Web Application Security Testing

0 Introduction and Objectives

1 Information Gathering

2 Configuration and Deployment Management Testing

3 Identity Management Testing

4 Authentication Testing

5 Authorization Testing

6 Session Management Testing

7 Input Validation Testing

8 Testing for Error Handling

9 Testing for Weak Cryptography

10 Business Logic Testing

11 Client-side Testing

12 API Testing