that the port scanning tool correctly identifies open ports on a target IP address or network. Reconnaissance Phase
Test Name Test Case Result Duplicate Registration/Overwrite Existing User Verify that the registration process prevents duplicate registration and overwriting of existing user accounts. Weak Password Policy Confirm that the registration process enforces a strong password policy. Reuse of Existing Usernames Ensure that the registration process prevents the reuse of the existing usernames. Insufficient Email Verification Process Verify that the email verification process adequately verifies user email addresses. Weak Registration Implementation - Allows Disposable Email Addresses Confirm that the registration process does not allow registration with disposable email addresses. Weak Registration Implementation- Over HTTP Verify that the registration process is securely implemented and does not allow registration over an unencrypted HTTP connection. Overwrite Default Web Application Pages Confirm that the registration process does not allow specially crafted usernames that could potentially overwrite or manipulate default web application pages. www.infosectrain.com Registration Feature Testing
Test Name Test Case Result Decode Cookies Using Standard Decoding Algorithms Verify that cookies can be successfully decoded using standard decoding algorithms. Modify Cookie:Session Token Value Verify if the application correctly handles slight modifications to session cookie token values. Test Self-Registration with Similar Usernames Check if the application handles self-registration with usernames containing small variations. Check Session Cookies and Cookie Expiration Date/Time Verify that session cookies have appropriate expiration settings. Identify Cookie Domain Scope Ensure that session cookies are scoped to the appropriate domain. Check for HttpOnly Flag in Cookie Confirm that session cookies are marked with the HttpOnly flag. Check for Secure Flag in Cookie Ensure that session cookies are marked with the Secure flag if the application is served over SSL. www.infosectrain.com Session Management Testing
Test Name Test Case Result Username Enumeration Verify that the system does not allow username enumeration. Bypass Authentication using SQL Injections Test for bypassing authentication using various SQL injections on the username and password fields. Lack of Password Confirmation Confirm that the system enforces password confirmation when changing email addresses and passwords and managing 2FA. Access Violation without Authentication Check if using resources without authentication is possible, leading to access violations. SSL Transmission of User Credentials Confirm that user credentials are transmitted over SSL. OAuth Login Functionality Check OAuth login functionality, including roles and potential security vulnerabilities. Two-Factor Authentication Misconfiguration Check the misconfiguration of two-factor authentication for response manipulation, status codes, code leakage, reusability, brute-force protection, integrity validation, and null values. www.infosectrain.com Authentication Testing
Test Name Test Case Result Active Account User ID and Tampering Attempt Identify a parameter in the application that uses the active account user ID and attempts tampering to change the details of other accounts Enumerate Features Specific to a User Account and Conduct CSRF Testing Create a list of features specific to a user account and test for Cross-Site Request Forgery (CSRF) vulnerabilities. Change Email and Confirm Server-Side Validation Ensure if changing the email address is validated on the server side and whether the application sends email confirmation links to new users. Verify Account Deletion Option with Forgot Password Feature Verify the account deletion option and confirm it via the forgot password feature. Change Email, Account ID, and User ID Parameters for Brute Force Change the email, account ID, and user ID parameters and attempt brute force attacks on other usersโ€™ passwords. www.infosectrain.com Post Login Testing
Test Name Test Case Result Failure to Expire Sessions Upon Logout and Password Reset Ensure the session is invalidated on logout and password reset. Check if Forgot Password Reset Link/Code Uniqueness Ensure the uniqueness of the password reset link/code. Check Expiry of Password Reset Link Verify if the reset link expires if not used within a specific time frame. Find User Account Identification Parameter and Attempt Tampering Identify the user account identification parameter and attempt to tamper with it to change another userโ€™s password. Check for Weak Password Policy Examine if password reset enforces a strong password policy. Check if Active Session Gets Destroyed upon Changing the Password Verify if the active session is destroyed when changing the password. www.infosectrain.com Forgot Password Testing
Test Name Test Case Result Test Common Injection Parameters Examine common injection parameters for potential vulnerabilities. Change URL Parameter Values Examine if changing the URL parameter value redirects to the specified URL. Test Single Slash and URL Encoding Ensure using a single slash and URL encoding in URL parameters. Use Whitelisted Domain or Keyword Check if using a whitelisted domain or keyword in parameters bypasses filters. Use โ€œ//โ€ to Bypass HTTP Blacklisted Keyword Check if using โ€œ//โ€ in parameters bypasses HTTP blacklisted keywords. Use Null Byte (%00) to Bypass Blacklist Filter Check if using a null byte (%00) in parameters bypasses blacklist filters. Use ยฐ Symbol to Bypass Check if the โ€œยฐโ€ symbol in parameters bypasses security filters. www.infosectrain.com Open Redirection Testing
Test Name Test Case Result Supply an Arbitrary Host Header Check the applicationโ€™s handling of arbitrary host headers. Check for Flawed Validation Verify if the application has flawed validation for Host headers. Check Ambiguous Requests Send ambiguous requests with various Host header manipulations to observe the applicationโ€™s behavior. Inject Host Override Headers Test the injection of host override headers to ensure that the application accepts and processes these headers. www.infosectrain.com Host Header Injection
Test Name Test Case Result Entry Point Detection Identify vulnerable entry points for SQL injection. Use SQLmap to Identify Vulnerable Parameters Ensure that SQLmap identifies parameters vulnerable to SQL injection. Run the SQL Injection Scanner on All Requests Check if the SQL injection scanner identifies and reports any SQL injection vulnerabilities. Bypassing Web Application Firewall (WAF) Ensure bypass techniques are effective against the WAF (Web Application Firewall). Time Delays Verify the effectiveness of time delays for each database system. Conditional Delays Evaluate the impact of conditional time delays for each database system. Use ยฐ Symbol to Bypass Check if the โ€œยฐโ€ symbol in parameters bypasses security filters. www.infosectrain.com SQL Injection Testing
Test Name Test Case Result Use HTML Tags if Script Tags Are Banned Check if the HTML tags are executed as XSS. Reflect Output Inside JavaScript Variable Check if the output is reflected inside a JavaScript variable and if an alert payload can be used. Upload JavaScript Using Image File Check if the JavaScript code is executed when the image is displayed. Change Method From POST to GET Check if the payload is executed using the modified method from POST to GET can bypass filters. Syntax Encoding Payload Check if the syntax-encoded payload is executed as XSS. XSS Firewall Bypass Verify whether the employed XSS firewall bypass techniques effectively circumvent the XSS firewall. www.infosectrain.com Cross-Site Scripting Testing
Test Name Test Case Result Validation of CSRF Token Confirm whether the CSRF token validation rejects a GET request when the validation process depends on the request method. CSRF Token Presence Validation Check if the application only accept requests with a valid CSRF token. The CSRF Token Is Independent of the User Session Check if the CSRF token is not associated with the userโ€™s session and ensure it validate the CSRF token even after the user session has ended. validate the CSRF token even after the user session has ended. Ensure that the application should validate the CSRF token when the non-session cookie is included. Verify Referer Header Presence Ensure that application should only accept requests with a valid Referer header. www.infosectrain.com CSRF Testing
