Web Application Penetration Testing Checklist

2 min readSep 18, 2020

--

Web application security test focuses only on evaluating the security of a web application. The process involves an active analysis of the application for any weaknesses, technical flaws, or vulnerabilities. Based on OWASP security testing methodology, he set of active tests have been split into 11 sub-categories for a total of 91 controls.

In here, I’ve created a detail list for security professionals use when doing web app pentesting works.

The excel sheet is on my github repo :

https://github.com/chennylmf/OWASP-Web-App-Pentesting-checklists

Reference : OWASP Security Testing Methodology https://wiki.owasp.org/index.php/Testing:_Introduction_and_objectives

https://github.com/OWASP/wstg/tree/master/document

Sign up to discover human stories that deepen your understanding of the world.

Free

Distraction-free reading. No ads.

Organize your knowledge with lists and highlights.

Tell your story. Find your audience.

Membership

Read member-only stories

Support writers you read most

Earn money for your writing

Listen to audio narrations

Read offline with the Medium app

Web App Security

Penetration Testing

Application Security

Written by Chenny Ren

OSCP | OSWP | OSEP | CRTP |CRTE | CRTO | Red Team Professional | SOC engineer

No responses yet

Write a response

What are your thoughts?

Also publish to my profile

Help
Status
About
Careers
Press
Blog
Privacy
Rules
Terms
Text to speech