1 weeks ago
Thick Client Pentest Checklist
The thick-client (desktop app) checklist turned into a how-to-test field guide for .NET, Java, native and Electron apps: architect…
All Checklist articles
Checklist → All Checklist articles
1 weeks ago
Wireless Pentest Checklist
A Wi-Fi-focused wireless pentest checklist turned into a how-to-test field guide: survey and recon, WEP, WPA2-PSK (4-way handshake…
1 weeks ago
Container and Kubernetes Pentest Checklist
The container and Kubernetes checklist turned into a how-to-test field guide: image security and secrets in layers, Dockerfile/bui…
1 weeks ago
Secure Configuration and Hardening Review Checklist
A configuration / CIS hardening review turned into a how-to-check field guide: approach and benchmarking, accounts and authenticat…
1 weeks ago
Firewall Review Checklist
A proper firewall review, item by item: scope and config collection, rule-base review (any-any, shadowed/redundant/unused rules), …
1 weeks ago
AI / LLM Application Pentest Checklist
The OWASP LLM Top 10 (2025) turned into a how-to-test field guide for chatbots, RAG assistants and AI agents: prompt injection (di…
1 weeks ago
API Pentest Checklist
The OWASP API Top 10 turned into a how-to-test field guide: for every item — BOLA/BFLA, broken authentication and JWT, excessive d…
1 weeks ago
Cloud Pentest Checklist
The cloud-config checklist turned into a how-to-test field guide for AWS, GCP, Azure and OCI: recon, IAM, compute and instance-met…
1 weeks ago
Mobile App Pentest Checklist
The OWASP MASVS/MASTG checklist turned into a how-to-test field guide for Android and iOS: static prep, insecure storage, cryptogr…
1 weeks ago
Network Pentest Checklist
The internal + external network checklist turned into a how-to-test field guide: scoping and recon, host discovery, port scanning,…