Checklist

1. Use the application and monitor the requests for each function

2. Test for publicly disclosed bugs. Can search on:

   • https://huntdb.com/hackerone/
   • https://www.bugbountyhunting.com/

3. Test for those bugs after using the application thoroughly:

   • Client-side
     • XSS (including blind xss) 
     • CSRF
     • CORS
   • Server-side
     • IDOR/BAC
     • File uploads
     • File uploads for stored XSS & RCE
     • SSRF
     • SSTI
     • SQL Injection/NoSQL Injection
     • OS command injection
   • Auth
     • SAML
     • JWT
     • OAuth
     • User enum & brute force bypass
     • Bypass 2FA
     • Keep logged in
     • Change password
   • Misc
     • Business
     • Info disclosure
     • CVEs
     • Race condition

   4. Run scanners