. Httperf
Httperf is a open-source tool for measuring HTTP server performance on Linux. It ' A effective tool for benchmarking and creating workload simulations to-if you can handle high-level traffic and Still maintain stability. can also use it to figure out the maximum capacity of your server, gradually increasing the number of requests your MAK E to test its threshold.
8. Pylot
Pylot is a open-source performance and scalability testing tool.
SeleniumIt is an open-source Web automation testing tool. It has recently released version 1.0, marking the formal Addition of a new member in the Web automation testing field. In its new version, apart from fixing a number of bugs, the most eye-catchingThe goal is to add support for Google Chrome in selenium RC and pr
PS: Site Performance Stress testing is an essential part of the performance tuning process. It is only when the server is under high pressure that it can truly reflect the problems exposed by the various settings. Apache has a self-contained program called AB that can be used for Web site stress testing on Apache or other types of servers.Apachebench Command prin
Performance Testing
Website Speed test: web site load rate testing.
Google Pagespeed Insights:pagespeed is Google's Web testing tool to optimize your recommendations through test scores.
Google Chrome DevTools: G
re-initiate requests after request parameters are modified Modify HeaderAnother plugin to modify the request header Cookies manager+View, modify cookies HackbarToolkit, you can easily control the modification URL, there are some encoding conversion, encryption tools, SQL, XSS tools WappalyzerCheck which Web applications a website uses such as blog engine, CMS, e
Library, Wooyun, and so on, encountered public loopholes are to practice.
Focus on national and international Security conference issues or video, recommend Secwiki-conference.
3 weeksFamiliarity with Windows/kali LinuxLearn Windows/kali Linux basic commands, common tools;
Familiar with the common CMD commands under Windows, for example: Ipconfig,nslookup,tracert,net,tasklist,taskkill, etc.;
Familiar with the common co
Web Security Test Learning Handbook-business logic TestingFirst of all, thank the friend of the invitation HTTP://PAYLOADS.ONLINE/ARCHIVERS/2018-03-21/1, participated in the Business logic TestingDescription: This article introduces the security flaws in the Web application business logic and explains the common cases.Any user password reset common defects * 1. Verification code Type Defects-Scene: 1.1 Veri
In the face of massive user access, high concurrent requests, large amounts of data, high-performance servers, large databases, storage devices, high-performance Web servers, and high-efficiency programming languages such as (Go,scala), we need to consider business splitting and distributed deployment when single-machine capacity reaches the limit. To solve the large-scale web site access, concurrency, high
to see how the actual effect.Tips:Chrome is recommended for testing PHP or other Web applications because it comes with developer tools that work well, and of course Firefox or IE9 have similar tools to look at personal habits. Press F12 to open the tool, select the Network tab, then enter the user name, password clic
Special Topics
First lesson
Metasploit Introduction and Basic commands
Lesson Two
Metasploit Information Collection
Lesson Three
Metasploit using a module to guess the service password
Lesson Four
Metasploit Vulnerability Module Use
Lesson Five
Metasploit Shellcode Use
Lesson Six
Metasploit Persistent Control Installation Backdoor
Seventh lesson
Metasploit Meterpr
Fiddler TutorialsFiddler is one of the most powerful Web debugging tools that can record HTTP and HTTPS requests from all clients and servers, allowing you to monitor, set breakpoints, and even modify input and output data. The use of Fiddler is a great help both for development and for testing.Read Catalogue
Basic introduction of Fiddler
How the Fiddler works
Other
display a ruler on the page
Colorzilla
Also is the Firefox plug-in, you can take color on the page, front-end development must
Pingdom
An online grab kit.
Test Everything
Test Everything provides a lot of testing tools to test your site. From CSS html to SEO, everything from web tools to optimization.
CSS
Practical Web security testing training courses:
I. Common Web Security Vulnerabilities
1. Hacker Technical Analysis
2. Introduction to common hacker tools
3. Common Web Attacks
Ii. Web Security Vulnerability Detection
1. Http Se
Every day when I look at the templates on the ThemeForest, I test the compatibility of the browser-not to mention my own work. Over time, I've collected the best validation and browser compatibility testing tools on the Web, and here's my favorite.
HTML and CSS Validation
First let's take a look at how to verify HTML and CSS. I should say that because I work on
?svId=118
The second method:
(1) Add "thread Group" and add "recording controller" under the thread group
(2) Add "HTTP proxy server"
Target controller: Test plan > Thread Group
Grouping: Putting a new controller in each group
PORT: 9999 (must ensure that the port is not occupied)
Exclusion mode:. *\. (BMP|CSS|GIF|ICO|JPE?G|PNG|SWF|WOFF|JS)
(3) in the "HTTP proxy server" click the "Start" button
(4) Open the browser and set the proxy: (You must ensure that the port number is the same as the por
Webbench is a very simple stress testing tool, webbench can simulate up to 30,000 concurrent connections to test the load capacity of the site.(1) Webbench installation
Copy Code code as follows:
wget http://www.jb51.net/soft/linux/webbench-1.5.tar.gz
Tar zxvf webbench-1.5.tar.gz
CD webbench-1.5
Make
Make install
(2) Webbench use
Copy Code code as follows:
Transferred from: http://www.uml.org.cn/Test/201407161.aspXSS vulnerability testing of Web applications cannot be limited to entering XSS attack fields on Web pages and submitting them. Bypassing JavaScript detection, entering an XSS script, usually ignored by the tester. The attack path that bypasses JavaScript detection for XSS malicious input.Common XSS InputX
Selenium is also a tool for Web application testing. The selenium test runs directly in the browser, just as the real user is doing. Supported browsers include IE (7, 8, 9), Mozilla Firefox, Mozilla Suite, and more. The main features of this tool include: test and browser compatibility--test your application to see if it works well on different browsers and operating systems. Test system functionality-Creat
collaboration tool.
Worktile: One-stop enterprise collaborative management platform.
Exchange Community
Codepen: Online Sharing Write your front-end code, recommended jackets!
Dribble: Designers share the community, the source of inspiration.
Web Performance Testing
Website Speed test: web site
Preface
I recently read Web intrusion Security Testing and countermeasures, and have gained a lot of inspiration. This book introduces a lot of Web intrusion ideas and well-known security sites outside China, which has broadened my horizons. Here, I have summarized the attack modes mentioned in the book again, and attached some relevant references, hoping to help
The content source of this page is from Internet, which doesn't represent Alibaba Cloud's opinion;
products and services mentioned on that page don't have any relationship with Alibaba Cloud. If the
content of the page makes you feel confusing, please write us an email, we will handle the problem
within 5 days after receiving your email.
If you find any instances of plagiarism from the community, please send an email to:
info-contact@alibabacloud.com
and provide relevant evidence. A staff member will contact you within 5 working days.