This document provides an overview of web application testing, including: - A brief history of web applications and how they have evolved from simple forms to complex multi-tier frameworks. - The main techniques for testing web applications, such as manual testing, threat modeling, source code review, and penetration testing. - Where in the software development lifecycle different test techniques should be applied. - Tips for optimizing web applications to improve performance and speed up testing. - An introduction to free web testing tools and the Open Web Application Security Project (OWASP), an organization dedicated to improving web application security.

1. Cost Effective Web Application Testing Hari Pudipeddi www.harinathpv.com harinath@dazasya.in

3. What are Web Applications?

6. Architecture of Web Application

10. Test Effort in SDLC Test Effort in Test Technique

14. OWASP Body of Knowledge Core Application Security Knowledge Base Acquiring and Building Secure Applications Verifying Application Security Managing Application Security Application Security Tools AppSec Education and CBT Research to Secure New Technologies Principles Threat Agents, Attacks, Vulnerabilities, Impacts, and Countermeasures OWASP Foundation 501c3 OWASP Community Platform (wiki, forums, mailing lists) Projects Chapters AppSec Conferences Guide to Building Secure Web Applications and Web Services Guide to Application Security Testing and Guide to Application Security Code Review Tools for Scanning, Testing, Simulating, and Reporting Web Application Security Issues Web Based Learning Environment and Guide for Learning Application Security Guidance and Tools for Measuring and Managing Application Security Research Projects to Figure Out How to Secure the Use of New Technologies (like Ajax)

15. Thank You