Follow a standard testing methodology


Download a standard testing methodology
or import and use your own.

Web Application Hacker's Handbook Checklist

Straight from the webapp security bible, this is a checklist of the tasks you typically need to perform when carrying out a comprehensive attack against a web application.

References

The Web Application Hacker's Handbook website

Published by: Out team.

OSSTMM v3

Follow the Open Source Security Testing Methodology Manual in your projects.

Reference

OSSTMM

Published by: Kevin Stagat

SANS SWAT checklist

The SWAT Checklist from SANS Securing the App is meant to be the first step toward building a base of secure knowledge around web application security.

References

Securing Web Application Technologies [SWAT] Checklist SANS SWAT poster (.pdf)

Published by: Out team.

OWASP Top 10 - 2013 rc

Featuring the latest OWASP Top 10 release candidate list.

References

OWASP Top 10 2013

Published by: Out team.

OWASP web testing

A bit of everything, from information gathering to card payments and HTML 5.

References

OWASP: Web Application Security Testing Cheat Sheet

Published by: ScotSTS