Security testing has become part and parcel of our life in this advanced era, it is needed to be applied everywhere in our life for a proper security in our life. The security breach might happen if there is less testing done. Lets see some of the checklists which will help us to do security testing



1.Authentication testing -

- Firstly , the tester has to check if the user has authenticated credentials      

  for valid username and password or not.

- The tester needs to check, if the user has an automated logout

  Functionality for the user being idle for a certain period of time.

-To test if the website holds the informations like password or any other 

  Important information of user after logging out which are not supposed

To be hold.

-To test if there is any weak security questions given which can be

  Answered by unauthorized users.

2.Denial of Service testing - 

- Send a large number of requests to check that the website is being

Crashed.

 -Perform manual source code testing and check the length of the large 

  Inputs create havoc or not.

3.Data Validation Testing - 

-To check whether the inputs are valid or not . 

-To perform SQL injection attack .

-To perform Xpath injection testing by faulty data.

-Perform XML injection testing to learn about the structure of XML.

4.Encrypt your data -   

- To check if the data is encrypted between the client and server.

- Data masking should be done and tested.

5.Identify Management Testing- 

  -Test Role Definitions.

-Test user registration process. 

-Test for account enumeration and guessable user accounts. 

As a security tester , the testers can use the above steps to do the security 

Testing and ensuring the websites are risk free.