The following is the list of items to test during the assessment:
Note: The Status column can be set for values similar to "Pass", "Fail", "N/A".
| Test ID | Test Name | Status | Notes |
|---|---|---|---|
| WSTG-INFO | Information Gathering | ||
| WSTG-INFO-01 | Conduct Search Engine Discovery and Reconnaissance for Information Leakage | ||
| WSTG-INFO-02 | Fingerprint Web Server | ||
| WSTG-INFO-03 | Review Webserver Metafiles for Information Leakage | ||
| WSTG-INFO-04 | Enumerate Applications on Webserver | ||
| WSTG-INFO-05 | Review Webpage Content for Information Leakage | ||
| WSTG-INFO-06 | Identify Application Entry Points | ||
| WSTG-INFO-07 | Map Execution Paths Through Application | ||
| WSTG-INFO-08 | Fingerprint Web Application Framework | ||
| WSTG-INFO-09 | Fingerprint Web Application | ||
| WSTG-INFO-10 | Map Application Architecture | ||
| WSTG-CONF | Configuration and Deploy Management Testing | ||
| WSTG-CONF-01 | Test Network Infrastructure Configuration | ||
| WSTG-CONF-02 | Test Application Platform Configuration | ||
| WSTG-CONF-03 | Test File Extensions Handling for Sensitive Information | ||
| WSTG-CONF-04 | Review Old Backup and Unreferenced Files for Sensitive Information | ||
| WSTG-CONF-05 | Enumerate Infrastructure and Application Admin Interfaces | ||
| WSTG-CONF-06 | Test HTTP Methods | ||
| WSTG-CONF-07 | Test HTTP Strict Transport Security | ||
| WSTG-CONF-08 | Test RIA Cross Domain Policy | ||
| WSTG-CONF-09 | Test File Permission | ||
| WSTG-CONF-10 | Test for Subdomain Takeover | ||
| WSTG-CONF-11 | Test Cloud Storage | ||
| WSTG-CONF-12 | Testing for Content Security Policy | ||
| WSTG-IDNT | Identity Management Testing | ||
| WSTG-IDNT-01 | Test Role Definitions | ||
| WSTG-IDNT-02 | Test User Registration Process | ||
| WSTG-IDNT-03 | Test Account Provisioning Process | ||
| WSTG-IDNT-04 | Testing for Account Enumeration and Guessable User Account | ||
| WSTG-IDNT-05 | Testing for Weak or Unenforced Username Policy | ||
| WSTG-ATHN | Authentication Testing | ||
| WSTG-ATHN-01 | Testing for Credentials Transported over an Encrypted Channel | ||
| WSTG-ATHN-02 | Testing for Default Credentials | ||
| WSTG-ATHN-03 | Testing for Weak Lock Out Mechanism | ||
| WSTG-ATHN-04 | Testing for Bypassing Authentication Schema | ||
| WSTG-ATHN-05 | Testing for Vulnerable Remember Password | ||
| WSTG-ATHN-06 | Testing for Browser Cache Weakness | ||
| WSTG-ATHN-07 | Testing for Weak Password Policy | ||
| WSTG-ATHN-08 | Testing for Weak Security Question Answer | ||
| WSTG-ATHN-09 | Testing for Weak Password Change or Reset Functionalities | ||
| WSTG-ATHN-10 | Testing for Weaker Authentication in Alternative Channel | ||
| WSTG-ATHZ | Authorization Testing | ||
| WSTG-ATHZ-01 | Testing Directory Traversal File Include | ||
| WSTG-ATHZ-02 | Testing for Bypassing Authorization Schema | ||
| WSTG-ATHZ-03 | Testing for Privilege Escalation | ||
| WSTG-ATHZ-04 | Testing for Insecure Direct Object References | ||
| WSTG-SESS | Session Management Testing | ||
| WSTG-SESS-01 | Testing for Session Management Schema | ||
| WSTG-SESS-02 | Testing for Cookies Attributes | ||
| WSTG-SESS-03 | Testing for Session Fixation | ||
