Software Testing Types:

Black box testing – Internal system design is not considered in this type of testing. Tests are based on   requirements and functionality.

White box testing – This testing is based on knowledge of the internal logic of an application’s code. Also known as Glass box Testing. Internal software and code working should be known for this type of testing. Tests are based on coverage of code statements, branches, paths, conditions.

Unit testing – Testing of individual software components or modules. Typically done by the programmer and not by testers, as it requires detailed knowledge of the internal program design and code. may require developing test driver modules or test harnesses.

Incremental integration testing – Bottom up approach for testing i.e continuous testing of an application as new functionality is added; Application functionality and modules should be independent enough to test separately. done by programmers or by testers.

Integration testing – Testing of integrated modules to verify combined functionality after integration. Modules are typically code modules, individual applications, client and server applications on a network, etc. This type of testing is especially relevant to client/server and distributed systems.

Functional testing – This type of testing ignores the internal parts and focus on the output is as per requirement or not. Black-box type testing geared to functional requirements of an application.

System testing – Entire system is tested as per the requirements. Black-box type testing that is based on overall requirements specifications, covers all combined parts of a system.

End-to-end testing – Similar to system testing, involves testing of a complete application environment in a situation that mimics real-world use, such as interacting with a database, using network communications, or interacting with other hardware, applications, or systems if appropriate.

Sanity testing - Testing to determine if a new software version is performing well enough to accept it for a major testing effort. If application is crashing for initial use then system is not stable enough for further testing and build or application is assigned to fix.

Regression testing – Testing the application as a whole for the modification in any module or functionality. Difficult to cover all the system in regression testing so typically automation tools are used for these testing types.

Acceptance testing -Normally this type of testing is done to verify if system meets the customer specified requirements. User or customer do this testing to determine whether to accept application.

Load testing – Its a performance testing to check system behavior under load. Testing an application under heavy loads, such as testing of a web site under a range of loads to determine at what point the system’s response time degrades or fails.

Stress testing – System is stressed beyond its specifications to check how and when it fails. Performed under heavy load like putting large number beyond storage capacity, complex database queries, continuous input to system or database load.

Performance testing – Term often used interchangeably with ‘stress’ and ‘load’ testing. To check whether system meets performance requirements. Used different performance and load tools to do this.

Usability testing – User-friendliness check. Application flow is tested, Can new user understand the application easily, Proper help documented whenever user stuck at any point. Basically system navigation is checked in this testing.

Install/uninstall testing - Tested for full, partial, or upgrade install/uninstall processes on different operating systems under different hardware, software environment.

Recovery testing – Testing how well a system recovers from crashes, hardware failures, or other catastrophic problems.

Security testing – Can system be penetrated by any hacking way. Testing how well the system protects against unauthorized internal or external access. Checked if system, database is safe from external attacks.

Compatibility testing – Testing how well software performs in a particular hardware/software/operating system/network environment and different combination s of above.

Comparison testing – Comparison of product strengths and weaknesses with previous versions or other similar products.

Alpha testing – In house virtual user environment can be created for this type of testing. Testing is done at the end of development. Still minor design changes may be made as a result of such testing.

Beta testing – Testing typically done by end-users or others. Final testing before releasing application for commercial purpose.



Posted by at No comments:

A list of commonly used selenium commands

open

Opens an URL in the test frame. This accepts both relative and absolute URLs.
The "open" command waits for the page to load before proceeding, ie. the "AndWait" suffix is implicit.
Note: The URL must be on the same domain as the runner HTML due to security restrictions in the browser (Same Origin Policy).
If you need to open an URL on another domain, use the Selenium Server to start a new browser session on that domain.

To open the login page for this URL http://selenium-training.israelekpo.com/login.php

The base url is http://selenium-training.israelekpo.com/ and your target is /login.php

This is used to navigate to a specific Page or URL


verifyLocation

Verifies that we have navigated to a particular URL

This can be used in a step such as

Then I will navigate to Target Page


type

The target is the CSS selector for the element
The value is the value you wish to enter in the input field

Sets the value of an input field, as though you typed it in.

click

Clicks on a link, button, checkbox or radio button.

If the click action causes a new page to load (like a link usually does), call waitForPageToLoad.

clickAndWait

Clicks on a link, button, checkbox or radio button and waits for the page to load

check

Checks a radio button or checkbox

verifyVisible

Returns true if the specified element is visible, false otherwise

Determines if the specified element is visible.

An element can be rendered invisible by setting the CSS "visibility" property to "hidden", or the "display" property to "none",

either for the element itself or one if its ancestors. This method will fail if the element is not present.

verifyNotVisible
Returns true if the specified element is not visible, false otherwise.