Test Name Test Case Result FUZZ on the Internal System After SSO Redirect Conduct fuzzing on an internal system following redirection to the SSO system to identify vulnerabilities or misconfigurations within the internal system. Craft SAML Request and Server Interaction Craft a SAML request with a token and analyze how the server processes the crafted SAML request. Test for XML Signature Wrapping Vulnerabilities Check if the server is vulnerable to XML Signature Wrapping. Inject XXE Payloads in SAML Response Check if the server processes the XXE payloads. SSO for Takeover Assess the possibility of taking over the victimโ€™s account. SSRF Using Cookie Header URLs Check if SSRF can be achieved by modifying the IP in the Cookie header URLs. www.infosectrain.com SSO Vulnerabilities
Test Name Test Case Result Change Content Type for XML Injection Verify if the server is vulnerable to XML Injection. Blind XXE with Out-of-Band Interaction Identifies if the server is vulnerable to Blind XXE attacks. Errors Parsing Origin Headers Check if Cross-Origin Resource Sharing (CORS)-related errors can be triggered. Whitelisted Null Origin Value Check if the server whitelists null Origin values. Bypassing Filters Check if filters can be bypassed. Cloud Instances Check if SSRF vulnerabilities can access cloud instance data. www.infosectrain.com XML Injection Testing
Test Name Test Case Result Null Byte (%00) Bypass Check if null bytes can bypass upload restrictions. Content-Type Bypass Check if content type manipulation can bypass restrictions. Magic Byte Bypass Identify if magic byte manipulation can bypass upload checks. Client-Side Validation Bypass Check if client-side validation can circumvent upload restrictions. Blacklisted Extension Bypass Check if the application effectively enforces extension restrictions. Homographic Character Bypass Check if homographic characters can bypass filters. www.infosectrain.com File Upload Testing
Test Name Test Case Result Missing Captcha Field Integrity Checks Verify if the application performs integrity checks on the Captcha field and rejects incomplete submissions. HTTP Verb Manipulation Check if changing HTTP verbs impacts Captcha validation. Reusable Captcha Check if Captchas are single-use or can be reused. Server-Side Validation for CAPTCHA Check if the server performs proper Captcha validation independently. OCR Image Recognition Check if OCR tools can successfully recognize Captcha content. Absolute Path Retrieval Check if Captcha images are accessible via absolute paths. www.infosectrain.com CAPTCHA Testing
Test Name Test Case Result Brute-Forcing Secret Keys Check if the applicationโ€™s secret key is resistant to brute-force attacks. Creating a Fresh Token Using the โ€œnoneโ€ Algorithm Verify if the application accepts or rejects tokens signed with the โ€œnoneโ€ algorithm. Changing the Signing Algorithm of the Token Check how the application responds to changes in the signing algorithm. Signing the Asymmetrically-Signed Token to Symmetric Algorithm Match Check if the application allows signing transitions from asymmetric to symmetric algorithms. www.infosectrain.com JWT Token testing
Test Name Test Case Result Intercepting and Modifying WebSocket Messages Check intercept WebSocket messages and modify the content. WebSockets Man-in-the-Middle (MITM) Attempts Perform a Man-in-the-Middle attack on WebSocket communication. Test Secret Header WebSocket Check if the WebSocket implementation relies on secret headers for authentication. Content Stealing in Websockets Check if access to sensitive data is transmitted via WebSocket. Token Authentication Testing in Websockets Evaluate if the token-based authentication is secure. www.infosectrain.com Websockets Testing
Test Name Test Case Result Inconsistent Authorization Checks Identify instances where authorization checks are not consistently applied across different parts of the GraphQL schema. Missing Validation of Custom Scalars Identifies any custom scalar types that do not have adequate validation for input values. Failure to Appropriately Rate-Limit Evaluate whether rate-limiting is adequately enforced to prevent abuse or DoS attacks. Introspection Query Enabled/Disabled Determine if the server allows introspection queries that can reveal schema details. www.infosectrain.com GraphQL Vulnerabilities Testing
Test Name Test Case Result XSPA in WordPress Identify if there are any exposed services or ports that may be susceptible to XSPA. Bruteforce in wp-login.php Check if the application effectively prevents or mitigates brute-force login attempts. Information Disclosure WordPress Username Enumerate usernames and confirm if the application reveals valid usernames. Backup File wp-config Exposed Ensure that backup files or sensitive configuration files are not accessible. Log Files Exposed Confirm if log files containing sensitive data are improperly exposed to unauthorized users. Denial of Service via load-styles.php Assess if the file can be abused to launch DoS attacks. www.infosectrain.com WordPress Common Vulnerabilities
Test Name Test Case Result Cookie Bomb Check if the application can handle an excessive number of cookies effectively. Pixel Flood (Using Image with Huge Pixels) Assess the application for vulnerabilities related to โ€œPixel Floodโ€ attacks. Frame Flood (Using GIF with Huge Frame) Check for the application for potential โ€œFrame Floodโ€ vulnerabilities. ReDoS (Regex DoS) Assess if the application is susceptible to ReDoS attacks due to insecure regular expressions. CPDoS (Cache Poisoned Denial of Service) Check if attackers can poison the applicationโ€™s cache to cause a DoS condition. www.infosectrain.com Denial of Service
Test Name Test Case Result X Frame Options Header Testing Ensure the application has X-Frame-Options set to DENY or allow specific domains. X-XSS-Protection Header Testing Verify the existence and settings of the X-XSS-Protection header. HSTS Header Testing Evaluate the presence and configuration of the HTTP Strict Transport Security (HSTS) header. CSP Header Testing Check the presence and configuration of the Content Security Policy (CSP) header. Cache Control Header Testing Check for the presence and correct configuration of Cache Control headers. www.infosectrain.com Security Headers Testing
Test Name Test Case Result Access Control Testing Verify the applicationโ€™s access control by attempting to access high-privileged resources with normal user privileges. Forced Browsing Testing Verify forced browsing attempts to access restricted or unlinked resources. Insecure Direct Object Reference (IDOR) Testing Check for IDOR vulnerabilities by attempting to access objects and data outside of the authorized scope. Parameter Tampering Testing Assess the applicationโ€™s vulnerability to parameter tampering for privilege escalation. www.infosectrain.com Role Authorization Testing
Test Name Test Case Result Time Delays Check if the application prevents time-based command injection. Output Redirection Conduct blind OS command injection with out-of-band interactions. www.infosectrain.com Blind OS Command Injection Testing
Test Name Test Case Result Cryptography Implementation Flaw Check for implementation flaws, such as hard-coded encryption keys, weak algorithms, or improper initialization vectors. Encrypted Information Compromised Verify if sensitive information, even when encrypted, can be compromised due to data leaks, insecure key storage, or weak encryption. Weak Ciphers Used for Encryption Identify encryption mechanisms in use and check if weak ciphers are employed. www.infosectrain.com Broken Cryptography
Found this useful? To Get More Insights Through our FREE Course | Workshops | eBooks | White Paper Checklists | Mock Tests Press the Icon & www.infosectrain.com