| WSTG-SESS-04 | Testing for Exposed Session Variables | ||
| WSTG-SESS-05 | Testing for Cross Site Request Forgery | ||
| WSTG-SESS-06 | Testing for Logout Functionality | ||
| WSTG-SESS-07 | Testing Session Timeout | ||
| WSTG-SESS-08 | Testing for Session Puzzling | ||
| WSTG-SESS-09 | Testing for Session Hijacking | ||
| WSTG-SESS-10 | Testing JSON Web Tokens | ||
| WSTG-INPV | Input Validation Testing | ||
| WSTG-INPV-01 | Testing for Reflected Cross Site Scripting | ||
| WSTG-INPV-02 | Testing for Stored Cross Site Scripting | ||
| WSTG-INPV-03 | Testing for HTTP Verb Tampering | ||
| WSTG-INPV-04 | Testing for HTTP Parameter pollution | ||
| WSTG-INPV-05 | Testing for SQL Injection | ||
| WSTG-INPV-06 | Testing for LDAP Injection | ||
| WSTG-INPV-07 | Testing for XML Injection | ||
| WSTG-INPV-08 | Testing for SSI Injection | ||
| WSTG-INPV-09 | Testing for XPath Injection | ||
| WSTG-INPV-10 | Testing for IMAP SMTP Injection | ||
| WSTG-INPV-11 | Testing for Code Injection | ||
| WSTG-INPV-12 | Testing for Command Injection | ||
| WSTG-INPV-13 | Testing for Format String Injection | ||
| WSTG-INPV-14 | Testing for Incubated Vulnerabilities | ||
| WSTG-INPV-15 | Testing for HTTP Splitting Smuggling | ||
| WSTG-INPV-16 | Testing for HTTP Incoming Requests | ||
| WSTG-INPV-17 | Testing for Host Header Injection | ||
| WSTG-INPV-18 | Testing for Server-Side Template Injection | ||
| WSTG-INPV-19 | Testing for Server-Side Request Forgery | ||
| WSTG-ERRH | Error Handling | ||
| WSTG-ERRH-01 | Testing for Improper Error Handling | ||
| WSTG-ERRH-02 | Testing for Stack Traces | ||
| WSTG-CRYP | Cryptography | ||
| WSTG-CRYP-01 | Testing for Weak Transport Layer Security | ||
| WSTG-CRYP-02 | Testing for Padding Oracle | ||
| WSTG-CRYP-03 | Testing for Sensitive Information Sent Via Unencrypted Channels | ||
| WSTG-CRYP-04 | Testing for Weak Encryption | ||
| WSTG-BUSLOGIC | Business Logic Testing | ||
| WSTG-BUSL-01 | Test Business Logic Data Validation | ||
| WSTG-BUSL-02 | Test Ability to Forge Requests | ||
| WSTG-BUSL-03 | Test Integrity Checks | ||
| WSTG-BUSL-04 | Test for Process Timing | ||
| WSTG-BUSL-05 | Test Number of Times a Function Can Be Used Limits | ||
| WSTG-BUSL-06 | Testing for the Circumvention of Work Flows | ||
| WSTG-BUSL-07 | Test Defenses Against Application Misuse | ||
| WSTG-BUSL-08 | Test Upload of Unexpected File Types | ||
| WSTG-BUSL-09 | Test Upload of Malicious Files | ||
| WSTG-CLIENT | Client-side Testing | ||
| WSTG-CLNT-01 | Testing for DOM Based Cross Site Scripting | ||
| WSTG-CLNT-02 | Testing for JavaScript Execution | ||
| WSTG-CLNT-03 | Testing for HTML Injection | ||
| WSTG-CLNT-04 | Testing for Client-Side URL Redirect | ||
| WSTG-CLNT-05 | Testing for CSS Injection | ||
| WSTG-CLNT-06 | Testing for Client-Side Resource Manipulation | ||
| WSTG-CLNT-07 | Test Cross Origin Resource Sharing | ||
| WSTG-CLNT-08 | Testing for Cross Site Flashing | ||
| WSTG-CLNT-09 | Testing for Clickjacking | ||
| WSTG-CLNT-10 | Testing WebSockets | ||
| WSTG-CLNT-11 | Test Web Messaging | ||
| WSTG-CLNT-12 | Test Browser Storage | ||
| WSTG-CLNT-13 | Testing for Cross Site Script Inclusion | ||
| WSTG-APIT | API Testing | ||
| WSTG-APIT-01 | Testing GraphQL |