Web (OWASP Test cases)

This section details the suggested tests for evaluating a web application, following the OWASP guidelines.

The tests are the following:

• 4.1 Information Gathering

• 4.2 Configuration and Deployment Management Testing

• 4.3 Identity Management Testing

• 4.4 Authentication Testing

• 4.5 Authorization Testing

• 4.6 Session Management Testing

• 4.7 Input Validation Testing

• 4.8 Testing for Error Handling

• 4.9 Testing for Weak Cryptography

• 4.10 Business Logic Testing

• 4.11 Client-side Testing

• 4.12 API Testing