A comprehensive Web testing product that improves the functionality, security, performance, reliability, accessibility, and presentation of a Web application. To verify functionality, WebKing allows users to record critical user click paths by following them in a browser, then it automatically configures and executes functional/regression tests that verify paths and page contents while ignoring insignificant differences. To verify security, WebKing automates security static analysis and penetration testing to determine whether the application is vulnerable to many common and devastating types of Web security attacks and to verify that the organization’s security policy is implemented and operating properly. To verify how the application handles realistic traffic levels, patterns, and combinations, WebKing provides intelligent virtual users and sophisticated ready-to-run load test scenarios. To verify that the application's front end is constructed properly, WebKing's static analysis identifies client-side code that does not comply with development rules known to prevent functionality, security, presentation, and portability problems, pages that do not comply with project/organizational branding, content, and design rules, pages that do not comply with Section 508 accessibility rules, and pages with broken links, XML problems, and spelling errors.