RSS feedTipuri de testare
Integration Testing: Why? What? & How?
By admin
Introduction:
As we covered in various articles in the Testing series there are various levels of testing:
Unit Testing, Integration Testing, System Testing
Each level of testing builds on the previous level.
“Unit testing” focuses on testing a unit of the code.
“Integration testing” is the next level of testing. This ‘level of testing’ focuses on testing the integration of “units of code” or components.
How does Integration Testing fit into the Software Development Life Cycle?
Best Practices in Automated Testing
By admin | 3 comments
3This article talks about many interesting things like what’s the Case for Automated Testing, Why Automate the Testing Process?, Using Testing Effectively, Reducing Testing Costs, Replicating testing across different platforms, Greater Application Coverage, Results Reporting, Understanding the Testing Process, Typical Testing Steps, Identifying Tests Requiring Automation, Task Automation and Test Set-Up and Who Should Be Testing?.
The Case for Automated Testing
Today, rigorous application testing is a critical part of virtually all software development projects. As more organizations develop mission – critical systems to support their business activities, the need is greatly increased for testing methods that support business objectives. It is necessary to ensure that these systems are reliable, built according to specification and have the ability to support business processes. Many internal and external factors are forcing organizations to ensure a high level of software quality and reliability.
SQL Unit Testing Tools
By admin
http://spunit.sourceforge.net/
Description: SPUnit is an application of the popular xUnit framework concept to enable unit testing of SQL Server stored procedures. SPUnit is (loosely) based on the xUnit family of Unit Test Frameworks. It is intended for testing MS SQL Server stored procedures using actual stored procedures. The idea was to make it really painless to test the code in stored procedures, and facilitate test-first programming of stored procs. It is a port inspired by JUnit, a testing framework for Java, developed by Kent Beck and Erich Gamma, and also, CPPUnit — a port of JUnit — developed by Michael Feathers.
Requirement : Windows NT/2000
TSQLUnit
http://tsqlunit.sourceforge.net
Description: TSQLUnit is a framework to write tests for applications written in Transact-SQL. TSQLUnit is a framework to write tests for applications written in Transact-SQL. It follows the tradition of the “xUnit” framework that is available for almost all programming languages. TSQLUnit is open source, licensed under the LGPL license, which means that it can be used freely even in commercial programs subject to certain restrictions. See the cookbook for an introduction of how to use it.
Requirement: Python
utPLSQL
http://utplsql.sourceforge.net/
Description: utPLSQL is a unit testing framework for programmers using Oracle’s PL/SQL language.
Requirement: OS Independent
utPLSQL is a unit testing framework for programmers using Oracle’s PL/SQL language. Developed by Steven Feuerstein, author of many books on the subject, it allows the automated testing of packages, functions and procedures. For background on the project and the reasons why this sort of unit testing is a good idea, visit the utPLSQL site of the O’Reilly and Associates Oracle Resource Center.
Testarea A/B sau cum sa iti cresti veniturile din AdSense
By george | 4 comments
4
Testarea A/B reprezinta testarea a doua (sau mai multe) situatii diferite: situatia A vs. situatia B. Testarea A/B in cazul AdSense este importanta pentru ca iti arata care design pentru un “ad” iti aduce un castig mai mare. Spre exemplu se poate face o comparatie intre un leaderboard de o dimensiune 728X90 contra unui banner de o dimensiune 468X60.
Cum se face aceasta testare?
In princpiu se ruleaza un script pe partea de server a aplicatiei, script care trebuie bineinteles implementat. Aicea apare o mica problema, si anume ca acest tip de testare nu prea poate fi efectuat de o echipa de testare, ci de catre echipa care a dezvolatat aplicatia web.
adobe first time quality engineer
By admin | 3 comments
3
Mai aveti pana maine la ora 24.00 sa va inscrieti la cea de-a doua editie a training-ului First Time Quality Engineer oferit de Adobe in cadrul programului Adobe Learning Center.
Training-ul este destinat exclusiv studentilor sau proaspetilor absolventi cu zero experienta si care vor sa isi inceapa o cariera in testarea software. Acesta se va desfasura pe o perioada de 5 zile (11-15 mai) zilnic de la 9 la 17, deci practic veti gusta cu adevarat din aroma corporatista din domeniul it 
(acest lucru nefiind neaparat un lucru rau)
Cei de la Adobe spun ca in acest timp angajatii lor vor incerca sa le arate juniorilor “ce presupune munca unui tester in echipele Adobe”.
Detaliile complete si agenda pot fi gasite aici.
Ca o nota personala, mi-se pare o initiativa foarte frumoasa, chiar ma bucur sa vad SRL-uri de la noi care se ocupa cu formarea noilor talente.
O mica problema ar consta in faptul ca nu sunt sigur daca veti si invata ceva din toata treaba asta pentru ca am avut ocazia acum 1 an sa dau un interviu la Adobe pt un post de senior QA si mi-au lasat o impresie foarte proasta. Raman la parerea mea ca oamenii stau foarte prost la capitolul quality assurance/metodologie/organizare. Si nu am nimic cu testerii cu mai degraba cu managementul defectuos din zona asta (probabil nu au gasit inca un manager QA care sa aiba si amanta).
Ma asteptam sa port o discutie tehnica inteligenta, provocatoare, dar in schimb m-am ales cu un test de engleza (traducere din ro in en) si am determinat cate frizerii sunt in Bucuresti. Ah! si cate bile rosii sunt in borcanul 2.
