OWASP - Web Application Penetration Testing Tree

Web Application Penetration Testing by OWASP
Information Gathering	Testing: Spiders, robots, and Crawlers
	Search engine discovery/Reconnaissance
	Identify application entry points
	Testing for Web Application Fingerprint
	Application Discovery
	Analysis of Error Codes
Configuration Management Testing	SSL/TLS Testing
	DB Listener Testing
	Infrastructure configuration management testing
	Application configuration management testing
	Testing for File extensions handling
	Old, backup and unreferenced files
	Infrastructure and Application Admin Interfaces
	Testing for HTTP Methods and XST
Authentication Testing	Credentials transport over an encrypted channel
	Testing for user enumeration
	Default or guessable (dictionary) user account
	Testing For Brute Force
	Testing for Bypassing authentication schema
	Testing for Vulnerable remember password and pwd reset
	Testing for Logout and Browser Cache Management
	Testing for Captcha
	Testing for Multiple factors Authentication
	Testing for Race Conditions
Session Management Testing	Testing for Session Management Schema
	Testing for Cookies attributes
	Testing for Session Fixation
	Testing for Exposed Session Variables
	Testing for CSRF
Authorization testing	Testing for path traversal
	Testing for bypassing authorization schema
	Testing for Privilege Escalation
Business logic testing
Data Validation Testing	Testing for Reflected Cross Site Scripting
	Testing for Stored Cross Site Scripting
	Testing for DOM based Cross Site Scripting
	Testing for Cross Site Flashing
	SQL Injection
	LDAP Injection
	ORM Injection
	XML Injection
	SSI Injection
	XPath Injection
	IMAP/SMTP Injection
	Code Injection
	OS Commanding
	Buffer overflow Testing
	Incubated vulnerability testing
	Testing for HTTP Splitting/Smuggling
Denial of Service Testing	Testing for SQL Wildcard Attacks
	Locking Customer Accounts
	Buffer Overflows
	User Specified Object Allocation
	User Input as a Loop Counter
	Writing User Provided Data to Disk
	Failure to Release Resources
	Storing too Much Data in Session
Web Services Testing	WS Information Gathering
	Testing WSDL
	XML Structural Testing
	XML Content-level Testing
	HTTP GET parameters/REST Testing
	Naughty SOAP attachments
	Replay Testing
AJAX Testing	AJAX Vulnerabilities
	Testing For AJAX