Testing Checklist

The following is the list of items to test during the assessment:

Note: The Status column can be set for values similar to "Pass", "Fail", "N/A".

Test ID	Test Name	Status	Notes
WSTG-INFO	Information Gathering
WSTG-INFO-01	Conduct Search Engine Discovery and Reconnaissance for Information Leakage
WSTG-INFO-02	Fingerprint Web Server
WSTG-INFO-03	Review Webserver Metafiles for Information Leakage
WSTG-INFO-04	Enumerate Applications on Webserver
WSTG-INFO-05	Review Webpage Content for Information Leakage
WSTG-INFO-06	Identify Application Entry Points
WSTG-INFO-07	Map Execution Paths Through Application
WSTG-INFO-08	Fingerprint Web Application Framework
WSTG-INFO-09	Fingerprint Web Application
WSTG-INFO-10	Map Application Architecture
WSTG-CONF	Configuration and Deploy Management Testing
WSTG-CONF-01	Test Network Infrastructure Configuration
WSTG-CONF-02	Test Application Platform Configuration
WSTG-CONF-03	Test File Extensions Handling for Sensitive Information
WSTG-CONF-04	Review Old Backup and Unreferenced Files for Sensitive Information
WSTG-CONF-05	Enumerate Infrastructure and Application Admin Interfaces
WSTG-CONF-06	Test HTTP Methods
WSTG-CONF-07	Test HTTP Strict Transport Security
WSTG-CONF-08	Test RIA Cross Domain Policy
WSTG-CONF-09	Test File Permission
WSTG-CONF-10	Test for Subdomain Takeover
WSTG-CONF-11	Test Cloud Storage
WSTG-CONF-12	Testing for Content Security Policy
WSTG-IDNT	Identity Management Testing
WSTG-IDNT-01	Test Role Definitions
WSTG-IDNT-02	Test User Registration Process
WSTG-IDNT-03	Test Account Provisioning Process
WSTG-IDNT-04	Testing for Account Enumeration and Guessable User Account
WSTG-IDNT-05	Testing for Weak or Unenforced Username Policy
WSTG-ATHN	Authentication Testing
WSTG-ATHN-01	Testing for Credentials Transported over an Encrypted Channel
WSTG-ATHN-02	Testing for Default Credentials
WSTG-ATHN-03	Testing for Weak Lock Out Mechanism
WSTG-ATHN-04	Testing for Bypassing Authentication Schema
WSTG-ATHN-05	Testing for Vulnerable Remember Password
WSTG-ATHN-06	Testing for Browser Cache Weakness
WSTG-ATHN-07	Testing for Weak Password Policy
WSTG-ATHN-08	Testing for Weak Security Question Answer
WSTG-ATHN-09	Testing for Weak Password Change or Reset Functionalities
WSTG-ATHN-10	Testing for Weaker Authentication in Alternative Channel
WSTG-ATHZ	Authorization Testing
WSTG-ATHZ-01	Testing Directory Traversal File Include
WSTG-ATHZ-02	Testing for Bypassing Authorization Schema
WSTG-ATHZ-03	Testing for Privilege Escalation
WSTG-ATHZ-04	Testing for Insecure Direct Object References
WSTG-SESS	Session Management Testing
WSTG-SESS-01	Testing for Session Management Schema
WSTG-SESS-02	Testing for Cookies Attributes
WSTG-SESS-03	Testing for Session Fixation
