Security Testing Wiki
Comprehensive checklists and methodologies for penetration testing engagements.
📂 Security Testing Categories
OWASP-based methodology for comprehensive web security assessments, including API security and business logic testing.
- Authentication & authorization testing
- Input validation & injection attacks
- API security assessment
- Business logic vulnerability identification
- Session management review
Android & iOS security testing checklists and methodologies for comprehensive app assessment.
- Android & iOS security analysis
- Static and dynamic testing
- API backend security review
- Data storage and encryption verification
- Reverse engineering and analysis
Active Directory and internal network assessment methodologies for lateral movement testing.
- Active Directory exploitation
- Lateral movement techniques
- Privilege escalation paths
- Post-exploitation persistence
- Domain and forest enumeration
Perimeter and external infrastructure testing methodologies for comprehensive exposure assessment.
- OSINT and reconnaissance
- External service enumeration
- Vulnerability identification
- Infrastructure mapping
- Data exposure discovery
Azure environment security assessment methodologies and security testing checklists.
- Azure AD and Entra ID assessment
- Storage and access management
- Identity and authentication review
- Misconfiguration detection
- Compliance and governance validation
System hardening and compliance review methodologies based on industry standards.
- CIS Benchmark assessment
- Security configuration review
- Patch management evaluation
- Policy compliance checking
- Hardening recommendations
Let's Connect
Have a project in mind or want to discuss cybersecurity? Let's talk!