Presentation on theme: "GREY BOX TESTING Web Apps & Networking"— Presentation transcript:
1GREY BOX TESTING Web Apps & Networking Session 4Boris Grinberg
2Session 4 (4 Hours) Here are some things that we’ll cover: Automated Test ProcessInstall, configure and run fiddler as proxy serverLearn how to use some of the Fiddler Menu items, Create and load Archive and more…Discuss some aspects of the Web Testing ProcessesLab Exercise: Polish Job Interview Skills
3Do more with LessA test program that incorporates automated testing will involve a development effort of strategy, goal planning, test requirements definition, analysis, design, development, execution, and evaluation.Because organizations are required to do more with less, automated testing can save time and money.
4Automated Test Process Automated testing is important to all testing because you can reuse code and scripts and allow testers to standardize the testing process.In the Web environment, automated testing is performed across many platforms, multiple layers of supporting applications, interfaces, databases, and different applications that can serve as a front or back end to the application.
5Automated Test Coverage Coverage can include:Functional requirement testingServer performance testingUser interface testingUnit testingIntegration testingProgram code coverageSystem load performance testingBoundary testingSecurity testingMemory leak testingFirewall testingProgram module complexity analysisAutomation has made these types of testing more efficient and provided more accurate results.
6Introducing Fiddler HTTP/HTTPS Debugger Runs as a proxy server on the local machine or on a remote serverWritten in C# (.NET Framework v2.0)Freely available from
7Debugging Production Code: Fiddler Fiddler is a Web Debugging Proxy which logs all HTTP(S) traffic between your computer and the Internet. Fiddler allows you to inspect all HTTP(S) traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Fiddler includes a powerful event-based scripting subsystem, and can be extended using any .NET language.Fiddler is freeware and can debug traffic from virtually any application, including Internet Explorer, Mozilla Firefox, Opera, and thousands more.
8What does Fiddler do?Request and response modification
9What does Fiddler do? Debugging non-Windows clients Fiddler Internet PCMacFiddlerInternetLinuxPocketPC
10What does Fiddler do?HTTP/HTTPS traffic monitoring & analysis
11Installing Fiddler Download Fiddler25setup.exe file Start installation process
15How does Fiddler work?When Fiddler starts, it attaches to WinINET as the system default proxyNon-WinINET applications can be pointed to Fiddler by setting their proxy to :8888
16Fiddler: Menu FileStart Fiddler using the Fiddler icon in your START Programs menuOpen File menuUncheck “Capture Traffic”Monitor “Web Sessions” & try few URLsCheck “Capture Traffic” & try few URLs again
17Lab Exercise: Creating Archive Go to Portnov.comSelect the session with error 404 & save it in the archive as “Portnov_404.saz”Close Fiddler Application
18Lab Exercise: Loading Archive Start FiddlerGo to FileLoad Archive…Select the saved session “Portnov_404.saz”Tell me: how this case could be used in the QA world?
19Fiddler: Menu Edit Open Edit menu Select and Remove any Session Select and Copy one SessionOpen Notepad and Paste selected dataMark two sessions with “Orange”Remove all unselected sessions
20Lab Exercise: Menu File and Menu Edit Go to CNN.comMenu Edit – Mark two sessions with RedMenu File… (Save All Sessions as all.saz)Menu Edit – Remove all sessionsMenu File… Restore removed sessionsTell me: how this case could be used in the QA world?
21How to configure Firefox to use Fiddler Start FiddlerOpen Firefox, use few URLsGo to ToolsOptions and click on the “Settings” buttonSelect manual proxy configurationApply the following settings: :8888 for all protocolsTry few URLs againQUESTIONS?
22Debagging connection problems Check if problem exist with one or all browsersCheck Network SettingsCompare Network Settings on Fiddler and BrowserFix the problemQUESTIONS?
23Study case: Buggy Server Fiddler has an ability to detect many protocol violations.An example of the HTTP Protocol Violation.Reference Materials:Header Field DefinitionsKey ReferencesRFC Hypertext Transfer Protocol
24Web Session with Violation Select and double click on the session with HTTP Protocol violation
25LAB Exercise: Catching Web Session with Violation Open IE and make sure that the Fiddler is capturing all trafficCheck sub-menu “Capture Traffic”Go to “gazeta.ru” and you’ll get a “HTTP Protocol Violation” notification windowDuring next 10 minutes try to find more websites with similar errors
26Fiddler: Menus Rules; Tools; View and Help Lab ExerciseTrying self thought process…Use Help File, Internet, common senseI expecting results in 10 minutes!
27Draft HomeWork: Example Select Web Application Use the set of questions provided by me and feel in the empty matrix with your answersBring your Matrix with results on our next session
28Web Testing Processes Overview The purpose of the Web testing processObjectivesBusiness RequirementsTesting Phases
29Web Testing ProcessesThe purpose of the Web testing process is to provide a clear and concise description of what needs to be done.ObjectivesThe objective of testing is to ensure that the Web application is ready for operation.Business RequirementsBusiness requirements are a collection of requests and lists from people who have an interest in the project.