WSTG-SESS-04	Testing for Exposed Session Variables
WSTG-SESS-05	Testing for Cross Site Request Forgery
WSTG-SESS-06	Testing for Logout Functionality
WSTG-SESS-07	Testing Session Timeout
WSTG-SESS-08	Testing for Session Puzzling
WSTG-SESS-09	Testing for Session Hijacking
WSTG-SESS-10	Testing JSON Web Tokens
WSTG-INPV	Input Validation Testing
WSTG-INPV-01	Testing for Reflected Cross Site Scripting
WSTG-INPV-02	Testing for Stored Cross Site Scripting
WSTG-INPV-03	Testing for HTTP Verb Tampering
WSTG-INPV-04	Testing for HTTP Parameter pollution
WSTG-INPV-05	Testing for SQL Injection
WSTG-INPV-06	Testing for LDAP Injection
WSTG-INPV-07	Testing for XML Injection
WSTG-INPV-08	Testing for SSI Injection
WSTG-INPV-09	Testing for XPath Injection
WSTG-INPV-10	Testing for IMAP SMTP Injection
WSTG-INPV-11	Testing for Code Injection
WSTG-INPV-12	Testing for Command Injection
WSTG-INPV-13	Testing for Format String Injection
WSTG-INPV-14	Testing for Incubated Vulnerabilities
WSTG-INPV-15	Testing for HTTP Splitting Smuggling
WSTG-INPV-16	Testing for HTTP Incoming Requests
WSTG-INPV-17	Testing for Host Header Injection
WSTG-INPV-18	Testing for Server-Side Template Injection
WSTG-INPV-19	Testing for Server-Side Request Forgery
WSTG-ERRH	Error Handling
WSTG-ERRH-01	Testing for Improper Error Handling
WSTG-ERRH-02	Testing for Stack Traces
WSTG-CRYP	Cryptography
WSTG-CRYP-01	Testing for Weak Transport Layer Security
WSTG-CRYP-02	Testing for Padding Oracle
WSTG-CRYP-03	Testing for Sensitive Information Sent Via Unencrypted Channels
WSTG-CRYP-04	Testing for Weak Encryption
WSTG-BUSLOGIC	Business Logic Testing
WSTG-BUSL-01	Test Business Logic Data Validation
WSTG-BUSL-02	Test Ability to Forge Requests
WSTG-BUSL-03	Test Integrity Checks
WSTG-BUSL-04	Test for Process Timing
WSTG-BUSL-05	Test Number of Times a Function Can Be Used Limits
WSTG-BUSL-06	Testing for the Circumvention of Work Flows
WSTG-BUSL-07	Test Defenses Against Application Misuse
WSTG-BUSL-08	Test Upload of Unexpected File Types
WSTG-BUSL-09	Test Upload of Malicious Files
WSTG-CLIENT	Client-side Testing
WSTG-CLNT-01	Testing for DOM Based Cross Site Scripting
WSTG-CLNT-02	Testing for JavaScript Execution
WSTG-CLNT-03	Testing for HTML Injection
WSTG-CLNT-04	Testing for Client-Side URL Redirect
WSTG-CLNT-05	Testing for CSS Injection
WSTG-CLNT-06	Testing for Client-Side Resource Manipulation
WSTG-CLNT-07	Test Cross Origin Resource Sharing
WSTG-CLNT-08	Testing for Cross Site Flashing
WSTG-CLNT-09	Testing for Clickjacking
WSTG-CLNT-10	Testing WebSockets
WSTG-CLNT-11	Test Web Messaging
WSTG-CLNT-12	Test Browser Storage
WSTG-CLNT-13	Testing for Cross Site Script Inclusion
WSTG-APIT	API Testing
WSTG-APIT-01	Testing GraphQL

