Automated Functional Testing based on the Navigation of Web Applications

Web applications are becoming more and more complex. Testing such applications is an intricate hard and time-consuming activity. Therefore, testing is often poorly performed or skipped by practitioners. Test automation can help to avoid this situation. Hence, this paper presents a novel approach to perform automated software testing for web applications based on its navigation. On the one hand, web navigation is the process of traversing a web application using a browser. On the other hand, functional requirements are actions that an application must do. Therefore, the evaluation of the correct navigation of web applications results in the assessment of the specified functional requirements. The proposed method to perform the automation is done in four levels: test case generation, test data derivation, test case execution, and test case reporting. This method is driven by three kinds of inputs: i) UML models; ii) Selenium scripts; iii) XML files. We have implemented our approach in an open-source testing framework named Automatic Testing Platform. The validation of this work has been carried out by means of a case study, in which the target is a real invoice management system developed using a model-driven approach.Comment: In Proceedings WWV 2011, arXiv:1108.208

A Comparative Analysis of GUI Testing For Dynamic Web Application Between Automation Testing (Record and Playback Approach) and Exploratory Testing: Administration of Sundawenang App

Software testing is one of the most important stages of the Software Development Life Cycle. There are various software testing approaches that are often used and useful in finding errors in software, two of them are Automation Testing and Exploratory Testing. Graphic User Interfaces (GUI) is one area of Automation Testing and Exploratory Testing. GUI testing involves the execution of widget-related events. Dynamic web pages are a type of web page that is currently used by most web developers and has a complex GUI. GUI testing needs to be done on dynamic web pages, and complex GUI structures will be a challenge for the tester to find the right way to test dynamic web pages. To solve the problem, this Thesis does a comparative analysis between two methods, Automation Testing and Exploratory Testing. Those methods are chosen because the two methods have different emphases but both are fully compatible. The analysis is done by calculating the average execution time and defect density from the two methods carried out. The result of the analysis shows that automation testing has the same good ability to detect defects. But, automation testing is the faster method than exploratory testing

A scalable application server on Beowulf clusters : a thesis presented in partial fulfilment of the requirement for the degree of Master of Information Science at Albany, Auckland, Massey University, New Zealand

Application performance and scalability of a large distributed multi-tiered application is a core requirement for most of today's critical business applications. I have investigated the scalability of a J2EE application server using the standard ECperf benchmark application in the Massey Beowulf Clusters namely the Sisters and the Helix. My testing environment consists of Open Source software: The integrated JBoss-Tomcat as the application server and the web server, along with PostgreSQL as the database. My testing programs were run on the clustered application server, which provide replication of the Enterprise Java Bean (EJB) objects. I have completed various centralized and distributed tests using the JBoss Cluster. I concluded that clustering of the application server and web server will effectively increase the performance of the application running on them given sufficient system resources. The application performance will scale to a point where a bottleneck has occurred in the testing system, the bottleneck could be any resources included in the testing environment: the hardware, software, network and the application that is running. Performance tuning for a large-scale J2EE application is a complicated issue, which is related to the resources available. However, by carefully identifying the performance bottleneck in the system with hardware, software, network, operating system and application configuration. I can improve the performance of the J2EE applications running in a Beowulf Cluster. The software bottleneck can be solved by changing the default settings, on the other hand, hardware bottlenecks are harder unless more investment are made to purchase higher speed and capacity hardware

SIE-SECURITY

The purpose of this paper is to present the application named SIE-Security providing web programmers with a tool that searches vulnerable links within their web site (i.e. a product page), attempting to perform an SQL Injection and finally, trying to find the admin login page and crack the MD5 hashed password (inappropriately called “crack” because we are actually using Rainbow tables). The application is structured on three tabs, each corresponding to the actions performed by the application and, if you take into consideration that this is a project in development, it could be considered an All-In-One database security testing utility.commerce, application, vulnerable, attack, decryption, security, testing

The approaches to quantify web application security scanners quality: A review

The web application security scanner is a computer program that assessed web application security with penetration testing technique. The benefit of automated web application penetration testing is huge, which web application security scanner not only reduced the time, cost, and resource required for web application penetration testing but also eliminate test engineer reliance on human knowledge. Nevertheless, web application security scanners are possessing weaknesses of low test coverage, and the scanners are generating inaccurate test results. Consequently, experimentations are frequently held to quantitatively quantify web application security scanner's quality to investigate the web application security scanner's strengths and limitations. However, there is a discovery that neither a standard methodology nor criterion is available for quantifying the web application security scanner's quality. Hence, in this paper systematic review is conducted and analysed the methodology and criterion used for quantifying web application security scanners' quality. In this survey, the experiment methodologies and criterions that had been used to quantify web application security scanner's quality is classified and review using the preferred reporting items for systematic reviews and meta-analyses (PRISMA) protocol. The objectives are to provide practitioners with the understanding of methodologies and criterions that available for measuring web application security scanners' test coverage, attack coverage, and vulnerability detection rate, while provides the critical hint for development of the next testing framework, model, methodology, or criterions, to measure web application security scanner quality

Developing Mobile Learning Applications for Android using Web Services

The evolution of today's mobile devices increases the number of mobile applications developed, and among them the mobile learning applications. Mobile hardware and software platforms allow running of faster and richer applications. This paper presents the main steps in development of a distributed mobile learning application for Android. The client application communicates with the server using Web services. The prototype developed includes the testing module.Mobile Application, Android Operating System, Web Service

Combinatorial-Based Prioritization for User-Session-Based Test Suites

Software defects caused by inadequate software testing can cost billions of dollars. Further, web application defects can be costly due to the fact that most web applications handle constant user interaction. However, software testing is often under time and budget constraints. By improving the time efficiency of software testing, many of the costs associated with defects can be saved. Current methods for web application testing can take too long to generate test suites. In addition, studies have shown that user-session-based test suites often find faults missed by other testing techniques. This project addresses this problem by utilizing existing user sessions for web application testing. The software testing method provided within this project utilizes previous knowledge about combinatorial coverage testing and improves time and computer memory efficiency by only considering test cases that exist in a user-session based test suite. The method takes the existing test suite and prioritizes the test cases based on a specific combinatorial criterion. In addition, this project presents an empirical study examining the application of the newly proposed combinatorial prioritization algorithm on an existing web application

Website Application Security Scanner Using Local File Inclusion and Remote File Inclusion

Today many web-based applications developed to be accessible via the internet. The problem that often occurs is commonly found on web application vulnerabilities. Many application developers often ignore security issues when developing applications that can cause substantial losses if a hacker manages to gain access to the system. A hacker can replace web pages, obtain sensitive information, or even take over control of the website. For that reason there is a need for applications that can help developers to overcome these problems. This application is expected to detect the vulnerabilities that exist on a website. Existing processes include: The process of crawling to get the whole link from target websites, attacking process is useful for testing the attacks, and the last is the process of displaying a report about the security hole on the website. This application is developed using Microsoft Visual C # 2010. Based on the results of tests made on this application, it can be concluded that the application can detect vulnerabilities in the website and report any form of link that has a security hole on the website