Recommended

API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
ย 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelinesZakaria SMAHI
ย 
Security testing
Security testingSecurity testing
Security testingKhizra Sammad
ย 
Encoded Attacks And Countermeasures
Encoded Attacks And CountermeasuresEncoded Attacks And Countermeasures
Encoded Attacks And CountermeasuresMarco Morana
ย 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
ย 
02. input validation module v5
02. input validation module v502. input validation module v5
02. input validation module v5Eoin Keary
ย 
Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testingImaginea
ย 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Ajin Abraham
ย 

Recommended

API Security Best Practices & Guidelines
API Security Best Practices & GuidelinesAPI Security Best Practices & Guidelines
API Security Best Practices & GuidelinesPrabath Siriwardena
ย 
Secure coding guidelines
Secure coding guidelinesSecure coding guidelines
Secure coding guidelinesZakaria SMAHI
ย 
Security testing
Security testingSecurity testing
Security testingKhizra Sammad
ย 
Encoded Attacks And Countermeasures
Encoded Attacks And CountermeasuresEncoded Attacks And Countermeasures
Encoded Attacks And CountermeasuresMarco Morana
ย 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingAnurag Srivastava
ย 
02. input validation module v5
02. input validation module v502. input validation module v5
02. input validation module v5Eoin Keary
ย 
Web application penetration testing
Web application penetration testingWeb application penetration testing
Web application penetration testingImaginea
ย 
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...
Nullcon Goa 2016 - Automated Mobile Application Security Testing with Mobile ...Ajin Abraham
ย 
Polyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraPolyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraMathias Karlsson
ย 
Csslp
CsslpCsslp
CsslpSushil Shakya
ย 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
ย 
Google Dorks
Google DorksGoogle Dorks
Google DorksAndrea D'Ubaldo
ย 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top TenSecurity Innovation
ย 
Architecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationArchitecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationChadni Islam
ย 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
ย 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practicesMohammed Danish Amber
ย 
Palestra: Fundamentos do Desenvolvimento Seguro de Softwares
Palestra: Fundamentos do Desenvolvimento Seguro de SoftwaresPalestra: Fundamentos do Desenvolvimento Seguro de Softwares
Palestra: Fundamentos do Desenvolvimento Seguro de SoftwaresAndre Henrique
ย 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample ReportOctogence
ย 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTerrance Medina
ย 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
ย 
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptxChi En (Ashley) Shen
ย 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
ย 
Api security-testing
Api security-testingApi security-testing
Api security-testingn|u - The Open Security Community
ย 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingNetsparker
ย 
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)Michael Furman
ย 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework๐Ÿ‘€ Joe Gray
ย 
Attack and Mitigation for Insecure Deserialization
Attack and Mitigation for Insecure DeserializationAttack and Mitigation for Insecure Deserialization
Attack and Mitigation for Insecure DeserializationSukhpreet Singh
ย 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityMohammed Fazuluddin
ย 
Lecture32-Web-based-testing-II.pptx
Lecture32-Web-based-testing-II.pptxLecture32-Web-based-testing-II.pptx
Lecture32-Web-based-testing-II.pptxBalkrishanpatidar
ย 
Just Enough (Automated) Testing
Just Enough (Automated) TestingJust Enough (Automated) Testing
Just Enough (Automated) TestingSauce Labs
ย 

More Related Content

What's hot

Polyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraPolyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraMathias Karlsson
ย 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSSMike Crabb
ย 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top TenSecurity Innovation
ย 
Architecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationArchitecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationChadni Islam
ย 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)TzahiArabov
ย 
Palestra: Fundamentos do Desenvolvimento Seguro de Softwares
Palestra: Fundamentos do Desenvolvimento Seguro de SoftwaresPalestra: Fundamentos do Desenvolvimento Seguro de Softwares
Palestra: Fundamentos do Desenvolvimento Seguro de SoftwaresAndre Henrique
ย 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample ReportOctogence
ย 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTerrance Medina
ย 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and PracticesPrabath Siriwardena
ย 
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptxChi En (Ashley) Shen
ย 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewMichael Furman
ย 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingNetsparker
ย 
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)Michael Furman
ย 
Attack and Mitigation for Insecure Deserialization
Attack and Mitigation for Insecure DeserializationAttack and Mitigation for Insecure Deserialization
Attack and Mitigation for Insecure DeserializationSukhpreet Singh
ย 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityMohammed Fazuluddin
ย 

What's hot (20)

Polyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPraPolyglot payloads in practice by avlidienbrunn at HackPra
Polyglot payloads in practice by avlidienbrunn at HackPra
ย 
Csslp
CsslpCsslp
Csslp
ย 
Sql Injection and XSS
Sql Injection and XSSSql Injection and XSS
Sql Injection and XSS
ย 
Google Dorks
Google DorksGoogle Dorks
Google Dorks
ย 
How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten How to Test for The OWASP Top Ten
How to Test for The OWASP Top Ten
ย 
Architecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automationArchitecture centric support for security orchestration and automation
Architecture centric support for security orchestration and automation
ย 
OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)OWASP Top 10 2021 Presentation (Jul 2022)
OWASP Top 10 2021 Presentation (Jul 2022)
ย 
Secure coding practices
Secure coding practicesSecure coding practices
Secure coding practices
ย 
Palestra: Fundamentos do Desenvolvimento Seguro de Softwares
Palestra: Fundamentos do Desenvolvimento Seguro de SoftwaresPalestra: Fundamentos do Desenvolvimento Seguro de Softwares
Palestra: Fundamentos do Desenvolvimento Seguro de Softwares
ย 
Web PenTest Sample Report
Web PenTest Sample ReportWeb PenTest Sample Report
Web PenTest Sample Report
ย 
Top 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilitiesTop 10 Web Application vulnerabilities
Top 10 Web Application vulnerabilities
ย 
API Security : Patterns and Practices
API Security : Patterns and PracticesAPI Security : Patterns and Practices
API Security : Patterns and Practices
ย 
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
[HITCON 2020 CTI Village] Threat Hunting and Campaign Tracking Workshop.pptx
ย 
OWASP Top 10 2021 What's New
OWASP Top 10 2021 What's NewOWASP Top 10 2021 What's New
OWASP Top 10 2021 What's New
ย 
Api security-testing
Api security-testingApi security-testing
Api security-testing
ย 
Introduction to Web Application Penetration Testing
Introduction to Web Application Penetration TestingIntroduction to Web Application Penetration Testing
Introduction to Web Application Penetration Testing
ย 
OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)OWASP A4 XML External Entities (XXE)
OWASP A4 XML External Entities (XXE)
ย 
Red Team Framework
Red Team FrameworkRed Team Framework
Red Team Framework
ย 
Attack and Mitigation for Insecure Deserialization
Attack and Mitigation for Insecure DeserializationAttack and Mitigation for Insecure Deserialization
Attack and Mitigation for Insecure Deserialization
ย 
Rest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API SecurityRest API Security - A quick understanding of Rest API Security
Rest API Security - A quick understanding of Rest API Security
ย 

