Penetration Testing Checklist

## Web Application Penetration Testing Checklist > **Note:** This checklist is for overall functionality testing of a web application and does not include detailed testing of all potential vulnerabilities. The primary focus is on major security issues and general functionality and only applicable items will be tested.. #### Authentication - [ ] Test for default logins - [ ] Verify user-accessible authentication history - [ ] Test for authentication bypass - [ ] Check bruteforce protection mechanisms - [ ] Ensure password quality rules are enforced - [ ] Validate "remember me" functionality - [ ] Check if autocomplete is disabled on password forms/inputs - [ ] Test password reset and/or recovery processes - [ ] Verify password change process - [ ] Test CAPTCHA implementation - [ ] Check multi-factor authentication setup - [ ] Confirm logout functionality presence #### Session Management - [ ] Verify session tokens for cookie flags (httpOnly and secure) - [ ] Check session cookie scope (path and domain) - [ ] Ensure session cookie duration (expires and max-age) is set correctly - [ ] Confirm session termination after a maximum lifetime - [ ] Validate session termination after logout - [ ] Check if users can have multiple simultaneous sessions - [ ] Confirm that new session tokens are issued on login, role change, and logout #### CSRF and Clickjacking - [ ] Test for Cross-Site Request Forgery (CSRF) - [ ] Test for clickjacking vulnerabilities #### Authorization - [ ] Test for bypassing authorization schema - [ ] Check for privilege access control problems - [ ] Verify authorization is not missing #### Injection Attacks - [ ] Test for HTML Injection - [ ] Test for Reflected Cross-Site Scripting (XSS) - [ ] Test for DOM-based XSS - [ ] Test for Stored XSS - [ ] Test for SQL Injection #### Fingerprinting Web Server - [ ] Find the type of Web Server - [ ] Find the version details of the Web Server #### Review The Web Contents - [ ] Inspect the page source for sensitive info - [ ] Try to find Sensitive Javascript codes - [ ] Try to find any keys - [ ] Make sure the autocomplete is disabled #### Testing HTTP Methods - [ ] Discover the supported methods - [ ] Ensure the PUT method is disabled - [ ] Ensure the OPTIONS method is disabled - [ ] Test access control bypass #### File Handling - [ ] Ensure file size limits, upload frequency, and total file counts are defined and enforced ### Post-Testing Report At the end of testing, you will receive a comprehensive report detailing all vulnerabilities tested and identified in the web application. The report will include: - **Bug Name:** The name of the identified vulnerability. - **Location:** Where the bug was found in the application. - **Severity:** The severity level of the bug. - **Video POC:** Proof of Concept video demonstrating the vulnerability. - **Mitigation Steps:** Recommendations on how to fix or mitigate the identified vulnerability. This checklist aims to cover most major security issues and overall functionality without diving deeply into specific vulnerabilities.