\babel@toc {portuguese}{}\relax 
\contentsline {section}{\numberline {1}Introduction}{3}{section.1}%
\contentsline {section}{\numberline {2}Architecture Considered for Both Stages}{3}{section.2}%
\contentsline {subsection}{\numberline {2.1}Network structure}{3}{subsection.2.1}%
\contentsline {subsection}{\numberline {2.2}Servers}{3}{subsection.2.2}%
\contentsline {subsection}{\numberline {2.3}Services}{3}{subsection.2.3}%
\contentsline {section}{\numberline {3}Web application security testing}{4}{section.3}%
\contentsline {subsection}{\numberline {3.1}Information Gathering}{4}{subsection.3.1}%
\contentsline {subsection}{\numberline {3.2}Configuration and Deployment Management Testing}{4}{subsection.3.2}%
\contentsline {subsection}{\numberline {3.3}Identity Management Testing}{5}{subsection.3.3}%
\contentsline {subsection}{\numberline {3.4}Authentication Testing}{7}{subsection.3.4}%
\contentsline {subsection}{\numberline {3.5}Authorization Testing}{7}{subsection.3.5}%
\contentsline {subsection}{\numberline {3.6}Session Management Testing}{7}{subsection.3.6}%
\contentsline {subsection}{\numberline {3.7}Input Validation Testing}{7}{subsection.3.7}%
\contentsline {subsubsection}{\numberline {3.7.1}Testing for SQL Injection}{8}{subsubsection.3.7.1}%
\contentsline {subsection}{\numberline {3.8}Testing for Error Handling}{8}{subsection.3.8}%
\contentsline {subsection}{\numberline {3.9}Client Side Testing}{9}{subsection.3.9}%
\contentsline {section}{\numberline {4}Web Application Security Firewall}{10}{section.4}%
\contentsline {subsection}{\numberline {4.1}Information Gathering}{10}{subsection.4.1}%
\contentsline {subsection}{\numberline {4.2}Configuration and Deployment Management Testing}{10}{subsection.4.2}%
\contentsline {subsection}{\numberline {4.3}Identity Management Testing}{10}{subsection.4.3}%
\contentsline {subsection}{\numberline {4.4}Authentication Testing}{10}{subsection.4.4}%
\contentsline {subsection}{\numberline {4.5}Authorization Testing}{10}{subsection.4.5}%
\contentsline {subsection}{\numberline {4.6}Session Management Testing}{10}{subsection.4.6}%
\contentsline {subsection}{\numberline {4.7}Input Validation Testing}{10}{subsection.4.7}%
\contentsline {subsection}{\numberline {4.8}Testing for Error Handling}{10}{subsection.4.8}%
\contentsline {subsection}{\numberline {4.9}Client Side Testing}{10}{subsection.4.9}%
\contentsline {section}{\numberline {5}Conclusions}{10}{section.5}%