unit testing web applications

How to use webking to accessibility test a dynamic WEB application webking Introduction Webking is a WEB automation test software launched by Parasoft company, which can be used for white box, black box and regression testing. This article focuses on the tool's inspection and testing of the accessibility aspects of

http://www.cnblogs.com/fo0ol/p/3297054.htmldo web development, it is inevitable to develop their own page performance testing, self-written tool detection, too much work. Online there are several more mature testing tools, the following to introduce, and share with you. Based on web analytics tools:1. Ali Test2. Baidu

Max indelicato, a software development director and former chief software architect, recently published an article on how to design scalable Web applications. He proposed to select the right deployment and storage solution, select Scalable Data Storage and mode, and use the abstraction layer. Suitable tools The first recommendation of indelicato is to "select the right tool for your work". To achieve this,

SOAPAction header) Testing web Services is similar to testing common web applications, but browsers cannot interact with the server. if you have a sample request, you can use a tool or script language to fuzz the request and attack the server code.

The js|web| program JSP (JavaServer Pages) technology is a further abstraction of the servlet, developed by the JCP (Java Community Process), an open, freely accessible specification for generating dynamic content, It is also an important part of the Java 2 Enterprise Edition specification. Many business application servers such as Bea WebLogic, IBM WebSphere, Live JRun, and Orion support JSP technology. JSP technology is applied everywhere on the

Preface Recently read 《Web intrusion Security Testing and CountermeasuresAnd gained a lot of inspiration. This book introduces a lot of Web intrusion ideas and well-known security sites outside China, which has broadened my horizons. Here, I have summarized the attack modes mentioned in the book again, and attached some relevant references, hoping to help

procedure1: Pressure test Tool selectionThe heavyweight tool has visual Studio's own tools, as well as loader Runner (LR), a lightweight tool that has the apachebench in the Apache project, referred to as AB. You can download it here: Ab.zip.Simple use and parameter introduction of 2:ABThe above tests are based on one of my ASP. NET pages. For stress testing, you have to do it all the time, and if you don't know how many concurrent users your app can

1.Netsparker Community Edition (Windows)This program can detect SQL injection and cross-page scripting events. It will provide you with some solutions when the test is complete.2.Websecurify (Windows, Linux, Mac OS X)This is an easy-to-use open source tool, and there are some people plug-in support that can automatically detect Web page vulnerabilities. Test reports can be generated in multiple formats after running3.Wapiti (Windows, Linux, Mac OS X)T

Topology 2, with NAT, A1,A2 can access B, but B can not access A1,A2. But A,A1,A2 can exchange visits.Figure 23. Use Host-only Networking (using Host network)Description: Using the VMNET1 Virtual Switch, the virtual machine can only exchange visits with virtual machines and hosts. That is, not on the Internet, as shown in network topology 3,With host mode, A,A1,A2 can exchange visits, but A1,A2 cannot access B, nor can it be accessed by B.Figure 3XSS There is a cookie must be able to login with

understanding. Note that the threadlocal method is absolutely correct for the above instance. After threadlocal is introduced, the behavior of the above method has not changed, but the method is thread safe. Code for thread-safe development through reentrant requires developers to use instance variables or static variables with caution, especially for modifying the objects required by other threads. In some cases, it may be more appropriate to use synchronization. However, to identify applicati

Translation: how to practice your web application testing skills For those who are learning web application security testing (or just trying to stay sharp) it's often difficult to find quality websites to test one's skills. there are a few scattered around the Internet (see the link in the notes section below) but it w

. With GWT, the compiler is simply a mechanism for delivering the entire client/server application architecture. The features include: A standard set of UI widgets (widgets) that look good, have high flexibility, and are tuned to work in all major browsers, including Safari and Opera. An event mechanism that captures and responds to events entirely on the client. A framework for managing asynchronous calls between Web

to see how the actual effect.Tips:Chrome is recommended for testing PHP or other Web applications because it comes with developer tools that work well, and of course Firefox or IE9 have similar tools to look at personal habits. Press F12 to open the tool, select the Network tab, then enter the user name, password click Login, then the network will show the login

By fenngDate: OCT 03, 2004Http://www.dbanotes.net Awbot IntroductionAwbot is an easy-to-use tool for testing web sites. Site on http://awbot.sourceforge.net. This is a secondary project of the AWStats project.The awbot function can simulate the user's Website access behavior, test the site response and load pressure, and perform a benchmark test.Specifically, awbot has the following features:

Turn http://www.cnblogs.com/TankXiao/archive/2012/03/21/2337194.htmlThe XSS full name (cross site Scripting) multi-site Scripting attack is the most common vulnerability in Web applications. An attacker embeds a client script (such as JavaScript) in a Web page, and when the user browses to the page, the script executes on the user's browser to achieve the attacke

1.Netsparker Community Edition (Windows)This program can detect SQL injection and cross-page scripting events. It will provide you with some solutions when the test is complete.2.Websecurify (Windows, Linux, Mac OS X)This is an easy-to-use open source tool, and there are some people plug-in support that can automatically detect Web page vulnerabilities . Test reports can be generated in multiple formats after running.3.Wapiti (Windows, Linux, Mac OS X

AppScanAutomate dynamic application Security testing (DAST) and interactive application security testing (IAST) for modern WEB applications and services. A comprehensive JavaScript execution engine that supports WEB 2.0, JavaScript, and AJAX frameworks. SOAP and REST

Summary:Web automation is inseparable from selenium, of course, the robot framework is the same, combined with selenium, need to install: Pip install Selenium2library, accustomed to coded write web automation, robot The framework's tool for keyword automation is also OK, making testing easier.Body:1. Element positioning:1.1 ID or name locator1.2 XPath positioning1, the absolute path of XPath:Xpath =/html/bo

to allow people to perform various tests without leaving the browser. If you like the plugins described below, you might want to give them a rating on the appropriate page to support the author's work.There is a simple REST client plugin under Chrome that provides a single form for various HTTP operations and can see the returned information.Chrome plug-ins appear to be a bit shabby, then also popular developers love Firefox has a plug-in called Restclient, the plug-in developed by the Chinese,

Httpunit is an integrated testing tool that focuses on Web application testing. It provides help classes for testers to interact with servers through Java classes, the server-side response is processed as a text or DOM object. Httpunit also provides a simulated servlet container so that you can test the internal code of the servlet without publishing the servlet.