Why You Shouldn’t Use Cucumber for API Test
Cucumber

Many people misunderstand the purpose of Cucumber. Because it seems to yield clearer, plain-language test scripts, testers want to use Cucumber as a general-purpose testing tool, including for API tests. But its true purpose is as a BDD framework. You may be thinking, what’s the harm? Here’s why it makes a difference—and why you should choose another tool for API testing.

Read more
Lightweight Text Editors — Ignite Talk

In my latest Ignite Talk, I (quickly) discuss some lightweight text editors. There are appearances from Visual Studio Code, of course Vim, and some others. Given this is an Ignite Talk, I don’t get to cover any one editor in depth. An Ignite Talk consists of 20 slides auto-advancing every 15 seconds. This was given […]

Read more
Finally A Good, Free Sequence Diagram Tool

Sequence Diagrams Often it is helpful to visualize a solution before implementing it. Diagrams in general help simplify a complicated system to make it easier to understand at a high level. One specific way you might accomplish this is with a sequence diagram. A sequence diagram shows how pieces of a system interact and in […]

Read more
Diving Deeper into Mobile Penetration Testing Framework: AppUse

In the previous blog, I detailed a great starting point for mobile application testing— the AppUse framework—and highlighted its greatest pros and cons. This tool, created by AppSec-Labs, combines many additional tools to perform static and dynamic analysis of an application and the smartphone device that it runs. Remember, please only use the tools and […]

Read more
Easy Button for Testing of Mobile Devices and Apps: AppUse

Knowing where to start in the penetration testing world is very difficult and largely inconsistent. With so many options and tools available simply kicking off a scan of the network can require a considerable time investment. That is even truer in the relatively new world of mobile testing. Please only use the tools and methods discussed on systems that you […]

Read more
Parameter Passing in a Build Flow

As a direct followup to my previous post, I thought the discussion of passing parameters in a build flow might be useful. Let’s start with our previous example.  I’ve created a build flow that deploys an application and runs Front-End, Back-End and Integration Tests against that application in parallel.  In addition, we’ve added several features […]

Read more
Security Testing: OWASP ZAP (Zed Attack Proxy)

As part of my ongoing collection of reviews and thoughts on today’s Security Testing Tools, I’m taking a look at the Zed Attack Proxy (ZAP) by OWASP.  While, my last review of WebSecurify, looked at a very simplistic tool for Web Application Security Testing, this review will bring us a slightly more complex tool.   So where […]

Read more
Security Testing: Web Application Testing with WebSecurify

One of the biggest trends in issues in web application testing today is Security Testing.  Most people know their web application is important for their business; no one wants a big security breach. With hackers becoming more and more sophisticated, and vulnerabilities becoming easier and easier to exploit the odds are not in your favor. […]

Read more
X