Testing Checklist

The following is the list of controls to test during the assessment:

'''Category	- Ref. Number	 - Test Name	-   Vulnerability'''

Information Gathering	 OWASP-IG-001	- 4.2.1 Spiders, Robots and Crawlers 	- N.A.

OWASP-IG-002	- 4.2.2 Search Engine Discovery/Reconnaissance 	- N.A.

OWASP-IG-003	- 4.2.3 Identify application entry points 	- N.A.

OWASP-IG-004	- 4.2.3 Testing for Web Application Fingerprint 	- N.A.

OWASP-IG-005	- 4.2.4 Application Discovery 	- N.A.

OWASP-IG-006	- 4.2.5 Analysis of Error Codes	- Information Disclosure

Configuration Management Testing	

OWASP-CM-001	- 4.3.1 SSL/TLS Testing (SSL Version, Alghoritms, Key lenght, Digital Cert. Validity)	- SSL Weakness

OWASP-CM-002	- 4.3.2 DB Listener Testing 	- DB Listener weak

OWASP-CM-003	- 4.3.3 Infrastructure Configuration Management Testing 	- Infrastructure Configuration management weakness

OWASP-CM-004	- 4.3.4 Application Configuration Management Testing 	- Application Configuration management weakness

OWASP-CM-005	- 4.3.5 Testing for File Extensions Handling 	- File extensions handling

OWASP-CM-006	- 4.3.6 Old, backup and unreferenced files 	- Old, backup and unreferenced files

OWASP-CM-007	- 4.3.7 Infrastructure and Application Admin Interfaces 	- Access to Admin interfaces

OWASP-CM-008	- 4.3.8 Testing for HTTP Methods and XST	- HTTP Methods enabled, XST permitted, HTTP Verb

Business logic testing	

OWASP-BL-001	- 4.4 Testing for Business Logic	- Bypassable business logic

Authentication Testing	

OWASP-AT-001	- 4.5.1 Credentials transport over an encrypted channel 	- Credentials transport over an encrypted channel

OWASP-AT-002	- 4.5.2 Testing for user enumeration 	- User enumeration

OWASP-AT-003	- 4.5.3 Testing for Guessable (Dictionary) User Account 	- Guessable user account

OWASP-AT-004	- 4.5.4 Brute Force Testing 	- Credentials Brute forcing

OWASP-AT-005	- 4.5.5 Testing for bypassing authentication schema 	- Bypassing authentication schema

OWASP-AT-006	- 4.5.6 Testing for vulnerable remember password and pwd reset 	- Vulnerable remember password, weak pwd reset

OWASP-AT-007	- 4.5.7 Testing for Logout and Browser Cache Management -	- Logout function not properly implemented, browser cache weakness

OWASP-AT-008 - 4.5.8 Testing for CAPTCHA  - Weak Captcha implementation

OWASP-AT-009 - 4.5.9 Testing Multiple Factors Authentication - Weak Multiple Factors Authentication

OWASP-AT-010 - 4.5.10 Testing for Race Conditions - Race Conditions vulnerability

Authorization Testing	

OWASP-AZ-001	- 4.6.1 Testing for Path Traversal 	- Path Traversal

OWASP-AZ-002	- 4.6.2 Testing for bypassing authorization schema 	- Bypassing authorization schema

OWASP-AZ-003	- 4.6.3 Testing for Privilege Escalation	- Privilege Escalation

Session Management	

OWASP-SM-001	- 4.7.1 Testing for Session Management Schema	- Bypassing Session Management Schema, Weak Session Token

OWASP-SM-002	- 4.7.2 Testing for Cookies attributes	       - Cookies are set not ‘HTTP Only’, ‘Secure’, and no time validity

OWASP-SM-003   - 4.7.3 Testing for Session Fixation              - Session Fixation

OWASP-SM-004	- 4.7.4 Testing for Exposed Session Variables 	- Exposed sensitive session variables

OWASP-SM-005	- 4.7.5 Testing for CSRF 	                       - CSRF

OWASP-SM-006	- 4.7.6 Testing for HTTP Exploit	- HTTP Splitting, Smuggling

Data Validation Testing	

OWASP-DV-001	- 4.8.1 Testing for Reflected Cross Site Scripting - Reflected XSS

OWASP-DV-002	- 4.8.2 Testing for Stored Cross Site Scripting - Stored XSS

OWASP-DV-003	- 4.8.3 Testing for DOM based Cross Site Scripting - DOM XSS

OWASP-DV-004	- 4.8.4 Testing for Cross Site Flashing	- Cross Site Flashing

OWASP-DV-005	- 4.8.5 SQL Injection	- SQL Injection

OWASP-DV-006	- 4.8.6 LDAP Injection - LDAP Injection

OWASP-DV-007	- 4.8.7 ORM Injection - ORM Injection

OWASP-DV-008	- 4.8.8 XML Injection - XML Injection

OWASP-DV-009	- 4.8.9 SSI Injection - SSI Injection

OWASP-DV-010	- 4.8.10 XPath Injection	- XPath Injection

OWASP-DV-011	- 4.8.11 IMAP/SMTP Injection - IMAP/SMTP Injection

OWASP-DV-012	- 4.8.12 Code Injection	- Code Injection

OWASP-DV-013	- 4.8.13 OS Commanding	- OS Commanding

OWASP-DV-014	- 4.8.14 Buffer overflow	- Buffer overflow

OWASP-DV-015	- 4.8.15 Incubated vulnerability	- Incubated vulnerability

Denial of Service Testing	

OWASP-DS-001   - 4.9.1 Testing for SQL Wildcard Attacks   - SQL Wildcard vulnerability

OWASP-DS-002	- 4.9.2 Locking Customer Accounts	- Locking Customer Accounts

OWASP-DS-003   - 4.9.3 Testing for DoS Buffer Overflows - Buffer Overflows

OWASP-DS-004	- 4.9.4 User Specified Object Allocation	- User Specified Object Allocation

OWASP-DS-005	- 4.9.5 User Input as a Loop Counter	- User Input as a Loop Counter

OWASP-DS-006	- 4.9.6 Writing User Provided Data to Disk	- Writing User Provided Data to Disk

OWASP-DS-007	- 4.9.7 Failure to Release Resources	- Failure to Release Resources

OWASP-DS-008	- 4.9.8 Storing too Much Data in Session	- Storing too Much Data in Session

Web Services Testing	

OWASP-WS-001   - 4.10.1 WS Information Gathering - N.A.

OWASP-WS-002   - 4.10.2 Testing WSDL - WSDL Weakness

OWASP-WS-003	- 4.10.3 XML Structural Testing	- Weak XML Structure

OWASP-WS-004	- 4.10.4 XML content-level Testing - XML content-level

OWASP-WS-005	- 4.10.5 HTTP GET parameters/REST Testing - WS HTTP GET parameters/REST

OWASP-WS-006	- 4.10.6 Naughty SOAP attachments - WS Naughty SOAP attachments

OWASP-WS-007	- 4.10.7 Replay Testing - WS Replay Testing

Ajax Testing	

OWASP-AJ-001	- 4.11.1 AJAX Vulnerabilities - N.A.

OWASP-AJ-002	- 4.11.2 How to test AJAX - AJAX weakness