A checklist of OWASP Testing guide v4
Last updated 4 years ago
♻️ Update to february 4, 2020
INFO-001 Conduct Search Engine Discovery and Reconnaissance Information Leakage
INFO-002 Fingerprint Web Server
INFO-003 Review Webserver Metafiles Information Leakage
INFO-004 Enumerate Applications on Webserver
INFO-005 Review Webpage Comments and Metadata Information Leakage
INFO-006 Identify application entry points
INFO-007 Map execution paths through application
INFO-008 Fingerprint Web Application Framework
INFO-009 Fingerprint Web Application
INFO-010 Map Application Architecture
CONFIG-001 Network/Infrastructure Configuration
CONFIG-002 Application Platform Configuration
CONFIG-003 File Extensions Handling for Sensitive Information
CONFIG-004 Backup and Unreferenced Files for Sensitive Information
CONFIG-005 Enumerate Infrastructure and Application Admin Interfaces
CONFIG-006 HTTP Methods
CONFIG-007 HTTP Strict Transport Security
CONFIG-008 RIA cross domain policy
CONFIG-009 File Permission
CONFIG-010 Subdomain Takeover
IDENT-001 Role Definitions
IDENT-002 User Registration Process
IDENT-003 Account Provisioning Process
IDENT-004 Account Enumeration and Guessable User Account
IDENT-005 Weak or unenforced username policy
AUTHN-001 Credentials Transported over an Encrypted Channel
AUTHN-002 Default credentials
AUTHN-003 Weak lock out mechanism
AUTHN-004 Bypassing authentication schema
AUTHN-005 Remember password functionality
AUTHN-006 Browser cache weakness
AUTHN-007 Weak password policy
AUTHN-008 Weak security question/answer
AUTHN-009 Weak password change or reset functionalities
AUTHN-010 Weaker authentication in alternative channel
AUTHZ-001 Directory traversal/file include
AUTHZ-002 Bypassing authorization schema
AUTHZ-003 Privilege Escalation
AUTHZ-004 Insecure Direct Object References
SESS-001 Bypassing Session Management Schema
SESS-002 Cookies attributes
SESS-003 Session Fixation
SESS-004 Exposed Session Variables
SESS-005 Cross Site Request Forgery
SESS-006 Logout functionality
SESS-007 Session Timeout
SESS-008 Session puzzling
INPVAL-001 Reflected Cross Site Scripting
INPVAL-002 Stored Cross Site Scripting
INPVAL-003 HTTP Verb Tampering
INPVAL-004 HTTP Parameter pollution
INPVAL-005 SQL Injection
INPVAL-006 LDAP Injection
INPVAL-007 ORM Injection
INPVAL-008 XML Injection
INPVAL-009 SSI Injection
INPVAL-010 XPath Injection
INPVAL-011 IMAP/SMTP Injection
INPVAL-012 Code Injection
INPVAL-013 Command Injection
INPVAL-014 Buffer overflow
INPVAL-015 Incubated vulnerabilities
INPVAL-016 HTTP Splitting/Smuggling
INPVAL-017 HTTP Incoming Requests
INPVAL-018 Host Header Injection
INPVAL-019 Server Side Template Injection
ERR-001 Analysis of Error Codes
ERR-002 Analysis of Stack Traces
CRYPST-001 Weak SSL/TSL Ciphers, Insufficient Transport Layer Protection
CRYPST-002 Padding Oracle
CRYPST-003 Sensitive information sent via unencrypted channels
CRYPST-004 Weak Encryption
BUSLOGIC-001 Business Logic Data Validation
BUSLOGIC-002 Ability to Forge Requests
BUSLOGIC-003 Integrity Checks
BUSLOGIC-004 Process Timing
BUSLOGIC-005 Number of Times a Function Can be Used Limits
BUSLOGIC-006 Circumvention of Work Flows
BUSLOGIC-007 Defenses Against Application Mis-use
BUSLOGIC-008 Upload of Unexpected File Types
BUSLOGIC-009 Upload of Malicious Files
CLIENT-001 DOM based Cross Site Scripting
CLIENT-002 JavaScript Execution
CLIENT-003 HTML Injection
CLIENT-004 Client Side URL Redirect
CLIENT-005 CSS Injection
CLIENT-006 Client Side Resource Manipulation
CLIENT-007 Cross Origin Resource Sharing
CLIENT-008 Cross Site Flashing
CLIENT-009 Clickjacking
CLIENT-010 WebSockets
CLIENT-011 Web Messaging
CLIENT-012 Local Storage
CLIENT-013 Cross Site Script Inclusion
