Pen-testing or penetration testing is an exercise embraced to differentiate and take advantage of all the possible weaknesses in a system or network. It certifies the reasonability or deficiency of the security endeavours which have been executed. Our manuscript shows an outline of pen testing. We examine all systems, the advantages, and respective procedure of pen testing. The technique of pen testing incorporates following stages: Planning of the tests, endlessly tests investigation. The testing stage includes the following steps: Weakness investigation, data gathering and weakness exploitation. This manuscript furthermore shows the application of this procedure to direct pen testing on the model of the web applications.