The purpose of this bachelor's thesis is to describe concept of testing e-commerce applications security. The first part is dedicated to theoretical level. There are definitions of basic terms connected with the topic of this thesis followed by description of penetration testing. At the end of the first part of this bachelor's thesis there is introduction to project OWASP (Open Web Application Security Project) and documentation project Top Ten which describes ten most critical web applications security risks. Second part of this thesis is dedicated to practical penetration testing of three chosen e-commerce products. There is introduction to procedure and method of conducted and by the OWASP method standardized tests. Final report is inclu...