OWASP Web Security Testing Guide v4.2 2 topics
The Web Security Testing Framework 21 topics
Penetration Testing Methodologies 10 topics
Web Application Security Testing
Testing Introduction and Objectives 8 topics
Information Gathering
WSTG-INFO-01: Conduct Search Engine Discovery Reconnaissance for Information Leakage 9 topics
WSTG-INFO-02: Fingerprint Web Server 7 topics
WSTG-INFO-03: Review Webserver Metafiles for Information Leakage 14 topics
WSTG-INFO-04: Attack Surface Identification 17 topics
WSTG-INFO-05: Review Web Page Content for Information Leakage 11 topics
WSTG-INFO-06: Identify Application Entry Points 12 topics
WSTG-INFO-07: Map Execution Paths Through Application 6 topics
WSTG-INFO-08: Fingerprint Web Application Framework 21 topics
WSTG-INFO-09: Fingerprint Web Application
WSTG-INFO-10: Map Application Architecture 20 topics
Configuration and Deployment Management Testing
WSTG-CONF-01: Test Network Infrastructure Configuration 6 topics
WSTG-CONF-02: Test Application Platform Configuration 17 topics
WSTG-CONF-03: Test File Extensions Handling for Sensitive Information 8 topics
WSTG-CONF-04: Review Old Backup and Unreferenced Files for Sensitive Information 14 topics
WSTG-CONF-05: Enumerate Infrastructure and Application Admin Interfaces 7 topics
WSTG-CONF-06: Test HTTP Methods 15 topics
WSTG-CONF-07: Test HTTP Strict Transport Security 4 topics
WSTG-CONF-08: Test RIA Cross Domain Policy
WSTG-CONF-09: Test File Permission 6 topics
WSTG-CONF-10: Test for Subdomain Takeover 12 topics
WSTG-CONF-11: Test Cloud Storage 11 topics
WSTG-CONF-12: Testing for Content Security Policy 7 topics
WSTG-CONF-13: Test Path Confusion 8 topics
WSTG-CONF-14: Test Other HTTP Security Header Misconfigurations 19 topics
Identity Management Testing
WSTG-IDNT-01: Test Role Definitions 8 topics
WSTG-IDNT-02: Test User Registration Process 7 topics
WSTG-IDNT-03: Test Account Provisioning Process 5 topics
WSTG-IDNT-04: Testing for Account Enumeration and Guessable User Account 23 topics
WSTG-IDNT-05: Testing for Weak or Unenforced Username Policy
Authentication Testing
WSTG-ATHN-01: Testing for Credentials Transported over an Encrypted Channel
WSTG-ATHN-02: Testing for Default Credentials 8 topics
WSTG-ATHN-03: Testing for Weak Lock Out Mechanism 8 topics
WSTG-ATHN-04: Testing for Bypassing Authentication Schema 9 topics
WSTG-ATHN-05: Testing for Vulnerable Remember Password 4 topics
WSTG-ATHN-06: Testing for Browser Cache Weaknesses 11 topics
WSTG-ATHN-07: Testing for Weak Authentication Methods 5 topics
WSTG-ATHN-08: Testing for Weak Security Question Answer 9 topics
WSTG-ATHN-09: Testing for Weak Password Change or Reset Functionalities 12 topics
WSTG-ATHN-10: Testing for Weaker Authentication in Alternative Channel 10 topics
WSTG-ATHN-11: Testing Multi-Factor Authentication (MFA) 19 topics
Authorization Testing
WSTG-ATHZ-01: Testing Directory Traversal File Include 11 topics
WSTG-ATHZ-02: Testing for Bypassing Authorization Schema 17 topics
WSTG-ATHZ-03: Testing for Privilege Escalation 16 topics
WSTG-ATHZ-04: Testing for Insecure Direct Object References 8 topics
WSTG-ATHZ-05: Testing for OAuth Weaknesses 12 topics
WSTG-ATHZ-05.1: Testing for OAuth Authorization Server Weaknesses 18 topics
WSTG-ATHZ-05.2: Testing for OAuth Client Weaknesses 10 topics
Session Management Testing
WSTG-SESS-01: Testing for Session Management Schema 13 topics
WSTG-SESS-02: Testing for Cookies Attributes 21 topics
WSTG-SESS-03: Testing for Session Fixation 7 topics
WSTG-SESS-04: Testing for Exposed Session Variables 9 topics
WSTG-SESS-05: Testing for Cross Site Request Forgery 6 topics
WSTG-SESS-06: Testing for Logout Functionality 10 topics
WSTG-SESS-07: Testing Session Timeout 7 topics
WSTG-SESS-08: Testing for Session Puzzling 8 topics
WSTG-SESS-09: Testing for Session Hijacking 4 topics
WSTG-SESS-10: Testing JSON Web Tokens 22 topics
WSTG-SESS-11: Testing for Concurrent Sessions 6 topics
Input Validation Testing
