1) Perform a security scan of a classic ASP web-application with approximately 100 pages.
The web-application should be tested against the OWASP Top 10 security threads.
The application needs logging in, so username/password will be provided.
2) Write a report with the findings of the tests.
3) In the report should be which pages or functions contain threads, and the reporter should also give a short advice on how to solve the security issues.
4) Our web-application developers will fix the problems (so fixing problems or programming is not in the scope of this project!)
5) After fixing, re-test the solved issues and update the report.
Purpose is to deliver a positive report to our customer, after we fixed the security issues.