The element must be present in the HTML document but not visible.

verifyElementPresent

Verifies that the specified element is somewhere on the page even if it is not visible.

verifyElementNotPresent

Verifies that the element is not present any where in the HTML document.
      


A complete list of selenium commands are available here  .
Posted by at No comments:

Some Useful Selenium IDE Plugins

Selenium IDE can be extended through its own plugin system. Here are a number of plugins that have been created using it. 

1. ScreenShot on Fail
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:February 20, 2012
Version:1.5
This plugin for Selenium-IDE automatically takes a screen-shot when a command fails while running the test suite. More info.
2. Favorites
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:April 7, 2011
Version:1.14
This plugin for Selenium-IDE gives you a way to mark your favorite test suites and open and execute them with a SINGLE click. More info.
3. Page Coverage
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:January 16, 2012
Version:1.7
This plugin for Selenium-IDE generates page coverage reports highlighting areas of a web page touched by the Selenese test cases / test suites. More info.
4. Test Results
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:October 8, 2011
Version:1.10
This plugin for Selenium-IDE saves the results of the test execution for the test suite and included test cases with a single click. It also allows you to export the test results for individual test cases.More info.
5. Implicit Wait
Links:Download - Support
Author:Florent Breheret
License:Apache 2
Released:February 20, 2012
Version:1.0.20
This plugin allows Selenium IDE to automatically wait until the element is found before executing each command using a locator. It is equivalent to the implicit wait function available with Selenium 2 WebDrivers. It avoids having to insert waitForElementPresent before click, type, select..., and provides a command to deal with AJAX processing status. For ore information, see the project page.
6. Perl Formatters
Links:Download - Support
Author:Nate Broderick
License:Apache 2
Released:January 3, 2012
Version:1.0.3
A plugin for Selenium-IDE that bundles the Perl formatters that used to be included in Se-IDE.
7. PHP Formatters
Links:Download - Support
Author:Dan Chan
License:Apache 2
Released:October 12, 2011
Version:1.3.0
A plugin for Selenium-IDE that bundles the PHP formatters that used to be included in Se-IDE.
8. Play! framework
Links:Download - Support
Author:Manuel Bernhardt
License:Apache 2
Released:June 28, 2011
Version:1.3
A plugin for Selenium-IDE that adds support for the simplified markup used by the Play! framework.
9. Highlight Elements
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:August 3, 2010
Version:1.2
This plugin for Selenium-IDE highlights elements specified in the Selenese commands on the web page as the test case is executed. Once this plugin is installed, a Highlight elements button will be available on the Selenium-IDE main window and Sidebar. More info.
10. Test Suite Batch Converter
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:January 13, 2011
Version:1.5
A plugin for Selenium-IDE to convert one or more test suites, including their test cases, from the html format to any other format supported by the Selenium-IDE. More info.
11. Selenium Expert
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:May 3, 2011
Version:0.2
This plugin is my attempt to bring the wonderful world of inspections, tips, hints, fixes and refactoring to Selenese! The Selenium Expert goes through your selenium test cases suggesting improvements, giving tips and even lets you apply them with a single click. Recently, Selenium IDE has brought a some improvements that will break some test scripts. The good news is that most of the essential breaking changes introduced in Selenium IDE 1.0.10 have been incorporated into the Selenium Expert. This should make your migration task a few clicks affair. More info.
12. Power Debugger
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:November 15, 2010
Version:1.0
This plugin for Selenium-IDE improves debugging and troubleshooting issues with scripts. This plugin adds the pause on fail tool to the Selenium IDE toolbar. When pause on fail is turned on, Selenium IDE would pause the execution of the test case when there is an error or a command failure, allowing you to troubleshoot the problem. More info.
13. Flex Pilot X
Links:Download - Support
Author:Adam Christian
License:Apache 2
Released:August 28, 2010
Version:0.8.0
A Selenium IDE plugin for integrating with Flex-Pilot, for Flex automation. More info.
14. File Logging
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:August 18, 2010
Version:1.7
This plugin for Selenium-IDE saves log messages to a file in real time at a user selectable log level. Once this plugin is installed, a FileLogging tab will be added to the options dialog and a FileLogging menu will be added to the log pane. More info.
15. Log Search Bar
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:August 2, 2010
Version:1.1
A plugin for Selenium-IDE to show a find toolbar in the log pane making it easy to search the displayed log messages. Once this plugin is installed, the log pane will be changed to contain the find toolbar similar to the one found in the Firefox browser. More info.
16. Stored Variables Viewer
Links:Download - Support
Author:Samit Badle
License:Unknown/Free
Released:September 28, 2010
Version:1.3
A plugin for Selenium-IDE to view the stored variables within Selenium IDE. Stored variables are created using the store, storeText, storeExpression and other similar store* commands. This plugin allows you to view these variables when the test is running. More info.
17. Grails Formatters
Links:Download - Support
Author:Robert Fletcher
License:Unknown/Free
Released:June 15, 2010
Version:1.0
Adds Grails Formatters. More info.
18. FlexMonkium
Links:Download - Support
Author:Gorrila Logic
License:GPL
Released:January 6, 2011
Version:4.1.5
A plugin that adds Adobe Flex recording and playback to Selenium via the popular FlexMonkey open source testing framework. With FlexMonkium, Flex recording and playback is seamlessly interleaved with native Selenium recording and playback so you can easily automate the testing of hybrid web applications that mix html and Javascript with Flex. In addition to creating and running Flex tests inside the Selenium IDE, you can export your hybrid testing scripts as JUnit 4 tests that run with Selenium-RC to easily enable automated testing and continuous integration.
19. Flow Control
Links:Download - Support
Author:Dave Hunt
License:Apache
Released:February 24, 2010
Version:1.0.3
Incorporates the flow control extension available here and here.
20. WebDriver Backed Formatters
Links:Download - Support
Author:Dave Hunt
License:Mozilla Public License
Released:July 7, 2011
Version:1.0.4
Adds WebDriver backed Selenium formatters, which allows users to take advantage of WebDriver without having to modify their tests to use the new API.
21. Separated Values Formatter
Links:Download - Support
Author:Dave Hunt
License:Apache
Released:February 21, 2011
Version:1.0.0
Adds a simple reversible formatter to Selenium IDE. Useful for sharing test commands via copy/paste.
Posted by at No comments:

