<a href="http://www.owasp.org/index.php/OWASP_Testing_Guide_v3_Table_of_Contents">http://www.owasp.org/index.php/OWASP_Testing_Guide_v3_Table_of_Contents</a>
The following resources may be of interest:
<a href="http://www.isecom.org/mirror/OSSTMM_3.0_LITE.pdf">http://www.isecom.org/mirror/OSSTMM_3.0_LITE.pdf</a>
<a href="http://www.modsecurity.org/documentation/Web_Application_Firewalls_-_When_Are_They_Useful.pdf">http://www.modsecurity.org/documentation/Web_Application_Firewalls_-_When_Are_They_Useful.pdf</a>
<a href="http://www.metasploit.org/data/confs/blackhat2007/tactical_paper.pdf">http://www.metasploit.org/data/confs/blackhat2007/tactical_paper.pdf</a>
<a href="http://palisade.plynt.com/issues/2005May/reverse-proxy/">http://palisade.plynt.com/issues/2005May/reverse-proxy/</a>
<a href="http://www.ists.dartmouth.edu/docs/labtest.pdf">http://www.ists.dartmouth.edu/docs/labtest.pdf</a>
Also, these old threads may provide you with some additional ideas:
<a href="http://seclists.org/pen-test/2007/Jan/0042.html">http://seclists.org/pen-test/2007/Jan/0042.html</a>
<a href="http://seclists.org/pen-test/2007/Jan/0044.html">http://seclists.org/pen-test/2007/Jan/0044.html</a>
<a href="http://seclists.org/pen-test/2007/Jan/0076.html">http://seclists.org/pen-test/2007/Jan/0076.html</a>
<a href="http://seclists.org/pen-test/2007/Jan/0091.html">http://seclists.org/pen-test/2007/Jan/0091.html</a>
<a href="http://seclists.org/pen-test/2005/Mar/0118.html">http://seclists.org/pen-test/2005/Mar/0118.html</a>
<a href="http://seclists.org/pen-test/2005/Mar/0119.html">http://seclists.org/pen-test/2005/Mar/0119.html</a>
<a href="http://seclists.org/pen-test/2004/Dec/0000.html">http://seclists.org/pen-test/2004/Dec/0000.html</a>
<a href="http://seclists.org/pen-test/2002/Jun/0110.html">http://seclists.org/pen-test/2002/Jun/0110.html</a>
<a href="http://seclists.org/pen-test/2002/Jun/0116.html">http://seclists.org/pen-test/2002/Jun/0116.html</a>
![Xcode裡的Instruments工具:Leaks、Allocations、Time Profiler、Automation一、Leaks: 記憶體洩露檢測工具二、 Time Profiler:分析代碼的執行時間,找出導緻程式變慢的原因三、 Allocations:監測記憶體使用/配置設定情況四、 Automation:自動化測試,類似于Android的Monkey[圖]](data:image/gif;base64,R0lGODlhAQABAIAAAP///wAAACwAAAAAAQABAAACAkQBADs=)