Similar to Web Application Penetration Testing Checklist

Lecture32-Web-based-testing-II.pptx
Lecture32-Web-based-testing-II.pptxLecture32-Web-based-testing-II.pptx
Lecture32-Web-based-testing-II.pptxBalkrishanpatidar
ย 
Just Enough (Automated) Testing
Just Enough (Automated) TestingJust Enough (Automated) Testing
Just Enough (Automated) TestingSauce Labs
ย 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkShailesh Dwivedi
ย 
Input validation errors
Input validation errorsInput validation errors
Input validation errorsmanoharparakh
ย 
API testing - Japura.pptx
API testing - Japura.pptxAPI testing - Japura.pptx
API testing - Japura.pptxTharindaLiyanage1
ย 
Web Services Security
Web Services SecurityWeb Services Security
Web Services Securityamiable_indian
ย 
Grand tour of Azure API Management.pdf
Grand tour of Azure API Management.pdfGrand tour of Azure API Management.pdf
Grand tour of Azure API Management.pdfSherman37
ย 
Summer '16 Realease notes
Summer '16 Realease notesSummer '16 Realease notes
Summer '16 Realease notesaggopal1011
ย 
Common Web Application Attacks
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks Ahmed Sherif
ย 
Secure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSecure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSalesforce Developers
ย 
OAuth Authorization flows in salesforce
OAuth Authorization flows in salesforceOAuth Authorization flows in salesforce
OAuth Authorization flows in salesforceKishore B T
ย 
apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...
apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...
apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...apidays
ย 
wp-25tips-oltscripts-2287467
wp-25tips-oltscripts-2287467wp-25tips-oltscripts-2287467
wp-25tips-oltscripts-2287467Yutaka Takatsu
ย 
SFDC Inbound Integrations
SFDC Inbound IntegrationsSFDC Inbound Integrations
SFDC Inbound IntegrationsSujit Kumar
ย 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Codingbilcorry
ย 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Testmartinvoelk
ย 

Similar to Web Application Penetration Testing Checklist (20)

Lecture32-Web-based-testing-II.pptx
Lecture32-Web-based-testing-II.pptxLecture32-Web-based-testing-II.pptx
Lecture32-Web-based-testing-II.pptx
ย 
Just Enough (Automated) Testing
Just Enough (Automated) TestingJust Enough (Automated) Testing
Just Enough (Automated) Testing
ย 
Azure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalkAzure API Manegement Introduction and Integeration with BizTalk
Azure API Manegement Introduction and Integeration with BizTalk
ย 
Input validation errors
Input validation errorsInput validation errors
Input validation errors
ย 
API testing - Japura.pptx
API testing - Japura.pptxAPI testing - Japura.pptx
API testing - Japura.pptx
ย 
Web Services Security
Web Services SecurityWeb Services Security
Web Services Security
ย 
Grand tour of Azure API Management.pdf
Grand tour of Azure API Management.pdfGrand tour of Azure API Management.pdf
Grand tour of Azure API Management.pdf
ย 
Step by step guide for web application security testing
Step by step guide for web application security testingStep by step guide for web application security testing
Step by step guide for web application security testing
ย 
Summer '16 Realease notes
Summer '16 Realease notesSummer '16 Realease notes
Summer '16 Realease notes
ย 
Common Web Application Attacks
Common Web Application Attacks Common Web Application Attacks
Common Web Application Attacks
ย 
Secure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and RESTSecure Coding: SSL, SOAP, and REST
Secure Coding: SSL, SOAP, and REST
ย 
OAuth Authorization flows in salesforce
OAuth Authorization flows in salesforceOAuth Authorization flows in salesforce
OAuth Authorization flows in salesforce
ย 
apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...
apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...
apidays LIVE Paris 2021 - Inside API delivery Pipeline, the checklist! - Fran...
ย 
wp-25tips-oltscripts-2287467
wp-25tips-oltscripts-2287467wp-25tips-oltscripts-2287467
wp-25tips-oltscripts-2287467
ย 
SFDC Inbound Integrations
SFDC Inbound IntegrationsSFDC Inbound Integrations
SFDC Inbound Integrations
ย 
28791456 web-testing
28791456 web-testing28791456 web-testing
28791456 web-testing
ย 
OWASP Secure Coding
OWASP Secure CodingOWASP Secure Coding
OWASP Secure Coding
ย 
Web Application Penetration Test
Web Application Penetration TestWeb Application Penetration Test
Web Application Penetration Test
ย 
How To Fix The Most Critical API Security Risks.pdf
How To Fix The Most Critical API Security Risks.pdfHow To Fix The Most Critical API Security Risks.pdf
How To Fix The Most Critical API Security Risks.pdf
ย 
Owasp web security
Owasp web securityOwasp web security
Owasp web security
ย 

