I am defect. For some people I am a mild inconvenience and for some I am their worst nightmare, probably a life threatening nightmare. For many years, people like you have treated me as a hunting target and treated me as a non-living entity - without any emotion, say or dreams. Till now, I kept my silence but now I had it enough. TestingGeek has allowed me to tell my story to the world, to tell you truth about me and my feelings.
You call me so many names (And all of them are bad BTW), but do you know anything at all about me? Do you know where I lived before you forced me to live in your code - to be found, discussed, killed, ignored and humiliated? People tell me so many things, but do you realize reasons for my existent? I know I am not desired, I know I am not welcomed and to be honest, I do not want to come anywhere near your (sometime dirty) code, requirements etc. But you force me to live in your requirements, code, network and so many unimaginable places because of your misunderstandings, lack of knowledge or plain sloppiness some time.
Read more...
We have seen many discussions on why people came into software testing and why they still love to work as a tester. People have interesting reasons, for some people its creativity, for some people its challenges of automation, for some its relation to system thinking, domain expertise etc. All of these are good reasons to be in testing field and if you are in testing because of similar reasons, probably you are enjoying your work and may be exciting people around you about testing.
Unfortunately, over the years I have seen many people staying as tester because of wrong reasons as well. Following list is the collection of wrong reasons / motivation to be in software testing field and work as a tester. If you are in testing because one of these reasons, probably you need to find a good mentor, understand testing properly or change your field.
Last Updated ( Monday, 18 January 2010 12:02 )
Read more...
This article is written by Anamika Chowdhury from HCL. She can be contacted at Anamika.chowdhury@hcl.in A "cookie" is a small piece of information sent by a web server to store on a web browser so it can later be read back from that browser. This is useful for having the browser remember some specific information. These are small data files which act as unique identifiers and allow our site to remember a particular user. Cookies do not harm computer. Certain areas of our web site, such as our forums use cookies. Some times user’s personal information is stored in cookies and if someone hacks the cookie then hacker can get access to your personal information. Even corrupted cookies can be read by different domains and lead to security issues. This is why testing of website cookies is very important.
In this white paper, we will focus on basics of cookies world and also how to test the website cookies.
Last Updated ( Thursday, 15 October 2009 08:08 )
Read more...
Last week me (Anand Ramdeo - @testinggeek) and Nathan Bain (@nathanbain) gave presentation on our experience of working in Agile teams. In this presentation, I covered the processes we were following and tools we were using. I have given some information on how we were using tools like Selenium and Twill for automation. Nathan gave very nice presentation on ATDD (Acceptance Test Driven Development) and than moved to skills required to work in an Agile environment. In his presentation, Nathan also covered expected / ideal behaviour from everyone involved in the Agile team.
Last Updated ( Monday, 27 July 2009 12:06 )
Read more...
Recently I finished a three days training course on Rapid Software Testing with Michael Bolton in London UK. This course was very effective and had elements related to learning, questioning and thinking all along. It reinforced my belief that testing is not a ‘phase’ performed towards the end or a ‘100% automated suite’ as claimed by many Agile shops. Software testing is much more than that and it is extremely important for the successful delivery of any project. This was my first training course related to software testing and I was extremely happy with the outcome of this course. I have tried to capture my experience of this course in the following paragraphs.
Software testing is a relatively new field and has changed considerably in past few years. It is not taught in many universities and when I moved from development to testing in 2001, I was confused about it. I tried to learn from internet, books, forums and was not impressed with the information I got. I even did my certification (CSTE, if you are interested) but that wasn't very useful either. During that time, I came across many interesting theories / concepts and after working in the industry, I know they are not true, and are myths. Unfortunately, some of these myths are still in practice and widespread.
Myths in software testing has done this field more harm than good. In this post, I will explore popular software testing myths, why they are myths and what wrong these myths are doing to our profession?
Last Updated ( Monday, 15 June 2009 15:55 )
Read more...
Recently I did a small survey on testinggeek to find out whether testing community prefers opensource tools or commercial tools. After around one month, 81% participants voted for open source tools. I have been using open source testing tools for around four years now so I wasn't surprised with the result. But still, this result got me interested and made me think about why so many people prefer open source tools? What are / were the problems with vendor tools? How open source tools have affected testers and the way we work?
Last Updated ( Tuesday, 09 June 2009 13:42 )
Read more...
Firefox is one of the most important browser for testers working in web application domain. Specially, with all the add-ons around it, Firefox is certainly essential for testing web applications. Over a period of time, I have used plenty of add-ons to test various web applications. Following list of add-ons are extremely useful for testing web applications. There are add-ons useful for security testing, analyzing page source, accessibility, debugging and pretty much everything you need for web application testing. You can certainly enhance your productivity using some of these add-ons.
Read more...
