# Web (OWASP  Test cases)

This section details the suggested tests for evaluating a web application, following the OWASP guidelines.

The tests are the following:

* [4.1 Information Gathering](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.1-information-gathering)
* [4.2 Configuration and Deployment Management Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.2-configuration-and-deployment-management-testing)
* [4.3 Identity Management Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.3-identity-management-testing)
* [4.4 Authentication Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.4-authentication-testing)
* [4.5 Authorization Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.5-authorization-testing)
* [4.6 Session Management Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.6-session-management-testing)
* [4.7 Input Validation Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.7-input-validation-testing)
* [4.8 Testing for Error Handling](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.8-testing-for-error-handling)
* [4.9 Testing for Weak Cryptography](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.9-testing-for-weak-cryptography)
* [4.10 Business Logic Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.10-business-logic-testing)
* [4.11 Client-side Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.11-client-side-testing)
* [4.12 API Testing](https://the-pentesting-guide.marmeus.com/web-owasp-test-cases/4.12-api-testing)