OWASP-Web-App-Pentesting-checklists

The checklists include about 91 security controls under the following categories

Information Gathering, Configuration and Deployment Management Testing, Identity Management Testing, Authentication Testing, Authorization Testing, Session Management Testing, Input Validation Testing, Error Handling, Cryptography, Business Logic Testing, Client Side Testing