More from priyanshamadhwal2

๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ
๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ
๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญpriyanshamadhwal2
ย 
๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž
๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž
๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐žpriyanshamadhwal2
ย 
Comptia security plus domain SYO 701.pdf
Comptia security plus domain SYO 701.pdfComptia security plus domain SYO 701.pdf
Comptia security plus domain SYO 701.pdfpriyanshamadhwal2
ย 
Presenting Top 10 Cyber Attacks of 2024 stay informed
Presenting Top 10 Cyber Attacks of 2024 stay informedPresenting Top 10 Cyber Attacks of 2024 stay informed
Presenting Top 10 Cyber Attacks of 2024 stay informedpriyanshamadhwal2
ย 
Most Important security technologies 2024
Most Important security technologies 2024Most Important security technologies 2024
Most Important security technologies 2024priyanshamadhwal2
ย 
๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ
๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ
๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌpriyanshamadhwal2
ย 
Threat_Hunting_professional_Training_Tips
Threat_Hunting_professional_Training_TipsThreat_Hunting_professional_Training_Tips
Threat_Hunting_professional_Training_Tipspriyanshamadhwal2
ย 
Difference between cloud storage and local storage
Difference between cloud storage and local storageDifference between cloud storage and local storage
Difference between cloud storage and local storagepriyanshamadhwal2
ย 
Axis Bank Customers Face credit card frauds
Axis Bank Customers Face credit card fraudsAxis Bank Customers Face credit card frauds
Axis Bank Customers Face credit card fraudspriyanshamadhwal2
ย 
๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ
๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ
๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌpriyanshamadhwal2
ย 
Data_ Privacy_ Challenges _and_ solutions
Data_ Privacy_ Challenges _and_ solutionsData_ Privacy_ Challenges _and_ solutions
Data_ Privacy_ Challenges _and_ solutionspriyanshamadhwal2
ย 
๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ 
๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ ๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ 
๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ priyanshamadhwal2
ย 
PMP _Certification_ preparation_ training
PMP _Certification_ preparation_ trainingPMP _Certification_ preparation_ training
PMP _Certification_ preparation_ trainingpriyanshamadhwal2
ย 
Microsoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdf
Microsoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdfMicrosoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdf
Microsoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdfpriyanshamadhwal2
ย 
Penetration Testing vs Vulnerability Assessment
Penetration Testing vs Vulnerability AssessmentPenetration Testing vs Vulnerability Assessment
Penetration Testing vs Vulnerability Assessmentpriyanshamadhwal2
ย 
Types _of_ Penetration_ Testing_ Training
Types _of_ Penetration_ Testing_ TrainingTypes _of_ Penetration_ Testing_ Training
Types _of_ Penetration_ Testing_ Trainingpriyanshamadhwal2
ย 
CCISO_Certification_Training_Course-Outline.pdf
CCISO_Certification_Training_Course-Outline.pdfCCISO_Certification_Training_Course-Outline.pdf
CCISO_Certification_Training_Course-Outline.pdfpriyanshamadhwal2
ย 
Sailpoint_IdentityIQ_Implementation__Developer_Training_Program
Sailpoint_IdentityIQ_Implementation__Developer_Training_ProgramSailpoint_IdentityIQ_Implementation__Developer_Training_Program
Sailpoint_IdentityIQ_Implementation__Developer_Training_Programpriyanshamadhwal2
ย 
CyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_ContentCyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_Contentpriyanshamadhwal2
ย 
IAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_ContentIAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_Contentpriyanshamadhwal2
ย 

More from priyanshamadhwal2 (20)

๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ
๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ
๐‚๐ˆ๐’๐’๐ ๐ƒ๐จ๐ฆ๐š๐ข๐ง ๐Ÿ: ๐’๐ž๐œ๐ฎ๐ซ๐ข๐ญ๐ฒ ๐š๐ง๐ ๐‘๐ข๐ฌ๐ค ๐Œ๐š๐ง๐š๐ ๐ž๐ฆ๐ž๐ง๐ญ
ย 
๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž
๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž
๐‚๐‘๐ˆ๐’๐‚ ๐Œ๐ข๐ง๐ ๐Œ๐š๐ฉ ๐Ÿ๐จ๐ซ ๐„๐Ÿ๐Ÿ๐ž๐œ๐ญ๐ข๐ฏ๐ž ๐‘๐ข๐ฌ๐ค ๐†๐จ๐ฏ๐ž๐ซ๐ง๐š๐ง๐œ๐ž
ย 
Comptia security plus domain SYO 701.pdf
Comptia security plus domain SYO 701.pdfComptia security plus domain SYO 701.pdf
Comptia security plus domain SYO 701.pdf
ย 
Presenting Top 10 Cyber Attacks of 2024 stay informed
Presenting Top 10 Cyber Attacks of 2024 stay informedPresenting Top 10 Cyber Attacks of 2024 stay informed
Presenting Top 10 Cyber Attacks of 2024 stay informed
ย 
Most Important security technologies 2024
Most Important security technologies 2024Most Important security technologies 2024
Most Important security technologies 2024
ย 
๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ
๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ
๐‘๐ข๐ฌ๐ค ๐€๐ง๐š๐ฅ๐ฒ๐ฌ๐ญ ๐ˆ๐ง๐ญ๐ž๐ซ๐ฏ๐ข๐ž๐ฐ ๐๐ฎ๐ž๐ฌ๐ญ๐ข๐จ๐ง๐ฌ
ย 
Threat_Hunting_professional_Training_Tips
Threat_Hunting_professional_Training_TipsThreat_Hunting_professional_Training_Tips
Threat_Hunting_professional_Training_Tips
ย 
Difference between cloud storage and local storage
Difference between cloud storage and local storageDifference between cloud storage and local storage
Difference between cloud storage and local storage
ย 
Axis Bank Customers Face credit card frauds
Axis Bank Customers Face credit card fraudsAxis Bank Customers Face credit card frauds
Axis Bank Customers Face credit card frauds
ย 
๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ
๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ
๐”๐ง๐๐ž๐ซ๐ฌ๐ญ๐š๐ง๐๐ข๐ง๐  ๐ญ๐ก๐ž ๐Œ๐š๐ฅ๐ข๐œ๐ข๐จ๐ฎ๐ฌ ๐Œ๐ข๐ง๐ ๐‘๐ž๐š๐ฌ๐จ๐ง๐ฌ ๐Ÿ๐จ๐ซ ๐‚๐ฒ๐›๐ž๐ซ๐š๐ญ๐ญ๐š๐œ๐ค๐ฌ
ย 
Data_ Privacy_ Challenges _and_ solutions
Data_ Privacy_ Challenges _and_ solutionsData_ Privacy_ Challenges _and_ solutions
Data_ Privacy_ Challenges _and_ solutions
ย 
๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ 
๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ ๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ 
๐…๐‘๐„๐„ ๐†๐ฎ๐ข๐๐ž ๐“๐จ ๐Œ๐š๐ฌ๐ญ๐ž๐ซ ๐„๐ญ๐ก๐ข๐œ๐š๐ฅ ๐‡๐š๐œ๐ค๐ข๐ง๐ 
ย 
PMP _Certification_ preparation_ training
PMP _Certification_ preparation_ trainingPMP _Certification_ preparation_ training
PMP _Certification_ preparation_ training
ย 
Microsoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdf
Microsoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdfMicrosoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdf
Microsoft_Azure_Security_Technologies_Exam_AZ-500_Course_Content.pdf
ย 
Penetration Testing vs Vulnerability Assessment
Penetration Testing vs Vulnerability AssessmentPenetration Testing vs Vulnerability Assessment
Penetration Testing vs Vulnerability Assessment
ย 
Types _of_ Penetration_ Testing_ Training
Types _of_ Penetration_ Testing_ TrainingTypes _of_ Penetration_ Testing_ Training
Types _of_ Penetration_ Testing_ Training
ย 
CCISO_Certification_Training_Course-Outline.pdf
CCISO_Certification_Training_Course-Outline.pdfCCISO_Certification_Training_Course-Outline.pdf
CCISO_Certification_Training_Course-Outline.pdf
ย 
Sailpoint_IdentityIQ_Implementation__Developer_Training_Program
Sailpoint_IdentityIQ_Implementation__Developer_Training_ProgramSailpoint_IdentityIQ_Implementation__Developer_Training_Program
Sailpoint_IdentityIQ_Implementation__Developer_Training_Program
ย 
CyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_ContentCyberArk_Certification_Training_Course_Content
CyberArk_Certification_Training_Course_Content
ย 
IAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_ContentIAPP_CIPM_certification_training_Course_Content
IAPP_CIPM_certification_training_Course_Content
ย 

