Open Web Application Security Project (OWASP) is a worldwide not-for-profit charitable organization focused on improving the security of software. There mission is to make software security visible, so that individual and organizations are able to make informed decisions.
For the security and pen testing you can use the owasp extensions SQL Injection and XSS scripting for the quick result. Moreover in detail you may visit the website for in depth information. It provides the cheatsheet that helps in the security testing of any application