This article gives an introduction to ethical hacking and web application penetration testing, and how it differs from for other types of penetration tests. We cover the basic principles of penetration testing and a simplified model for pentesting methodology. It will highlight key aspects of a high-quality security review, where the penetration test plays a big part, and the importance for developers to embrace a hacker's mindset (and vice-versa)