Recently uploaded

Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxpboyjonauth
ย 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingTechSoup
ย 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesFatimaKhan178732
ย 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentInMediaRes1
ย 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxNirmalaLoungPoorunde1
ย 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introductionMaksud Ahmed
ย 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxPoojaSen20
ย 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppCeline George
ย 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAssociation for Project Management
ย 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxmanuelaromero2013
ย 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfchloefrazer622
ย 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfSoniaTolstoy
ย 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxiammrhaywood
ย 
โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...Marc Dusseiller Dusjagr
ย 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxOH TEIK BIN
ย 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPoojaSen20
ย 

Recently uploaded (20)

Introduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptxIntroduction to AI in Higher Education_draft.pptx
Introduction to AI in Higher Education_draft.pptx
ย 
Grant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy ConsultingGrant Readiness 101 TechSoup and Remy Consulting
Grant Readiness 101 TechSoup and Remy Consulting
ย 
Separation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and ActinidesSeparation of Lanthanides/ Lanthanides and Actinides
Separation of Lanthanides/ Lanthanides and Actinides
ย 
Alper Gobel In Media Res Media Component
Alper Gobel In Media Res Media ComponentAlper Gobel In Media Res Media Component
Alper Gobel In Media Res Media Component
ย 
Employee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptxEmployee wellbeing at the workplace.pptx
Employee wellbeing at the workplace.pptx
ย 
Model Call Girl in Tilak Nagar Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”
Model Call Girl in Tilak Nagar Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”Model Call Girl in Tilak Nagar Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”
Model Call Girl in Tilak Nagar Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”
ย 
microwave assisted reaction. General introduction
microwave assisted reaction. General introductionmicrowave assisted reaction. General introduction
microwave assisted reaction. General introduction
ย 
MENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docxMENTAL STATUS EXAMINATION format.docx
MENTAL STATUS EXAMINATION format.docx
ย 
URLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website AppURLs and Routing in the Odoo 17 Website App
URLs and Routing in the Odoo 17 Website App
ย 
APM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across SectorsAPM Welcome, APM North West Network Conference, Synergies Across Sectors
APM Welcome, APM North West Network Conference, Synergies Across Sectors
ย 
How to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptxHow to Make a Pirate ship Primary Education.pptx
How to Make a Pirate ship Primary Education.pptx
ย 
Cรณdigo Creativo y Arte de Software | Unidad 1
Cรณdigo Creativo y Arte de Software | Unidad 1Cรณdigo Creativo y Arte de Software | Unidad 1
Cรณdigo Creativo y Arte de Software | Unidad 1
ย 
Arihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdfArihant handbook biology for class 11 .pdf
Arihant handbook biology for class 11 .pdf
ย 
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdfBASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
BASLIQ CURRENT LOOKBOOK LOOKBOOK(1) (1).pdf
ย 
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptxSOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
SOCIAL AND HISTORICAL CONTEXT - LFTVD.pptx
ย 
โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
โ€œOh GOSH! Reflecting on Hackteria's Collaborative Practices in a Global Do-It...
ย 
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdfTataKelola dan KamSiber Kecerdasan Buatan v022.pdf
TataKelola dan KamSiber Kecerdasan Buatan v022.pdf
ย 
Model Call Girl in Bikash Puri Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”
Model Call Girl in Bikash Puri Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”Model Call Girl in Bikash Puri Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”
Model Call Girl in Bikash Puri Delhi reach out to us at ๐Ÿ”9953056974๐Ÿ”
ย 
Solving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptxSolving Puzzles Benefits Everyone (English).pptx
Solving Puzzles Benefits Everyone (English).pptx
ย 
PSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptxPSYCHIATRIC History collection FORMAT.pptx
PSYCHIATRIC History collection FORMAT.pptx
ย 

