Testing for HTTP verb tampering includes sending requests against the application using different HTTP methods and analyzing the response received. Testers need to determine whether a status code of 200 is returned for any of the verbs tested, indicating the web server allows requests of this verb type.