OWASP Testing Guide

Configuration and Deployment Management Testing

4.2.1 Test Network Infrastructure Configuration

4.2.2 Test Application Platform Configuration

4.2.3 Test File Extensions Handling for Sensitive Information

4.2.4 Review Old Backup and Unreferenced Files for Sensitive Information

4.2.5 Enumerate Infrastructure and Application Admin Interfaces

4.2.6 Test HTTP Methods

4.2.7 Test HTTP Strict Transport Security

4.2.8 Test RIA Cross Domain Policy

4.2.9 Test File Permission

4.2.10 Test for Subdomain Takeover

4.2.11 Test Cloud Storage

4.2.12 Test for Content Security Policy

PreviousMap Application Architecture (WSTG-INFO-10)NextTest Network Infrastructure Configuration (WSTG-CONF-01)

Last updated 2 years ago