Friday, December 11, 2015

QA Tools Part 1

QA has several testing tools at their disposal, we generally use tools to automate repetitive, monotonous tasks. We also use tools to quickly perform checks and validations which would take a human hours to do.

#1 Xenu

Xenu is a very fast and reliable link checker mainly used for finding out broken links. Large websites with deep links are a good target for Xenu. Its an open source tool so you can download it from here:

Best thing about Xenu besides it being free is that it has a simple interface and supports SSL websites. You can customize and ask Xenu to hit a list of URLs within minutes you will get results.

xenu reddit.PNG

# 2 Bug Magnet

Bug Magnet is  a nice Google Chrome extension, that will help you with your web exploratory testing. The extension is called Bug Magnet and is developed by Gojko Adzic.

Gojko describes his tool with the following text: “Bug Magnet provides convenient access to common problematic values and edge cases, so you can keep them handy and access them easily during exploratory testing sessions. Just right-click an input field!”
The tool provides the following features:

•    Lorems | Text in different charsets and languages
•    Text size | With or without white spaces
•    Names | Different names like NULL or Chloë Rømer
•    E-Mail addresses | Valid or non valid addresses
•    Numbers | Large numbers
•    Whitespace | Leading white spaces, tabs or newlines
•    Format exploits | SQL injection or broken HTML

It provides easy and useful test cases that you could check on every form and input field of a web application. It is also a very good reminder of things like white spaces, charsets and format exploits. However, the tool has two limitations. The first one is, that it is a Chrome Extension so it works only with Chrome. The second limitation is that it works on multi-frame pages but only if they are on the same web domain.

# 3 SQL Inject Me

An Add in for Firefox, SQL inject helps in testing Injection vulnerabilities. You can choose what tests you want to run and based on focus your attacks. Word of caution, you might not want to run this on your prod website.

SQL Inject.PNG

Will talk about more tools in my next post about QA tools. Please leave a comment if you have any questions/suggestions or any tools that you use and find them useful.

No comments:

Post a Comment