Test ID

Test Name

Status

Notes

WSTG-INFO

Information Gathering

WSTG-INFO-01

Conduct Search Engine Discovery and Reconnaissance for Information Leakage

WSTG-INFO-02

Fingerprint Web Server

WSTG-INFO-03

Review Webserver Metafiles for Information Leakage

WSTG-INFO-04

Enumerate Applications on Webserver

WSTG-INFO-05

Review Webpage Content for Information Leakage

WSTG-INFO-06

Identify Application Entry Points

WSTG-INFO-07

Map Execution Paths Through Application

WSTG-INFO-08

Fingerprint Web Application Framework

WSTG-INFO-09

Fingerprint Web Application

WSTG-INFO-10

Map Application Architecture

WSTG-CONF

Configuration and Deploy Management Testing

WSTG-CONF-01

Test Network Infrastructure Configuration

WSTG-CONF-02

Test Application Platform Configuration

WSTG-CONF-03

Test File Extensions Handling for Sensitive Information

WSTG-CONF-04

Review Old Backup and Unreferenced Files for Sensitive Information

WSTG-CONF-05

Enumerate Infrastructure and Application Admin Interfaces

WSTG-CONF-06

Test HTTP Methods

WSTG-CONF-07

Test HTTP Strict Transport Security

WSTG-CONF-08

Test RIA Cross Domain Policy

WSTG-CONF-09

Test File Permission

WSTG-CONF-10

Test for Subdomain Takeover

WSTG-CONF-11

Test Cloud Storage

WSTG-CONF-12

Testing for Content Security Policy

WSTG-IDNT

Identity Management Testing

WSTG-IDNT-01

Test Role Definitions

WSTG-IDNT-02

Test User Registration Process

WSTG-IDNT-03

Test Account Provisioning Process

WSTG-IDNT-04

Testing for Account Enumeration and Guessable User Account

WSTG-IDNT-05

Testing for Weak or Unenforced Username Policy

WSTG-ATHN

Authentication Testing

WSTG-ATHN-01

Testing for Credentials Transported over an Encrypted Channel

WSTG-ATHN-02

Testing for Default Credentials

WSTG-ATHN-03

Testing for Weak Lock Out Mechanism

WSTG-ATHN-04

Testing for Bypassing Authentication Schema

WSTG-ATHN-05

Testing for Vulnerable Remember Password

WSTG-ATHN-06

Testing for Browser Cache Weakness

WSTG-ATHN-07

Testing for Weak Password Policy

WSTG-ATHN-08

Testing for Weak Security Question Answer

WSTG-ATHN-09

Testing for Weak Password Change or Reset Functionalities

WSTG-ATHN-10

Testing for Weaker Authentication in Alternative Channel

WSTG-ATHZ

Authorization Testing

WSTG-ATHZ-01

Testing Directory Traversal File Include

WSTG-ATHZ-02

Testing for Bypassing Authorization Schema

WSTG-ATHZ-03

Testing for Privilege Escalation

WSTG-ATHZ-04

Testing for Insecure Direct Object References

WSTG-SESS

Session Management Testing

WSTG-SESS-01

Testing for Session Management Schema

WSTG-SESS-02

Testing for Cookies Attributes

WSTG-SESS-03

Testing for Session Fixation

WSTG-SESS-04

Testing for Exposed Session Variables

WSTG-SESS-05

Testing for Cross Site Request Forgery

WSTG-SESS-06

Testing for Logout Functionality

WSTG-SESS-07

Testing Session Timeout

WSTG-SESS-08

Testing for Session Puzzling

WSTG-SESS-09

Testing for Session Hijacking

WSTG-SESS-10

Testing JSON Web Tokens

WSTG-INPV

Input Validation Testing

WSTG-INPV-01

Testing for Reflected Cross Site Scripting

WSTG-INPV-02

Testing for Stored Cross Site Scripting

WSTG-INPV-03

Testing for HTTP Verb Tampering

WSTG-INPV-04

Testing for HTTP Parameter pollution

WSTG-INPV-05

Testing for SQL Injection

WSTG-INPV-06

Testing for LDAP Injection

WSTG-INPV-07

Testing for XML Injection

WSTG-INPV-08

Testing for SSI Injection

WSTG-INPV-09

Testing for XPath Injection

WSTG-INPV-10

Testing for IMAP SMTP Injection

WSTG-INPV-11

Testing for Code Injection

WSTG-INPV-12

Testing for Command Injection

WSTG-INPV-13

Testing for Format String Injection

WSTG-INPV-14

Testing for Incubated Vulnerabilities

WSTG-INPV-15

Testing for HTTP Splitting Smuggling

WSTG-INPV-16

Testing for HTTP Incoming Requests

WSTG-INPV-17

Testing for Host Header Injection

WSTG-INPV-18

Testing for Server-Side Template Injection

WSTG-INPV-19

Testing for Server-Side Request Forgery

WSTG-ERRH

Error Handling

WSTG-ERRH-01

Testing for Improper Error Handling

WSTG-ERRH-02

Testing for Stack Traces

WSTG-CRYP

Cryptography

WSTG-CRYP-01

Testing for Weak Transport Layer Security

WSTG-CRYP-02

Testing for Padding Oracle

WSTG-CRYP-03

Testing for Sensitive Information Sent Via Unencrypted Channels

WSTG-CRYP-04

Testing for Weak Encryption

WSTG-BUSLOGIC

Business Logic Testing

WSTG-BUSL-01

Test Business Logic Data Validation

WSTG-BUSL-02

Test Ability to Forge Requests

WSTG-BUSL-03

Test Integrity Checks

WSTG-BUSL-04

Test for Process Timing

WSTG-BUSL-05

Test Number of Times a Function Can Be Used Limits

WSTG-BUSL-06

Testing for the Circumvention of Work Flows

WSTG-BUSL-07

Test Defenses Against Application Misuse

WSTG-BUSL-08

Test Upload of Unexpected File Types

WSTG-BUSL-09

Test Upload of Malicious Files

WSTG-CLIENT

Client-side Testing

WSTG-CLNT-01

Testing for DOM Based Cross Site Scripting

WSTG-CLNT-02

Testing for JavaScript Execution

WSTG-CLNT-03

Testing for HTML Injection

WSTG-CLNT-04

Testing for Client-Side URL Redirect

WSTG-CLNT-05

Testing for CSS Injection

WSTG-CLNT-06

Testing for Client-Side Resource Manipulation

WSTG-CLNT-07

Test Cross Origin Resource Sharing

WSTG-CLNT-08

Testing for Cross Site Flashing

WSTG-CLNT-09

Testing for Clickjacking

WSTG-CLNT-10

Testing WebSockets

WSTG-CLNT-11

Test Web Messaging

WSTG-CLNT-12

Test Browser Storage

WSTG-CLNT-13

Testing for Cross Site Script Inclusion

WSTG-APIT

API Testing

WSTG-APIT-01

Testing GraphQL

PreviousLeveraging Dev Tools NextTable of Contents

Last updated 1 year ago