Testing Checklist

The following is the list of items to test during the assessment:

Note: The Status column can be set for values similar to "Pass", "Fail", "N/A".

Test ID
Test Name
Status
Notes

WSTG-INFO

Information Gathering

WSTG-INFO-01

Conduct Search Engine Discovery and Reconnaissance for Information Leakage

WSTG-INFO-02

Fingerprint Web Server

WSTG-INFO-03

Review Webserver Metafiles for Information Leakage

WSTG-INFO-04

Enumerate Applications on Webserver

WSTG-INFO-05

Review Webpage Content for Information Leakage

WSTG-INFO-06

Identify Application Entry Points

WSTG-INFO-07

Map Execution Paths Through Application

WSTG-INFO-08

Fingerprint Web Application Framework

WSTG-INFO-09

Fingerprint Web Application

WSTG-INFO-10

Map Application Architecture

WSTG-CONF

Configuration and Deploy Management Testing

WSTG-CONF-01

Test Network Infrastructure Configuration

WSTG-CONF-02

Test Application Platform Configuration

WSTG-CONF-03

Test File Extensions Handling for Sensitive Information

WSTG-CONF-04

Review Old Backup and Unreferenced Files for Sensitive Information

WSTG-CONF-05

Enumerate Infrastructure and Application Admin Interfaces

WSTG-CONF-06

Test HTTP Methods

WSTG-CONF-07

Test HTTP Strict Transport Security

WSTG-CONF-08

Test RIA Cross Domain Policy

WSTG-CONF-09

Test File Permission

WSTG-CONF-10

Test for Subdomain Takeover

WSTG-CONF-11

Test Cloud Storage

WSTG-CONF-12

Testing for Content Security Policy

WSTG-IDNT

Identity Management Testing

WSTG-IDNT-01

Test Role Definitions

WSTG-IDNT-02

Test User Registration Process

WSTG-IDNT-03

Test Account Provisioning Process

WSTG-IDNT-04

Testing for Account Enumeration and Guessable User Account

WSTG-IDNT-05

Testing for Weak or Unenforced Username Policy

WSTG-ATHN

Authentication Testing

WSTG-ATHN-01

Testing for Credentials Transported over an Encrypted Channel

WSTG-ATHN-02

Testing for Default Credentials

WSTG-ATHN-03

Testing for Weak Lock Out Mechanism

WSTG-ATHN-04

Testing for Bypassing Authentication Schema

WSTG-ATHN-05

Testing for Vulnerable Remember Password

WSTG-ATHN-06

Testing for Browser Cache Weakness

WSTG-ATHN-07

Testing for Weak Password Policy

WSTG-ATHN-08

Testing for Weak Security Question Answer

WSTG-ATHN-09

Testing for Weak Password Change or Reset Functionalities

WSTG-ATHN-10

Testing for Weaker Authentication in Alternative Channel

WSTG-ATHZ

Authorization Testing

WSTG-ATHZ-01

Testing Directory Traversal File Include

WSTG-ATHZ-02

Testing for Bypassing Authorization Schema

WSTG-ATHZ-03

Testing for Privilege Escalation

WSTG-ATHZ-04

Testing for Insecure Direct Object References

WSTG-SESS

Session Management Testing

WSTG-SESS-01

Testing for Session Management Schema

WSTG-SESS-02

Testing for Cookies Attributes

WSTG-SESS-03

Testing for Session Fixation

WSTG-SESS-04

Testing for Exposed Session Variables

WSTG-SESS-05

Testing for Cross Site Request Forgery

WSTG-SESS-06

Testing for Logout Functionality

WSTG-SESS-07

Testing Session Timeout

WSTG-SESS-08

Testing for Session Puzzling

WSTG-SESS-09

Testing for Session Hijacking

WSTG-SESS-10

Testing JSON Web Tokens

WSTG-INPV

Input Validation Testing

WSTG-INPV-01

Testing for Reflected Cross Site Scripting

WSTG-INPV-02

Testing for Stored Cross Site Scripting

WSTG-INPV-03

Testing for HTTP Verb Tampering

WSTG-INPV-04

Testing for HTTP Parameter pollution

WSTG-INPV-05

Testing for SQL Injection

WSTG-INPV-06

Testing for LDAP Injection

WSTG-INPV-07

Testing for XML Injection

WSTG-INPV-08

Testing for SSI Injection

WSTG-INPV-09

Testing for XPath Injection

WSTG-INPV-10

Testing for IMAP SMTP Injection

WSTG-INPV-11

Testing for Code Injection

WSTG-INPV-12

Testing for Command Injection

WSTG-INPV-13

Testing for Format String Injection

WSTG-INPV-14

Testing for Incubated Vulnerabilities

WSTG-INPV-15

Testing for HTTP Splitting Smuggling

WSTG-INPV-16

Testing for HTTP Incoming Requests

WSTG-INPV-17

Testing for Host Header Injection

WSTG-INPV-18

Testing for Server-Side Template Injection

WSTG-INPV-19

Testing for Server-Side Request Forgery

WSTG-ERRH

Error Handling

WSTG-ERRH-01

Testing for Improper Error Handling

WSTG-ERRH-02

Testing for Stack Traces

WSTG-CRYP

Cryptography

WSTG-CRYP-01

Testing for Weak Transport Layer Security

WSTG-CRYP-02

Testing for Padding Oracle

WSTG-CRYP-03

Testing for Sensitive Information Sent Via Unencrypted Channels

WSTG-CRYP-04

Testing for Weak Encryption

WSTG-BUSLOGIC

Business Logic Testing

WSTG-BUSL-01

Test Business Logic Data Validation

WSTG-BUSL-02

Test Ability to Forge Requests

WSTG-BUSL-03

Test Integrity Checks

WSTG-BUSL-04

Test for Process Timing

WSTG-BUSL-05

Test Number of Times a Function Can Be Used Limits

WSTG-BUSL-06

Testing for the Circumvention of Work Flows

WSTG-BUSL-07

Test Defenses Against Application Misuse

WSTG-BUSL-08

Test Upload of Unexpected File Types

WSTG-BUSL-09

Test Upload of Malicious Files

WSTG-CLIENT

Client-side Testing

WSTG-CLNT-01

Testing for DOM Based Cross Site Scripting

WSTG-CLNT-02

Testing for JavaScript Execution

WSTG-CLNT-03

Testing for HTML Injection

WSTG-CLNT-04

Testing for Client-Side URL Redirect

WSTG-CLNT-05

Testing for CSS Injection

WSTG-CLNT-06

Testing for Client-Side Resource Manipulation

WSTG-CLNT-07

Test Cross Origin Resource Sharing

WSTG-CLNT-08

Testing for Cross Site Flashing

WSTG-CLNT-09

Testing for Clickjacking

WSTG-CLNT-10

Testing WebSockets

WSTG-CLNT-11

Test Web Messaging

WSTG-CLNT-12

Test Browser Storage

WSTG-CLNT-13

Testing for Cross Site Script Inclusion

WSTG-APIT

API Testing

WSTG-APIT-01

Testing GraphQL

PreviousLeveraging Dev ToolsNextTable of Contents

Last updated