Generalized test cases for security testing web applications


  • Can any body share the test cases used for security testing of web applications. Like to test XSS vulnerability one should perform the below test:

    Enter the string: "<script>alert('hello')</script>"  in the text  box and submit to the SERVER, If the server responds back with a pop-up box that says "hello", then the Web site is vulnerable to cross site scripting

    A similar suggestion is given by Rashmi at so if Rashmi or any one can share an exhaustive list then that would really help. 

    somen das
    Friday, July 22, 2011 8:18 AM