I currently have to perform a security evaluation of a web site. The server itself (OS) and the network are not in the scope because my client has no power over them. However, they can change the web server configuration and since they're the ones developing the web application, they can modify it.
So, my task is to do a security evaluation of the web application and the web server. Where do I start?
I have completed the reconnaissance phase. I suspect some XSS and SQL Injection vulnerabilities. But if I really want to do a good job and produce a very complete report, with the ad-hoc way I am doing this, I am afraid of missing some stuff...
I have looked a 3 books on the subject and browsed the OWASP web site, but I just can't seem to find a good methodology for pentesting web apps.