This article was written by Anamika Chowdhury from HCL India. Application security issues are increasing threat now days. This is caused primarily by security bugs in an application's code. Application security vulnerabilities can allow a client to see another client's data. They can let hackers run queries on an application's back-end database, and possibly even take over the Web server itself. Most organizations leave the discovery of Web application security issues to a dedicated security team, which tests the applications before they go live. Fixing the found issues then requires those teams to push the issues back to developers to perform a full iteration of late code changes, resulting in very high costs to fix what are often the simplest security bugs.
Last Updated ( Monday, 23 March 2009 10:13 )
Read more...
Last month Komal Joshi and Patrick Martin presented @ GTAC 2008 conference in Seattle, USA. Google Test Automation Conference is one of the best conference for testing / automation and it was certainly a good experience for TestingGeek to present this at GTAC. This presentation will give you basic information on how simple tools like SVN, batch files and task schedulers can be used to create Continuous Integration for mature desktop applications.
There are some basic rules of thumb which will serve you well in testing any application that deals with lists of data (and which applications don't?). 1.1; few; many" 2."don't make any assumptions" 3."remember to mix it up a little" This case study covers a very interesting example of where following the rules of thumbs *exactly* paid dividends.
One of the key reasons for doing automated testing is to ensure that time is not spent on doing repetitive tasks which can be completed by tools without human intervention. Automation could be one of the most effective tools in your toolbox but it is not a silver bullet that will solve all the problems and improve quality. Automation tools are obedient servants, and as a tester we need to become their master and use them properly to realize their full potential. It is very important to understand that automation tools are only as good as we use them. Converting test cases from manual to automated is not the best use of automation tools. They can be used in much more effective ways.
Read more...
Introduction
This is the introductory article to a series of occasional articles related to testing, from the perspective of a developer. These articles are intended to pass on some simple techniques to help a QA team to debug and test application application builds.
In many instances these will be the kinds of technique that might also be used by developers during development or even for debugging customer issues.
Read more...
This is a very interesting real life example of a classic concurrency issue and very neatly illustrates the abstract process of fault finding a race condition. What makes it particularly interesting is that rather than involving high performance multi-threaded code it is in an automated user interface test. The Problem
A test developer is in the process of working on an automated TestComplete test which is part of a suite that is run on a number of benchmark virtual machines. He discovers he has an interesting problem: his test fails quite regularly with an odd error on his machine but works on the test virtual machines. In an even more confusing development, when he debugs the test script in the test tool IDE the bug does not reproduce.
Last Updated ( Friday, 06 February 2009 16:33 )
Read more...
Automation is an important aspect of software testing. Testers use different tools to automate their testing activities. The choice of tool would depend upon the type of application under test. There are different tools available in the market such as Rational Robot, Mercury Quick Test Pro , TestComplete and many more. Automation is done to make a testers life easy but automating itself is a challenging task. There are many problems faced while automating an application and a tester has to find a get around that problem.
|
Agile and Scrum are not alien to us anymore. Industry has embraced Scrum and Agile because of the value they provide. People have used Scrum in many ways and have modified it to suite their unique needs and project requirement. It is not rare to see task boards with many variant of columns, with stretched tasks, defects, burn down charts and so on. If you are not familiar with how requirements are managed in Agile / Scrum world, you might find this article on User Stories interesting.
Read more...
Bugs, Errors, Defects, Faults, Failures – All are indicators of customer dissatisfaction, especially when found in the production environment. With the increasing complexity of the software being developed, it is imperative to catch the high priority bugs before the application goes into production. The purpose of this article is to provide a practical approach of identifying test cases so as to catch maximum bugs before the product goes into production environment.
There are several suggested ways of designing test cases such as Boundary Value Analysis, Equivalence Partitioning, Error guessing (Intuition) etc. However in this article we would learn how test cases can be derived from bugs which have been identified in the existing software.
Read more...
Before actually starting off the testing, it is good to have optimum test cases in place which not only cover all the desired features but also are sufficient to detect good quality bugs. There are many design techniques for writing test case. One of the most popular among them is Equivalence Partitioning. It is a Black-box (Specification Based) Test Case Design Technique with two primary goals
Read more...
Automation is the buzzword in the entire QA spectrum. Firms in India and abroad have got a new outlook on how the QA efforts can be saved by automation. Some companies have begun to mature in this field and utilizing automation in most effective ways. For a list of myths related to Automation, read http://www.satisfice.com/articles/test_automation_snake_oil.pdf
It is important to educate the senior management about the expectations from Automation. Identifying what to automate and when to do it is as important as it is to plan the entire effort. Managing an automation project is similar to managing a software development project. The most critical part is to write maintainable scripts – scripts which can be reused across multiple releases of the same product with slight modification. That requires defining a set of guidelines before automation begins. Here are a few tips on how to get started with an Automation project:
Read more...
