background preloader

Team Work

Facebook Twitter

Getting Started with Web Application Penetration Testing. Penetration testing aka Pen Test is the most commonly used security testing technique for web applications.

Getting Started with Web Application Penetration Testing

Web Application Penetration Testing is done by simulating unauthorized attacks internally or externally to get access to sensitive data. A web penetration helps end user find out the possibility for a hacker to access the data from the internet, find about the security of their email servers and also get to know how secure the web hosting site and server are. To know more about Penetration Testing, please read below related articles: Well, let’s now cover the content of this article. [img source] In this penetration testing tutorial I have tried to cover: Why Penetration Testing is required: When we talk about security, the most common word we hear is Vulnerability.

When I initially started working as a security tester, I used to get confused very often with this word Vulnerability, and I am sure many of you, my readers would fall in the same boat. Vulnerability Scanning or Pen Testing? How to Test Application Security - Web and Desktop Application Security Testing Techniques. Need of Security Testing?

How to Test Application Security - Web and Desktop Application Security Testing Techniques

Software industry has achieved a solid recognition in this age. In the recent decade, however, cyber-world seems to be even more dominating and driving force which is shaping up the new forms of almost every business. Web based ERP systems used today are the best evidence that IT has revolutionized our beloved global village. These days, websites are not meant only for publicity or marketing but these have been evolved into the stronger tools to cater complete business needs. Web based Payroll systems, Shopping Malls, Banking, Stock Trade application are not only being used by organizations but are also being sold as products today. This means that online applications have gained the trust of customers and users regarding their vital feature named as SECURITY.

Examples of security flaws in an application: Security Testing Definition: Now, I present you a simplest definition of Security in my own words. Example: Test Plan. Vision Document, Section 12.2: "The system shall interface with the existing Course Catalog Database System.

Example: Test Plan

C-Registration shall support the data format as defined in [2]. " Vision Document, Section 12.2: "The system shall interface with the existing Billing System and shall support the data format as defined in [1]. " Vision Document, Section 12.2: "The server component of the system shall operate on the College Campus Server and shall run under the UNIX Operating System. " Supplementary Specification, Section 9.3: "The server component of the system shall operate on the Wylie College UNIX Server.

" Vision Document, Section 12.2: "The client component of the system shall operate on any personal computer with a 486 Microprocessor or better. " Supplementary Specification, Section 9.3: "The client component of the system shall operate on any personal computer with a 486 Microprocessor or greater. " How to develop a template for test cases  How to develop a template for test cases by Ulf Eriksson / 28 September 2012 If you have a good template for test cases, it will become much easier for your team to write test cases which can be understood and used by everyone.

How to develop a template for test cases 

In essence, a template is a collection of key headings, and this article will give you some advice about which of these are the most important ones. You can use the headings mentioned below in Word and Excel files if you still use those applications for testing activities, although you know you shouldn’t do that.

Alternatively, if you use a test management tool such as ReQtest, this article will help you improve your tool’s template. Click Here To Create Your First Test Case Example in ReQtest & Become a Test Manager Pro (Free 10-Day Trial) What should a test case template look like? Here’s an example of an already filled out test case template. The example above contains the main headings that a test case needs for most cases. ID (identification) Title Pre-conditions Date.

How to document a Test Case. System Test Case Format The purpose of a test case is to describe how you intend to empirically verify that the software being developed conforms to the specifications.

How to document a Test Case

In other words, you need to be able to show that it can correctly carry out its intended functions. The test case should be written with enough clarity and detail that it could be given to an independent tester and have the tests properly carried out. How to Write a Test Plan Document from Scratch (Download a Real Plan) – Live Project QA Training Day 3. After introducing you to the live application for our free online software testing training, we saw how to review SRS and write test scenarios.

How to Write a Test Plan Document from Scratch (Download a Real Plan) – Live Project QA Training Day 3

Now it’s time to dive deeper into the most important part of the software testing live cycle – i.e. Test Planning. Most Important Phase of Testing – Creating a Test Plan: In today’s article we are going to see how to write a test plan document. At the end of this tutorial we have shared a 19 pages comprehensive test plan document specifically created for the live project OrangeHRM, which we are using for this free QA training series. We are halfway into our live project series. STLC can be roughly divided into 3 parts: