This document provides an overview of assessing the security of Lotus Domino applications. It discusses why security testing is necessary given Domino's unique architecture. It then covers Domino commands, conducting blackbox and whitebox testing, default database files, and the Domino architecture. Key areas to focus on include access control lists, design elements, agents that could be called from the web, and preventing exposed or unnecessary elements. Automated tools and working with administrators and developers are recommended.