Web Application Penetration Testing Checklist

  • 2. www.infosectrain.com Test Name Test Case Result Identify Web Server, Technologies, and Database Verify that the website is hosted on an HTTP server, front-end technologies, and back-end with PostgreSQL database. ASN (Autonomous System Number) & IP Space Enumeration and Service Enumeration Ensure the enumeration toolโ€™s accuracy in obtaining ASNs, identifying IP addresses within a specified range, and detecting open ports and services on a target IP address. Google Dorking Ensure that the Google Dorking technique effectively retrieves sensitive information from public internet search engine results. Directory Enumeration Ensure that the directory enumeration process accurately identifies and lists directories and files within a specified web server directory. Reverse Lookup Ensure that the reverse lookup functionality accurately maps IP addresses to domain names. JS Files Analysis Confirm that the JS files analysis function accurately identifies vulnerabilities and security issues in JavaScript files. Subdomain Enumeration and Bruteforcing Confirm that the subdomain enumeration and brute-forcing functionality accurately discover subdomains associated with the target domain Port Scanning Verify that the port scanning tool correctly identifies open ports on a target IP address or network. Reconnaissance Phase
  • 3. Test Name Test Case Result Duplicate Registration/Overwrite Existing User Verify that the registration process prevents duplicate registration and overwriting of existing user accounts. Weak Password Policy Confirm that the registration process enforces a strong password policy. Reuse of Existing Usernames Ensure that the registration process prevents the reuse of the existing usernames. Insufficient Email Verification Process Verify that the email verification process adequately verifies user email addresses. Weak Registration Implementation - Allows Disposable Email Addresses Confirm that the registration process does not allow registration with disposable email addresses. Weak Registration Implementation- Over HTTP Verify that the registration process is securely implemented and does not allow registration over an unencrypted HTTP connection. Overwrite Default Web Application Pages Confirm that the registration process does not allow specially crafted usernames that could potentially overwrite or manipulate default web application pages. www.infosectrain.com Registration Feature Testing
  • 4. Test Name Test Case Result Decode Cookies Using Standard Decoding Algorithms Verify that cookies can be successfully decoded using standard decoding algorithms. Modify Cookie:Session Token Value Verify if the application correctly handles slight modifications to session cookie token values. Test Self-Registration with Similar Usernames Check if the application handles self-registration with usernames containing small variations. Check Session Cookies and Cookie Expiration Date/Time Verify that session cookies have appropriate expiration settings. Identify Cookie Domain Scope Ensure that session cookies are scoped to the appropriate domain. Check for HttpOnly Flag in Cookie Confirm that session cookies are marked with the HttpOnly flag. Check for Secure Flag in Cookie Ensure that session cookies are marked with the Secure flag if the application is served over SSL. www.infosectrain.com Session Management Testing
  • 5. Test Name Test Case Result Username Enumeration Verify that the system does not allow username enumeration. Bypass Authentication using SQL Injections Test for bypassing authentication using various SQL injections on the username and password fields. Lack of Password Confirmation Confirm that the system enforces password confirmation when changing email addresses and passwords and managing 2FA. Access Violation without Authentication Check if using resources without authentication is possible, leading to access violations. SSL Transmission of User Credentials Confirm that user credentials are transmitted over SSL. OAuth Login Functionality Check OAuth login functionality, including roles and potential security vulnerabilities. Two-Factor Authentication Misconfiguration Check the misconfiguration of two-factor authentication for response manipulation, status codes, code leakage, reusability, brute-force protection, integrity validation, and null values. www.infosectrain.com Authentication Testing
  • 6. Test Name Test Case Result Active Account User ID and Tampering Attempt Identify a parameter in the application that uses the active account user ID and attempts tampering to change the details of other accounts Enumerate Features Specific to a User Account and Conduct CSRF Testing Create a list of features specific to a user account and test for Cross-Site Request Forgery (CSRF) vulnerabilities. Change Email and Confirm Server-Side Validation Ensure if changing the email address is validated on the server side and whether the application sends email confirmation links to new users. Verify Account Deletion Option with Forgot Password Feature Verify the account deletion option and confirm it via the forgot password feature. Change Email, Account ID, and User ID Parameters for Brute Force Change the email, account ID, and user ID parameters and attempt brute force attacks on other usersโ€™ passwords. www.infosectrain.com Post Login Testing
  • 7. Test Name Test Case Result Failure to Expire Sessions Upon Logout and Password Reset Ensure the session is invalidated on logout and password reset. Check if Forgot Password Reset Link/Code Uniqueness Ensure the uniqueness of the password reset link/code. Check Expiry of Password Reset Link Verify if the reset link expires if not used within a specific time frame. Find User Account Identification Parameter and Attempt Tampering Identify the user account identification parameter and attempt to tamper with it to change another userโ€™s password. Check for Weak Password Policy Examine if password reset enforces a strong password policy. Check if Active Session Gets Destroyed upon Changing the Password Verify if the active session is destroyed when changing the password. www.infosectrain.com Forgot Password Testing
  • 8. Test Name Test Case Result Test Common Injection Parameters Examine common injection parameters for potential vulnerabilities. Change URL Parameter Values Examine if changing the URL parameter value redirects to the specified URL. Test Single Slash and URL Encoding Ensure using a single slash and URL encoding in URL parameters. Use Whitelisted Domain or Keyword Check if using a whitelisted domain or keyword in parameters bypasses filters. Use โ€œ//โ€ to Bypass HTTP Blacklisted Keyword Check if using โ€œ//โ€ in parameters bypasses HTTP blacklisted keywords. Use Null Byte (%00) to Bypass Blacklist Filter Check if using a null byte (%00) in parameters bypasses blacklist filters. Use ยฐ Symbol to Bypass Check if the โ€œยฐโ€ symbol in parameters bypasses security filters. www.infosectrain.com Open Redirection Testing
  • 9. Test Name Test Case Result Supply an Arbitrary Host Header Check the applicationโ€™s handling of arbitrary host headers. Check for Flawed Validation Verify if the application has flawed validation for Host headers. Check Ambiguous Requests Send ambiguous requests with various Host header manipulations to observe the applicationโ€™s behavior. Inject Host Override Headers Test the injection of host override headers to ensure that the application accepts and processes these headers. www.infosectrain.com Host Header Injection
  • 10. Test Name Test Case Result Entry Point Detection Identify vulnerable entry points for SQL injection. Use SQLmap to Identify Vulnerable Parameters Ensure that SQLmap identifies parameters vulnerable to SQL injection. Run the SQL Injection Scanner on All Requests Check if the SQL injection scanner identifies and reports any SQL injection vulnerabilities. Bypassing Web Application Firewall (WAF) Ensure bypass techniques are effective against the WAF (Web Application Firewall). Time Delays Verify the effectiveness of time delays for each database system. Conditional Delays Evaluate the impact of conditional time delays for each database system. Use ยฐ Symbol to Bypass Check if the โ€œยฐโ€ symbol in parameters bypasses security filters. www.infosectrain.com SQL Injection Testing
  • 11. Test Name Test Case Result Use HTML Tags if Script Tags Are Banned Check if the HTML tags are executed as XSS. Reflect Output Inside JavaScript Variable Check if the output is reflected inside a JavaScript variable and if an alert payload can be used. Upload JavaScript Using Image File Check if the JavaScript code is executed when the image is displayed. Change Method From POST to GET Check if the payload is executed using the modified method from POST to GET can bypass filters. Syntax Encoding Payload Check if the syntax-encoded payload is executed as XSS. XSS Firewall Bypass Verify whether the employed XSS firewall bypass techniques effectively circumvent the XSS firewall. www.infosectrain.com Cross-Site Scripting Testing