User story is one of the primary development artifact for the XP project teams. A user story contains just enough information so that development team can reasonably give estimate about completing, tester can discuss how it will validated and customer can see its value. One of the common question that we hear most of the time is, how user stories are different from use cases. User stories are much simpler than use cases. User stories are very easy to create, discuss and develop. They also do not contain any technical details. Typically good user stories are defined in the following format As a I would like to do so that
Software testing is essentially an exercise of continuous exploration, learning and questioning. This exercise becomes very interesting and challenging at times, when application under test is as complex as Maps. You must have used applications like Google Maps, Yahoo Maps etc. Primary use of these applications is to help users in finding route. As an input to these applications, user gives source and destination and based on this information, maps give them directions to reach from source to destination. You might think from the description that application is simple, but it has got numerous challenges.
As a tester you need to find out relevant queries and also quality of results produced by the system.
Read more...
In any real world scenario, not all users will do the same transaction. In order to simulate the same, the Performance Analyst must determine the mix of transactions/mix of browsers for every test that needs to be conducted. For ex: Some of your clients may be using IE and some may be using Mozilla
You need to have the data of % of usage. [Which you should collect during Requirement Collection]
Read more...
This article talks about the following areas in Performance testing. - Determine the type of Performance tests to be conducted
- Determine the transaction mix
- Methodology for Tool selection
- Considerations while scripting those transactions
The ‘take-away’ from this article would be all of the above and the risks and benefits of each type of Performance tests, which will help you understand the kind of tests that you need to conduct based on your Client’s specifications.
The scope of this article is limited to the need, approach for requirement collection and the steps involved for Performance Testing. We all know and understand that not “one-size-fits-all”. The approach discussed in this article predominantly fits in to most scenarios but is not limited to or the only process to go about. Introduction Performance is a "must have" feature. No matter how rich your product is functionally, if it fails to meet the performance expectations of your customer the product will be branded a failure. Application architectural design decisions may be greatly influenced by the importance placed by the customer on one or more specific requirements. Incorrect design decisions, made at the outset of a project as a result of invalid assumptions, may become impossible to remedy downstream. The goal of performance testing is not to find bugs, but to eliminate bottlenecks and establish a baseline for future regression testing.
Read more...
Software testers often automate some mundane tasks which increases their efficiency and add value to the project. This automation can be done using any automation tools or writing your own scripts. When a task is such that you need to access system information on windows, then one of the best candidate for automation is VBScript. It allows you to access the registry information and other system information easily. Using VBScript does not even require any application or framework for execution. The WSH (Windows Scripting Host) takes care of execution, which is installed by default on almost all Windows OS.
This is the last article in the web application security testing series. In the earlier articles we have seen many interesting vulnerabilities like SQL injection, Cross site scripting, vulnerabilities related to the environment and so on. If you have not gone through these articles, you might find it interesting to read them in out article section. In this part we will explore the security issues related to Authentication and Web Services. Authentication is the core of many web applications, since in the WWW world, we need to check connection from every client to make sure that it is not from a malicious user. Similarly Web services are common place these days, and most of the common applications that you use on daily basis, might be using web services. Threats associated with the web services are very much different from what we have already seen.
Read more...
In the earlier articles of this series, we have concentrated on errors or mistakes that should be avoided at the code level and importance of data validation at client side and again on server side. If you have not read earlier articles in this series, you might find it interesting to read earlier articles covering many concepts related to web application security testing. In this part we will establish the importance of securing our environment as well for providing complete security to web application. Web application is hosted in the environment, which is accessible from the out side world. Client interact with the server and database, if proper care is not taken vulnerabilities in the environment can be exploited and as a result security will be compromised. We will discuss, different vulnerabilities related to the environment on which web applications are hosted like stored procedures, command injection, fingerprinting and Denial Of Service.
Read more...
This article is fourth article in the series of web application security testing. In the first three articles, we have built the base by making you familiar with the difference in web application and client server application, how gathering data about the application is important and popular attacks like SQL injection, Cross site scripting and directory traversing. In this part we will explore how to attack server by exploiting the known limitations of language in which they are implemented. Broadly, we will cover buffer overflow, Canonicalization and Null strings related attacks.
Read more...
I hope that you have already read first two parts of this article and familiar with the concept of how web applications are different from traditional client-server applications and what kind of information can be collected from the client. If you have not, you might find it useful to read Part-1 and Part-2 as well. In this part we will explore how user supplied data can attack your application. We will explore information related to SQL injection, Cross Site Scripting, Directory Traversing etc.
Read more...
hope that you have already read first part of this article and familiar with the concept of how web applications are different from traditional client-server applications. If you have not, you might find it useful to read Part-1 as well. In this part we will explore what kind of information is available to the client? What kind of information can be gathered from the pages which client can access? How validation is important to ensure proper security for the web application? What are cookies and how web applications use them?
|
Testing Articles
