pentest-config-hardening

Purpose Shannon checks only 2 of 14 WSTG-CONF items. The remaining 12 are "low-hanging fruit" findings expected in every professional pentest report — straightforward to test systematically.

| WSTG-CONF-02 | Test Application Platform Configuration | ✅ | | WSTG-CONF-03 | Test File Extensions Handling | ✅ | | WSTG-CONF-04 | Review Old Backup and Unreferenced Files | ✅ | | WSTG-CONF-05 | Enumerate Infrastructure and Admin Interfaces | ✅ | | WSTG-CONF-06 | Test HTTP Methods | ✅ | | WSTG-CONF-07 | Test HTTP Strict Transport Security | ✅ |

| WSTG-CONF-08 | Test RIA Cross Domain Policy | ✅ | | WSTG-CONF-09 | Test File Permission | ✅ | | WSTG-CONF-11 | Test Cloud Storage | ✅ | | WSTG-CONF-12 | Test Content Security Policy | ✅ | | WSTG-CONF-13 | Test for Subdomain Takeover | ✅ | | WSTG-CONF-14 | Test Security Headers | ✅ |