Selenium IDE Installation

 


Introduction

The Selenium-IDE (Integrated Development Environment) is the tool you use to develop your Selenium test cases. It’s an easy-to-use Firefox plug-in and is generally the most efficient way to develop test cases.

You can download selenium from there  selenium download .

When downloading from Firefox, you’ll be get the following window.

_images/chapt3_img02_IDE_Installation.png
                    ---> Select Install Now. 

The Firefox Add-ons window pops up, first showing a progress bar, and when the download is complete, displays the following.

_images/chapt3_img03_IDE_Installation.png
               ---> Restart Firefox.

 After Firefox reboots you will find the Selenium-IDE listed under the Firefox Tools menu.

_images/chapt3_img04_IDE_Installation.png

Installing the IDE


Using Firefox, first, download the IDE from the SeleniumHQ downloads page
Firefox will protect you from installing add-ons from unfamiliar locations, so you will need to click ‘Allow’ to proceed with the installation, as shown in the following screenshot.

_images/chapt3_img01_IDE_Installation.png

Opening the IDE



To run the Selenium-IDE, simply select it from the Firefox Tools menu. It opens as follows with an empty script


_images/chapt3_img05_IDE_open.png




Now you have successfully complete the selenium IDE installation
Posted by at No comments:

Rational Robot : A Test Automation Tool


What is Rational Robot ?

  • Rational Robot is a complete set of components for automating the testing of Microsoft Windows client or server and internal application 
  • Rational Robot is an automated functional regression testing tool.

Automated Functional Regression Testing 

  • Functional Test : Functional Tests are designed to make sure that the application performs are it was intended.
  • Regression Test : A Regression Test is a test where an application is subjected to a suite of functional tests at each build to ensure that everything that worked continues to work

Components of Rational Robot

  • Rational Administrator : Create and manage Rational projects to store your testing information .
  • Rational Test Manager : Review and analyze test result .
  • Object Properties :  View and analyze the results of verification point 
  • Rational Site Check : Manage internet and website .


Posted by at No comments:

THE V-MODEL OF SOFTWARE TESTING

Software testing is too  important to leave to the end of the project, and the V-Model of testing incorporates testing into
the entire software development life cycle.  In a diagram of the V-Model, the V proceeds down and then up, from
left to right depicting the basic sequence of development and testing activities. The model highlights the
existence of different levels of testing and depicts the way each relates to a different development phase.
Like any model, the V-Model has detractors and arguably has deficiencies and alternatives but it clearly illustrates that
testing can and should start at the very beginning of the project.  (See Goldsmith for a summary of the pros and cons
and an alternative.  Marrik’s articles provide criticism and an alternative.)  In the requirements gathering stage the
business requirements can verify and validate the business case used to justify the project.  The business
requirements are also used to guide the user acceptance testing.   The model illustrates how each subsequent phase
should verify and validate work done in the previous phase, and how work done during development is used to guide
the individual testing phases.  This interconnectedness lets us identify important errors, omissions, and other
problems before they can do serious harm.  Application testing begins with Unit Testing, and in the section titled

  " Types of Tests ” we will discuss each of these test phases in more detail.


