Posted by admin on Jun 26, 2009 in
Testing,
code 
Lets Break some code
The title is a little misleading as the one thing I think that testers do not do, is to break developers code.
Instead we should working with them to help find as many potential issues before our customers do.
(think of it as a department that carries out a specialised peer review)
However as a tester you need to have a few tricks up your sleeve which enable you to quickly punish an application.
The following strings will usually cause most web-enabled applications to perform strange functions or just plain fall over in a heap.
Each separate line is a separate test.
I have created a bespoke parameter fuzzer which I load my list into and 99% of the time I get a fail in a web-application.
You can also use my URL Encoder / Decoder to look a little deeper into the char-sets being used.
Read more…
Posted by admin on Feb 12, 2009 in
Testing,
code,
productivity,
tools 
Code
In this post I want to give people a nice heads up to some of the tools I use in my daily role.
These are bookmarklets which is just another word for bookmarks which contain javascript.
I use these with firefox although IE and Opera should also fine fine for them also. In Firefox just add them to the bookmark toolbar and you’ll have them at your fingertips.
Zap Cookies! This will clear out any stored cookies for the current page/site
Edit Cookies! This will allow you to edit and stored cookies for the current page/site
View Cookies! This does exactly what it states, it allows you to view and stored cookies for the current page/site
Edit Page
Allows you to edit any page you use this on. All changes are temporary of course and only visible to you. (will you ever trust a web page screen shot again?). Not yet sure how this fits into the testing arena, however I though I would include it as someone may make decnet use out of it.
Find Redirects! This should list any redirects for the current page, however its currently a tiny bit hit and miss and is does not work 100% of the time, it should however suffice for now and I’ll most likely have to rewrite this at some point in the near future.
remove redirects Lets see what happens if we now remove those redirects we just found using the above Bookmarklet.
Wikipedia lookup This allows you to select any text on a page and once clicked it will lookup that text on Wikipedia
Yahoo site search This allows you to select any text on a page and once clicked it will search on Yahoo for more links from that domain with the same text.
MSN IP Search Firstly I should thank Robert Hansen (RSnake) for this one. Once clicked it will carry out an IP search which can help you detect a wider network for your testing.
numbered list One of my favourites this one. It allows you to make a nice numbered list of all parameters on the page which contain numbers.
show hiddens This and Zap Cookies are my most used Bookmarklets. this one will display all hidden fileds on a webpage and also allow you to edit them.
remove maxlength This will remove all the max lenghts from all input fields (think buffer overflows and code boundry issues)
undisable Who says you can’t click that button 
. This Bookmarklet will enable any disabled objects on the page.
up This will take you up one directory level in the site structure
top This will take you to the top of the domain.
decrement If your URL ends in a number it will reduce it by one every click
increment As above but the opposite
check images This will check the current page for broken images.
view variables This will list all variable types found on the page. This is more for Developers than testers however its still a useful one to have.
view scripts Like above however it will list all scripts what can be called on the current page.
zap images This should clear all of the images from the page. Works about 98% of the time. This script may need a little tweaking if I ever get the time.
full urls as link text Very useful if you want to see where a link is pointing to.
Enjoy
Martin H
Tags: code, productivity, Testing, tools