Doua metode pentru a face Cross Browser Testing: Litmus si crossbrowsertesting.com
By admin
1. Litmus
Litmus este un tool de testare cross-browser ce ia capturi de ecran din site-urile web si returneaza rezultatele aproape instantaneu.
Spre deosebire de alte sisteme de acest gen, Litmus testeaza de asemenea si HTML email. Suporta o lista impresionanta de 23 de browsere si 16 clienti de mail.
Acesta pune un accent pe testarea continuă şi organizare şi vă permite să ţină evidenţa tuturor testelor, marcarea, atunci când o pagină a trecut sau nu a reuşit într-un browser, astfel încât să puteţi controla ceea ce are nevoie de muncă de pe site-ul web.
De asemenea, publica rapoarte publice despre browser-ul de web sau clientul de e-mail, de compatibilitate a produselor pe care le puteţi arăta clienţilor. Capturile de ecran sunt livrate în ambele ferestre şi tot ecranul format (astfel încât să puteţi vedea ceea ce vor vedea vizitatorii).
Calitatea Sistemelor Software by Oana FEIDI
By admin | 6 comments
6Revin cu o noua resursa teoretica extrem de utila si completa despre Software Quality Assurance.
Ce am apreciat cel mai mult la calitatea documentatiei este faptul ca a fost adusa “la zi” si este in pas cu noile metodologii (sau trenduri) folosite in acest moment in industria software.
Pe scurt, seminarul “Calitatea Sistemelor Software” este un bun punct de plecare atunci cand trebuie sa faceti o prezentare pentru un client care nu intelege scopul resursei de QA deoarece acesta contine o serie de prezentari Power Point care explica foarte bine rolul testarii pe proiect.
OWASP: Top 10 cele mai des intalnite vulnerabilitati pe web
By admin | 1 comment
1| A1 – Cross Site Scripting (XSS) | XSS flaws occur whenever an application takes user supplied data and sends it to a web browser without first validating or encoding that content. XSS allows attackers to execute script in the victim’s browser which can hijack user sessions, deface web sites, possibly introduce worms, etc. |
| A2 – Injection Flaws | Injection flaws, particularly SQL injection, are common in web applications. Injection occurs when user-supplied data is sent to an interpreter as part of a command or query. The attacker’s hostile data tricks the interpreter into executing unintended commands or changing data. |
| A3 – Malicious File Execution | Code vulnerable to remote file inclusion (RFI) allows attackers to include hostile code and data, resulting in devastating attacks, such as total server compromise. Malicious file execution attacks affect PHP, XML and any framework which accepts filenames or files from users. |
| A4 – Insecure Direct Object Reference | A direct object reference occurs when a developer exposes a reference to an internal implementation object, such as a file, directory, database record, or key, as a URL or form parameter. Attackers can manipulate those references to access other objects without authorization. |
| A5 – Cross Site Request Forgery (CSRF) | A CSRF attack forces a logged-on victim’s browser to send a pre-authenticated request to a vulnerable web application, which then forces the victim’s browser to perform a hostile action to the benefit of the attacker. CSRF can be as powerful as the web application that it attacks. |
| A6 – Information Leakage and Improper Error Handling | Applications can unintentionally leak information about their configuration, internal workings, or violate privacy through a variety of application problems. Attackers use this weakness to steal sensitive data, or conduct more serious attacks. |
| A7 – Broken Authentication and Session Management | Account credentials and session tokens are often not properly protected. Attackers compromise passwords, keys, or authentication tokens to assume other users’ identities. |
| A8 – Insecure Cryptographic Storage | Web applications rarely use cryptographic functions properly to protect data and credentials. Attackers use weakly protected data to conduct identity theft and other crimes, such as credit card fraud. |
| A9 – Insecure Communications | Applications frequently fail to encrypt network traffic when it is necessary to protect sensitive communications. |
| A10 – Failure to Restrict URL Access | Frequently, an application only protects sensitive functionality by preventing the display of links or URLs to unauthorized users. Attackers can use this weakness to access and perform unauthorized operations by accessing those URLs directly. |
Testarea unitara a claselor java cu Junit
By admin | 4 comments
4Testarea unitară s-a impus în ultima perioadă în dezvoltarea proiectelor scrise în limbajul Java şi numai, pe măsura apariţiei unor utilitare gratuite de testare a claselor, care au contribuit la creşterea vitezei de programare şi la micşorarea drastică a numărului de bug-uri.
Cel mai folosit utilitar pentru testarea unitară a claselor Java este JUnit, care se poate descărca gratuit de pe site-ul http://www.junit.org . Arhiva este destul de mică (aproximativ 400 Kb) şi include un director (junitxxx) cu documentaţie (în directorul doc), documentaţia API (în directorul javadoc), biblioteca de clase junit.jar şi exemple de clase de test (în directorul junit).
SQL injection – primii pasi in a testa o aplicatie web impotriva SQL Injection
By george | 4 comments
4Zilele trecute am scris un articol in care am incercat sa subliniez importanta securitatii aplicatiilor web, si printre alte metode de “spargere” a acestor aplicatii am amintit despre “SQL Injection”. In acest articol voi arata primii pasi in testarea impotriva atacurilor de tip “SQL Injection”.
In momentul de fata foarte multe aplicatii web folosesc un anumit tip de baza de date. De-asemenea majoritatea aplicatiilor web au sectiuni care accepta inputuri de la user prin intermediul unui UI (user interface) care in principiu are urmatoarele functii:
Linkedin
Facebook
Twitter
RSS
Comentarii recente