  • 12. Test Name Test Case Result Validation of CSRF Token Confirm whether the CSRF token validation rejects a GET request when the validation process depends on the request method. CSRF Token Presence Validation Check if the application only accept requests with a valid CSRF token. The CSRF Token Is Independent of the User Session Check if the CSRF token is not associated with the userโ€™s session and ensure it validate the CSRF token even after the user session has ended. validate the CSRF token even after the user session has ended. Ensure that the application should validate the CSRF token when the non-session cookie is included. Verify Referer Header Presence Ensure that application should only accept requests with a valid Referer header. www.infosectrain.com CSRF Testing
  • 13. Test Name Test Case Result FUZZ on the Internal System After SSO Redirect Conduct fuzzing on an internal system following redirection to the SSO system to identify vulnerabilities or misconfigurations within the internal system. Craft SAML Request and Server Interaction Craft a SAML request with a token and analyze how the server processes the crafted SAML request. Test for XML Signature Wrapping Vulnerabilities Check if the server is vulnerable to XML Signature Wrapping. Inject XXE Payloads in SAML Response Check if the server processes the XXE payloads. SSO for Takeover Assess the possibility of taking over the victimโ€™s account. SSRF Using Cookie Header URLs Check if SSRF can be achieved by modifying the IP in the Cookie header URLs. www.infosectrain.com SSO Vulnerabilities
  • 14. Test Name Test Case Result Change Content Type for XML Injection Verify if the server is vulnerable to XML Injection. Blind XXE with Out-of-Band Interaction Identifies if the server is vulnerable to Blind XXE attacks. Errors Parsing Origin Headers Check if Cross-Origin Resource Sharing (CORS)-related errors can be triggered. Whitelisted Null Origin Value Check if the server whitelists null Origin values. Bypassing Filters Check if filters can be bypassed. Cloud Instances Check if SSRF vulnerabilities can access cloud instance data. www.infosectrain.com XML Injection Testing
  • 15. Test Name Test Case Result Null Byte (%00) Bypass Check if null bytes can bypass upload restrictions. Content-Type Bypass Check if content type manipulation can bypass restrictions. Magic Byte Bypass Identify if magic byte manipulation can bypass upload checks. Client-Side Validation Bypass Check if client-side validation can circumvent upload restrictions. Blacklisted Extension Bypass Check if the application effectively enforces extension restrictions. Homographic Character Bypass Check if homographic characters can bypass filters. www.infosectrain.com File Upload Testing
  • 16. Test Name Test Case Result Missing Captcha Field Integrity Checks Verify if the application performs integrity checks on the Captcha field and rejects incomplete submissions. HTTP Verb Manipulation Check if changing HTTP verbs impacts Captcha validation. Reusable Captcha Check if Captchas are single-use or can be reused. Server-Side Validation for CAPTCHA Check if the server performs proper Captcha validation independently. OCR Image Recognition Check if OCR tools can successfully recognize Captcha content. Absolute Path Retrieval Check if Captcha images are accessible via absolute paths. www.infosectrain.com CAPTCHA Testing
  • 17. Test Name Test Case Result Brute-Forcing Secret Keys Check if the applicationโ€™s secret key is resistant to brute-force attacks. Creating a Fresh Token Using the โ€œnoneโ€ Algorithm Verify if the application accepts or rejects tokens signed with the โ€œnoneโ€ algorithm. Changing the Signing Algorithm of the Token Check how the application responds to changes in the signing algorithm. Signing the Asymmetrically-Signed Token to Symmetric Algorithm Match Check if the application allows signing transitions from asymmetric to symmetric algorithms. www.infosectrain.com JWT Token testing
  • 18. Test Name Test Case Result Intercepting and Modifying WebSocket Messages Check intercept WebSocket messages and modify the content. WebSockets Man-in-the-Middle (MITM) Attempts Perform a Man-in-the-Middle attack on WebSocket communication. Test Secret Header WebSocket Check if the WebSocket implementation relies on secret headers for authentication. Content Stealing in Websockets Check if access to sensitive data is transmitted via WebSocket. Token Authentication Testing in Websockets Evaluate if the token-based authentication is secure. www.infosectrain.com Websockets Testing
  • 19. Test Name Test Case Result Inconsistent Authorization Checks Identify instances where authorization checks are not consistently applied across different parts of the GraphQL schema. Missing Validation of Custom Scalars Identifies any custom scalar types that do not have adequate validation for input values. Failure to Appropriately Rate-Limit Evaluate whether rate-limiting is adequately enforced to prevent abuse or DoS attacks. Introspection Query Enabled/Disabled Determine if the server allows introspection queries that can reveal schema details. www.infosectrain.com GraphQL Vulnerabilities Testing
  • 20. Test Name Test Case Result XSPA in WordPress Identify if there are any exposed services or ports that may be susceptible to XSPA. Bruteforce in wp-login.php Check if the application effectively prevents or mitigates brute-force login attempts. Information Disclosure WordPress Username Enumerate usernames and confirm if the application reveals valid usernames. Backup File wp-config Exposed Ensure that backup files or sensitive configuration files are not accessible. Log Files Exposed Confirm if log files containing sensitive data are improperly exposed to unauthorized users. Denial of Service via load-styles.php Assess if the file can be abused to launch DoS attacks. www.infosectrain.com WordPress Common Vulnerabilities
  • 21. Test Name Test Case Result Cookie Bomb Check if the application can handle an excessive number of cookies effectively. Pixel Flood (Using Image with Huge Pixels) Assess the application for vulnerabilities related to โ€œPixel Floodโ€ attacks. Frame Flood (Using GIF with Huge Frame) Check for the application for potential โ€œFrame Floodโ€ vulnerabilities. ReDoS (Regex DoS) Assess if the application is susceptible to ReDoS attacks due to insecure regular expressions. CPDoS (Cache Poisoned Denial of Service) Check if attackers can poison the applicationโ€™s cache to cause a DoS condition. www.infosectrain.com Denial of Service
  • 22. Test Name Test Case Result X Frame Options Header Testing Ensure the application has X-Frame-Options set to DENY or allow specific domains. X-XSS-Protection Header Testing Verify the existence and settings of the X-XSS-Protection header. HSTS Header Testing Evaluate the presence and configuration of the HTTP Strict Transport Security (HSTS) header. CSP Header Testing Check the presence and configuration of the Content Security Policy (CSP) header. Cache Control Header Testing Check for the presence and correct configuration of Cache Control headers. www.infosectrain.com Security Headers Testing
  • 23. Test Name Test Case Result Access Control Testing Verify the applicationโ€™s access control by attempting to access high-privileged resources with normal user privileges. Forced Browsing Testing Verify forced browsing attempts to access restricted or unlinked resources. Insecure Direct Object Reference (IDOR) Testing Check for IDOR vulnerabilities by attempting to access objects and data outside of the authorized scope. Parameter Tampering Testing Assess the applicationโ€™s vulnerability to parameter tampering for privilege escalation. www.infosectrain.com Role Authorization Testing
  • 24. Test Name Test Case Result Time Delays Check if the application prevents time-based command injection. Output Redirection Conduct blind OS command injection with out-of-band interactions. www.infosectrain.com Blind OS Command Injection Testing
  • 25. Test Name Test Case Result Cryptography Implementation Flaw Check for implementation flaws, such as hard-coded encryption keys, weak algorithms, or improper initialization vectors. Encrypted Information Compromised Verify if sensitive information, even when encrypted, can be compromised due to data leaks, insecure key storage, or weak encryption. Weak Ciphers Used for Encryption Identify encryption mechanisms in use and check if weak ciphers are employed. www.infosectrain.com Broken Cryptography
  • 26. Found this useful? To Get More Insights Through our FREE Course | Workshops | eBooks | White Paper Checklists | Mock Tests Press the Icon & www.infosectrain.com