Posted by at No comments:

How to Test Web Applications against SQL Injection Attacks


Security testing of web applications against SQL Injection, explained with simple examples – By Inder P Singh.
Many applications use some type of a database. An application under test might have a user interface that accepts user input that is used to perform the following tasks:
1: Show the relevant stored data to the user eg: the application checks the credentials of the user using the log in information entered by the user and exposes only the relevant functionally and data to the user .
Many applications use some type of a database.

 An application under test might have a user interface that accepts user input that is used to perform the following tasks:
2: Save the data entered by the user to the database e.g. once the user fills up a form and submits it, the application proceeds to save the data to the database; this data is then made available to the user in the same session as well as in subsequent sessions
Some of the user inputs might be used in framing SQL statements that are then executed by the application on the database. It is possible for an application NOT to handle the inputs given by the user properly. If this is the case, a malicious user could provide unexpected inputs to the application that are then used to frame and execute SQL statements on the database. This is called SQL injection. The consequences of such an action could be alarming.

The following things might result from SQL injection:

1. The user could log in to the application as another user, even as an administrator.
2. The user could view private information belonging to other users e.g. details of other users’ profiles, their transaction details etc.
3. The user could change application configuration information and the data of the other users.
4. The user could modify the structure of the database; even delete tables in the application database.
5. The user could take control of the database server and execute commands on it at will.
Since the consequences of allowing the SQL injection technique could be severe, it follows that SQL injection should be tested during the security testing of an application. Now with an overview of the SQL injection technique, let us understand a few practical examples of SQL injection.
Important: The SQL injection problem should be tested only in the test environment.
If the application has a log in page, it is possible that the application uses a dynamic SQL such as statement below. This statement is expected to return at least a single row with the user details from the Users table as the result set when there is a row with the user name and password entered in the SQL statement.
SELECT * FROM Users WHERE User_Name = ‘” & strUserName & “‘ AND Password = ‘” & strPassword & “’;
If the tester would enter Babu as the strUserName (in the textbox for user name) and 123456  as strPassword (in the textbox for password), the above SQL statement would become:
SELECT * FROM Users WHERE User_Name = ‘Babu’ AND Password = '123456 ’;
If the tester would enter Babu’– as strUserName and no strPassword, the SQL statement would become:
SELECT * FROM Users WHERE User_Name = ‘Babu’– AND Password = ‘’;
Note that the part of the SQL statement after John is turned into a comment. If there were any user with the user name of Babu in the Users table, the application could allow the tester to log in as the user Babu. The tester could now view the private information of the user Babu.
What if the tester does not know the name of any existing user of the application? In such a case, the tester could try common user names like admin, administrator and sysadmin. If none of these users exist in the database, the tester could enter Babu’ or ‘x’=’x' as strUserName and 123456  or ‘x’=’x'  as strPassword. This would cause the SQL statement to become like the one below.
SELECT * FROM Users WHERE User_Name = ‘Babu’ or ‘x’='x’ AND Password = ‘123456’ or ‘x’=’x’;
Since ‘x’=’x’ condition is always true, the result set would consist of all the rows in the Users table. The application could allow the tester to log in as the first user in the Users table.
Important: The tester should request the database administrator or the developer to copy the table in question before attempting the following SQL injection.
If the tester would enter Babu’; DROP table users_details;’—as strUserName and anything as strPassword, the SQL statement would become like the one below.
SELECT * FROM Users WHERE User_Name = ‘Babu’; DROP table users_details;’ –‘ AND Password = '123456’;
This statement could cause the table “users_details” to be permanently deleted from the database.
Though the above examples deal with using the SQL injection technique only the log in page, the tester should test this technique on all the pages of the application that accept user input in textual format e.g. search pages, feedback pages etc.
SQL injection might be possible in applications that use SSL. Even a firewall might not be able to protect the application against the SQL injection technique.
I have tried to explain the SQL injection technique in a simple form. I would like to re-iterate that SQL injection should be tested only in a test environment and not in the development environment, production environment or any other environment. Instead of manually testing whether the application is vulnerable to SQL injection or not, one could use a web vulnerability scanner that checks for SQL injection.
Posted by at No comments:
Subscribe to: Posts (Atom)