30Business Requirements Before beginning the testing project, the tester should have a set of business requirements that will help in understanding the functionality of the Web applicationA well-written set of business requirements will outline the goals and objectives for the business and serve as the foundation for your test plan.
31Testing PhasesAs the business requirements (BR) are established and defined, they will become the first phase of your testing process.Understanding their magnitude will help you determine how to proceed with the Web test, determine the number of test cycles, type of test tools, test the data used, and set up the test environment.
32Testing ChecklistA good way to track the testing process is to create a checklist to make sure that you are following and completing the test process.Document “Testing Checklist” is an example of a testing checklist. You can find it in the Student Materials folder.Each item in the checklist (or checkpoint) should be a part of the test process and depends on the test life cycle, specification, management, commitment, and communication.
33Variety of One, very common on the Interview, Question Why do you think that you will be a good fit for us?What value you’ll bring to the company?What makes you different form other candidates?Why should we choose you from all competing candidates?
34Tester Qualifications A good tester should have a combination of the following skills:Communication. The ability to convey to the developers, testers, and users the intent of testing and the roles and responsibilities of all parties.Technical expertise. The ability to understand the Web site and how it works.Diplomacy. The ability to work well with others and come up with the best solution for the team.Accuracy. The ability to produce error-free results.Persistence. The ability to test and retest until an adequate result is achieved.
35Tester Qualifications: Persistence Of these qualities, persistence is the most important.A tester should have the ability to continuously test and retest without becoming bored or losing focus.Being able to endure this process allows the tester to assure accurate results, and the end result is happy customers.
36LAB Exercise:Job Interview/Missing skills Class Discussion:What should I do on the interview if I don’t have some of the required skills?
37Job Interview – Missing skills Class Discussion:Advice #1:Never show a sad faceAdvice 2:Never lie and be honestAdvice 3:Don’t get lostAdvice #4:Don’t take a big pause
38Job Interview – Missing skills Class Discussion:Advice 1:Never show a sad faceAdvice #2:Never lie and be honestAdvice 3:Don’t get lostAdvice #4:Don’t take a big pause
39Job Interview – Missing skills Class Discussion:Advice 1:Never show a sad faceAdvice 2:Never lie and be honestAdvice #3:Don’t get lostAdvice #4:Don’t take a big pause
40Job Interview – Missing skills Class Discussion:Advice 1:Never show a sad faceAdvice 2:Never lie and be honestAdvice #3:Don’t get lostAdvice #4:Don’t take a big pause
41LAB Exercise: Class Discussion What should I do on the interview if I don’t have some of required skills?Offer your other outstanding skillsAssure in your ability to quickly learn new technology, gain new skills (use some examples from the past)Demonstrate your “whatever it takes” attitude.
42Object-Oriented Programming Concepts If you've never used an object-oriented programming language before, you'll need to learn a few basic concepts before you can begin test any code.This lesson will introduce you to objects, classes, inheritance, interfaces, and packages.Each discussion focuses on how these concepts relate to the real world.
43What Is an Object?Objects are key to understanding object-oriented technology. Look around right now and you'll find many examples of real-world objects: your dog, your desk, your television set, your bicycle.Real-world objects share two characteristics: They all have state and behavior. Dogs have state (name, color, breed, hungry) and behavior (barking, fetching, wagging tail).
44What Is an Object?Bicycles also have state (current gear, current pedal cadence, current speed) and behavior (changing gear, changing pedal cadence, applying brakes).Identifying the state and behavior for real-world objects is a great way to begin thinking in terms of object-oriented programming.
45Lab Exercise: Introduction Take a minute right now to observe the real-world objects that are in your immediate area. For each object that you see, ask yourself two questions:"What possible states can this object be in?"and"What possible behavior can this object perform?".
46Lab Exercise: Real-world objects Write down your observations. As you do, you'll notice that real-world objects vary in complexity; your desktop lamp may have only two possible states (on and off) and two possible behaviors (turn on, turn off), but your desktop radio might have additional states (on, off, current volume, current station) and behavior (turn on, turn off, increase volume, decrease volume, seek, scan, and tune). These real-world observations all translate into the world of object-oriented programming.
47A software objectSoftware objects are conceptually similar to real-world objects: they too consist of state and related behavior. An object stores its state in fields (variables in some programming languages) and exposes its behavior through methods (functions in some programming languages).
48A fundamental principle of OOP Methods operate on an object's internal state and serve as the primary mechanism for object-to-object communication.Hiding internal state and requiring all interaction to be performed through an object's methods is known as data encapsulation — a fundamental principle of object-oriented programming.
49A bicycle modeled as a software object. By attributing state (current speed, current pedal cadence, and current gear) and providing methods for changing that state, the object remains in control of how the outside world is allowed to use it.For example, if the bicycle only has 6 gears, a method to change gears could reject any value that is less than 1 or greater than 6.
50Interviews… Boris’s Advice # 4 Prepare and Ask questions which willdemonstrate your knowledge(Waterfall, Agile or V-Model)Address this question to the right interviewer!