WSTG-INPV-01: Testing for Reflected Cross Site Scripting 21 topics
WSTG-INPV-02: Testing for Stored Cross Site Scripting 16 topics
WSTG-INPV-03: Testing for HTTP Verb Tampering
WSTG-INPV-04: Testing for HTTP Parameter Pollution 11 topics
WSTG-INPV-05: Testing for SQL Injection 35 topics
WSTG-INPV-05.1: Testing for Oracle 21 topics
WSTG-INPV-05.2: Testing for MySQL 20 topics
WSTG-INPV-05.3: Testing for SQL Server 21 topics
WSTG-INPV-05.4: Testing PostgreSQL 27 topics
WSTG-INPV-05.5: Testing for MS Access 8 topics
WSTG-INPV-05.6: Testing for NoSQL Injection 8 topics
WSTG-INPV-05.7: Testing for ORM Injection 7 topics
WSTG-INPV-05.8: Testing for Client-side 8 topics
WSTG-INPV-06: Testing for LDAP Injection 8 topics
WSTG-INPV-07: Testing for XML Injection 8 topics
WSTG-INPV-08: Testing for SSI Injection 5 topics
WSTG-INPV-09: Testing for XPath Injection 5 topics
WSTG-INPV-10: Testing for IMAP SMTP Injection 8 topics
WSTG-INPV-11: Testing for Code Injection 8 topics
WSTG-INPV-11.1: Testing for File Inclusion 15 topics
WSTG-INPV-12: Testing for Command Injection 26 topics
WSTG-INPV-13: Testing for Buffer Overflow
WSTG-INPV-13b: Testing for Format String Injection 8 topics
WSTG-INPV-14: Testing for Incubated Vulnerability 12 topics
WSTG-INPV-15: Testing for HTTP Response Splitting 8 topics
WSTG-INPV-16: Testing for HTTP Request Smuggling 16 topics
WSTG-INPV-17: Testing for Host Header Injection 8 topics
WSTG-INPV-18: Testing for Server-side Template Injection 10 topics
WSTG-INPV-19: Testing for Server-Side Request Forgery 11 topics
WSTG-INPV-20: Testing for Mass Assignment 13 topics
Error Handling Testing
WSTG-ERRH-01: Testing for Improper Error Handling 8 topics
WSTG-ERRH-02: Testing for Stack Traces
Weak Cryptography Testing
WSTG-CRYP-01: Testing for Weak Transport Layer Security 15 topics
WSTG-CRYP-02: Testing for Padding Oracle 11 topics
WSTG-CRYP-03: Testing for Sensitive Information Sent via Unencrypted Channels 11 topics
WSTG-CRYP-04: Testing for Weak Encryption 7 topics
Business Logic Testing
WSTG-BUSL-00: Introduction to Business Logic 11 topics
WSTG-BUSL-01: Test Business Logic Data Validation 11 topics
WSTG-BUSL-02: Test Ability to Forge Requests 11 topics
WSTG-BUSL-03: Test Integrity Checks 14 topics
WSTG-BUSL-04: Test for Process Timing 9 topics
WSTG-BUSL-05: Test Number of Times a Function Can Be Used Limits 7 topics
WSTG-BUSL-06: Testing for the Circumvention of Work Flows 11 topics
WSTG-BUSL-07: Test Defenses Against Application Misuse 8 topics
WSTG-BUSL-08: Test Upload of Unexpected File Types 8 topics
WSTG-BUSL-09: Test Upload of Malicious Files 29 topics
WSTG-BUSL-10: Test Payment Functionality 26 topics
Client-side Testing
WSTG-CLNT-01: Testing for DOM-Based Cross Site Scripting 5 topics
WSTG-CLNT-01.1: Testing for Self DOM Based Cross-Site Scripting 5 topics
WSTG-CLNT-02: Testing for JavaScript Execution 3 topics
WSTG-CLNT-03: Testing for HTML Injection 3 topics
WSTG-CLNT-04: Testing for Client-side URL Redirect 3 topics
WSTG-CLNT-05: Testing for CSS Injection 3 topics
WSTG-CLNT-06: Testing for Client-side Resource Manipulation 3 topics
WSTG-CLNT-07: Testing Cross Origin Resource Sharing 16 topics
WSTG-CLNT-08: Testing for Cross Site Flashing 13 topics
WSTG-CLNT-09: Testing for Clickjacking 13 topics
WSTG-CLNT-10: Testing WebSockets 12 topics
WSTG-CLNT-11: Testing Web Messaging 7 topics
WSTG-CLNT-12: Testing Browser Storage 19 topics
WSTG-CLNT-13: Testing for Cross Site Script Inclusion 10 topics
WSTG-CLNT-14: Testing for Reverse Tabnabbing 5 topics
WSTG-CLNT-15: Testing for Client-side Template Injection 16 topics
API Testing
WSTG-APIT-00: API Testing Overview 10 topics
WSTG-APIT-01: API Reconnaissance 25 topics
WSTG-APIT-02: API Broken Object Level Authorization 12 topics
WSTG-APIT-99: Testing GraphQL 19 topics
Reporting
Vulnerability Naming Schemes 9 topics
Appendix
Testing Tools Resource 23 topics
Suggested Reading 5 topics
Encoded Injection 9 topics
Leveraging Dev Tools 43 topics