The steps to testing banking website security are :
1. First test for the URL of that bank - It should not be opened by copy and paste. 2. Check for the response time of the website after hitting the URL. 3. Check for the speed and time required to open the home page of the banking website. 4. Go for GUI testing. 5. Test the validity for the user id and password field or account no. and password fields 6. Test for the security testing of authorised user. 7. Test with invalid userid/account no. and password field It should not be accessable.
This much is only for the security purpose of the banking website. Rest u can test the whole functionality with valid/invalid inputs.
RE: Any one tell me how to test banking website securi...
To test any web application security you need to fallow the guidelines provided by OWSAP(open web application security project) not only banking any webapplication.
According to OWSAP if a webapplication not contain these flaws then that application is secure.
1.Cross site scripitng 2.SQL injection 3.Broken Authentication and Session Management 4.Broken access control 5.Buffer overflow 6.Unvalidated Input 7.Improper Error Handling 8.Insecure storage 9.Application Denial of Service 10.Insecure Configuration Management
