. Web Security Audit is combination of Penetration Testing and Code Review Methodology.it is a process of evaluating the security of a Web system by simulating attacks and reviewing the code of the web application, the process involves an active analysis of the application for any technical flaws or vulnerabilities.