Web Application Penetration Testing Checklist

Chenny Ren
2 min readSep 18, 2020

--

Web application security test focuses only on evaluating the security of a web application. The process involves an active analysis of the application for any weaknesses, technical flaws, or vulnerabilities. Based on OWASP security testing methodology, he set of active tests have been split into 11 sub-categories for a total of 91 controls.

In here, I’ve created a detail list for security professionals use when doing web app pentesting works.

The excel sheet is on my github repo :

https://github.com/chennylmf/OWASP-Web-App-Pentesting-checklists

Reference : OWASP Security Testing Methodology https://wiki.owasp.org/index.php/Testing:_Introduction_and_objectives

https://github.com/OWASP/wstg/tree/master/document

--

--

Chenny Ren
Chenny Ren

Written by Chenny Ren

OSCP | OSWP | OSEP | CRTP |CRTE | CRTO | Red Team Professional | SOC engineer

No responses yet