Web Application Pentesting is a way to identify, analyze, and report vulnerabilities in the Web Application. This includes buffer overflow, input validation error, code execution, SQL Injection, SQL Injection, CSRF or Cross-site scripting.
You can repeat the testing and conduct a serious method. The best way to test web applications for vulnerabilities is through Web Application Penetration Testing.
Web Application Penetration Testing Checklist
Information Gathering
1. GNU Wget is a tool that allows you to retrieve and analyze robot.txt files.
2. Check the software version. Database Details, the error technical part, and bugs by the error codes.
3. Use techniques like DNS inverse queries and DNS zone transfers, as well as web-based DNS searches.
4. Conduct Directory style Searching and vulnerability scanning. Use tools like and Nessus to probe for URLs.
5. You can identify the entry point of your application using Burp proxy, OWSAP ZAP and TemperIE.
6. You can perform TCP/ICMP by using a traditional Fingerprint Tool like Nmap or Amap.
7.By Requesting Common File Extension such as.ASP,EXE, .HTML, .PHP ,Test for recognized file types/Extensions/Directories.
8. Check out the Accessing Pages to see the Sources code.
Authentication Testing
1. You should check if you can “reuse” your session after Logout. Also, verify if the application logs out an idle user automatically.
2. Verify whether sensitive information is still stored in the browser cache
3. You can reset your password by using social engineering to crack secretsive questions and guessing.
4.check the HTML code on the login page to see if the “Remember My Password” Mechanism has been activated.
5. Verify that the hardware devices communicate directly with each other and are able to use an additional communication channel.
6. For authentication vulnerabilities, test CAPTCHA.
7. You can check whether there are any weak security question/answer.
8. An attacker can use stolen credit card numbers and phone numbers to steal customer information. A web application firewall can be used to filter malicious SQL queries from traffic.
Authorization Testing
1. To Access the Resources, Test the Role & Privilege Manipulation.
2.Test for Path Traversal: Perform input Vector Enumeration, and analyze the input validation function presented in the web app.
3.Test for parameter and cookie tempering using web spider tools.
4. You can test for HTTP Request Tempering to see if you are able to illegally access reserved resources.
Configuration Management Test
1. Verify directory, File Enumeration review servers and application Documentation. Also, make sure to check the infrastructure as well as application admin interfaces.
2. Analyze the Web server banner. Perform network scanning.
3. Verify the existence of any obsolete Documentation or Backup files. Also, verify that referenced files, such as source codes and passwords, are not missing.
4.identify the ports that are associated with the HTTP/TLS services by using NMAP or NESSUS.
5.Review OPTIONS HTTP method with Netcat and Telnet.
6. For credentials of valid users, test for HTTP methods and XST.
7. To review the information in the log files, source code and default error codes, perform an application configuration management test.
Session Administration Testing
1. To test for Cross-sight Request Forgery, check the URL’s within the Restricted Area.
2.Test for exposed session variables by inspecting the Encryption, reuse, and caching of session tokens, Proxies, and caching, GET&POST.
3. To perform an Attack, gather enough cookie samples to analyze and create a valid cookie.
4. You can test the cookie attribute with intercept proxies like Burp Proxy or OWASP ZAP.
5. To avoid session sealing, test the session fixation. (session Hijacking )
Data Validation Testing
1. Javascript Coding Errors: Analyze Sources Code
2. Perform Union Query SQL injection testing, standard SQL injection Testing, blind SQL query Testing, using tools such as sqlninja,sqldumper,sql power injector .etc.
3. Analyze HTML Code, test for stored XSS and leverage stored XSS using tools such as XSS proxy (Backframe), Burp Proxy (OWASP), ZAP, XSS assistant (XSS Assistant).
4. LDAP Injection Testing for sensitive information about hosts and users.
5. To access the Backend Mail server, perform IMAP/SMTP Injection Testing.
6.Perform XPATH Injection testing for accessing confidential information
7. To find out more about XML Structure, XML Injection Testing is recommended.
8. To identify errors in input validation, code injection testing should be performed.
9. For stack and heap memory information, and application control flow, perform Buffer Overflow testing.
10. HTTP Splitting and Smuggling for Cookies and HTTP Redirect Information.
Denial of Service Testing
1. Send large numbers of requests that use database operations. Also, observe slowdowns and new errors messages.
2. Perform manual source code analysis. Submit a range inputs of varying lengths for the applications
3.Secure your application information by testing for SQL wildcard attacks. Enterprise Networks should select the best DDoS attacks prevention services in order to protect their network from DDoS attacks.
4. Test for User determines object allocation if the application can handle a maximum number.
5. As a Loop counter, enter an extreme large number of input fields. Protect your website from future attacks. Also, check your companies DDOS Attack Downtime cost.
6. You can use a script to submit a very long value to the server. This request can then be logged.