OWASP Web Security Testing Guide (WSTG)
Acronyms, Abbreviations, and Initialisms
|Short Form||Full Form|
|API||Application Programming Interface|
|OWASP||Open Web Application Security Project|
|WSTG||Web Security Testing Guide|
The Web Security Testing Guide (WSTG) is a comprehensive guide to testing the security of web applications and web services. Created by the collaborative efforts of cybersecurity professionals and dedicated volunteers, the WSTG provides a framework of best practices used by penetration testers and organizations all over the world.
- Information Gathering
- Configuration and Deployment Management Testing
- Identity Management Testing
- Authentication Testing
- Authorization Testing
- Session Management Testing
- Input Validation Testing
- Testing for Error Handling
- Testing for Weak Cryptography
- Business Logic Testing
- Client-side Testing
- API Testing
- The OWASP WSTG contains 12 methods of testing.
- The OWASP WSTG provides guidance for testing web applications and web services.