Category: Testing Tutorials

Verification and testing are two other software engineering terminologies that need to be explained for a better understanding. Both of them play a significant role in the development of a program that will satisfy the end user and maintain high quality.

What is software testing?

Software testing refers to the process of executing an application or program with the intent of detecting potential software bugs. It also has the objective of helping the developers to find out whether the software is working according to the intended purpose. During the testing process, the end user’s area of application will be considered and the software will be subjected to a series of tests to ensure it satisfies the needs of the end users.

This will include several testing for several factors that may affect the performance of the system such as the presence of a bug, programming error, and other hidden dangers to the software. When these shortcomings are detected during the testing process, they will be corrected without delay before the completion of the software system.

There are different types of system testing techniques. These are static testing, dynamic testing, unit testing, integration testing, and other testing techniques. All these testing techniques have a single function: to ensure that the software does not fail to meet the expectations of the end users, the people who the program is designed for.

The testing can either be done manually by the programmers. This will require that they will go through the program to hand pick the errors for correction.  The automated can also be used for testing but it functions by using some tools and scripts. Although the techniques are different and have their advantages,

On the other hand, we have software verification, another important tool they each constitute a great way of identifying the errors in a program. There are contributory factors to the high quality of a software program. What is it?

What is system verification?

Before a system is developed, there must be a design where the basic requirements for the system are well spelt out. During the development of the system, verification is done to consider whether the system is developed according to the requirements and specifications. This may include all the activities that are combined to make sure that high-quality software is released for use to the end users.

Some of the processes that make up system verification are:

• Inspection
• Specification analysis
• Testing
• Design analysis

The verification process is usually at the beginning of a development process and all the processes above will be done for the evaluation of some important plan, code, and specifications. The objective of verification is to answer the question “Are we developing the software according to the specification and requirements?”

For instance, banking software will be expected to be used for processing customer information, balance the account in case of withdrawal or otherwise, and other related functions. If verification is to be performed on the software, the testers will test whether these functions can be performed effectively by the software. If a banking software can update a withdrawal but cannot do the same for saving, it will generate a lot of problems. If verification is performed, such problem will be easily corrected. If any of the features of the software malfunctions, the defect will render the performance of the system useless.

While there is a stark difference between system testing and system verification, one of the system verification methods is system testing. It is testing the software that will reveal whether it is developed in conformity with the laid down design and purpose.

Software testing and software development are two distinct terms in computing. They are two different and important stages in the life of a software program because they perform different functions that support the existence and efficiency of a program. It is important to define each of these terms and identify the various roles they play.

Software testing

Software testing is the process of confirming the correctness, quality, and completeness of a computer software. It involves carrying out some specific activities that are designed to spot the errors in a software program so that it can be corrected before it is released and distributed to the end users.

The test helps the developers to check whether the result of the test will correspond with the expected result as well as check if the software is error free. How is this done?

To test a software, it is operated under some controlled conditions to see whether the output is the expected output, study the behavior of the program, look for errors, and check whether the software will meet the needs of the user or not.

For instance, if a program is designed to process the payroll of a company, during testing, the various stages of processing of payroll will be tested on the program.   Different parameters may be tested in the program to ensure that it functions in all the areas where it is expected to be used by the end user. The program may fail or show some flaws such as inaccurate calculation or omission of some data, factors that can have serious effects on the output of the program. When this occurs, the program will be taken back to the software programmer to correct all the errors. That is the essence of software testing.

Software development

While software testing involves analyzing software program to determine its efficiency and errors in addition to evaluating some features of the software, software development refers to how the software program is developed. It is simply the process of writing a computer code and maintaining it. In a broad sense, software development involves all the developmental stages of the software from the conception of the idea to the launching of the programs.

While software development may sound simple, the process may involve an extensive research, prototyping, re-engineering, developing an extensive algorithm, drawing a flowchart, several modifications, coding for hundreds of hours, debugging both serious and minor errors, and other processes that may contribute to the existence of the software program. Software development is also called application development, enterprise application development, designing software, platform development, and the likes.

This brings out the difference in the two terms. While software development refers to all the processes that culminate in the existence of a software program, software testing is checking the software to see areas of improvement, detect potential errors, test the software for accuracy, or any other activities that will ensure the successful launching of error-free software. It is a way of finding out whether a program is functioning in conformity with the objective of the software when it was under development.

Software programs are tested by software developers who are also called programmers while a software program can be tested by a software tester, test lead, test administrator, test designer, automation tester, or manager.

Although the testing is not a part of the software development, it serves as the guide to the developer to see what can go wrong and render their efforts useless.

In essence, software development precedes software testing. Without developed software, there is nothing to be tested. On the other hand, without well-tested software, a program is nothing.

These two terms are used interchangeably by some individuals due to the seeming similarity in their functions. However, they are quite different in meanings and depend on each other. A little explanation of the two terms will aid your understanding of them.  I will start with testing.

What is testing?

Testing is the process or a way of determining that a software program is devoid of any error that may affect its efficiency. It is also done to find out whether a program performs according to the objective of building it. An effective testing can be done by changing the input of a program or run it on different platforms to see its response to these inputs and platforms. Sometimes, testing may reveal a huge flaw or bug that may influence the output of a program if not promptly corrected before its distribution to the many users who will subject the program to different conditions on a variety of platforms.

During testing, different techniques way be used. This includes providing both correct and incorrect inputs, intentionally wrong inputs, and other different inputs with the objective of assessing the response of the program to different situations. While testing a program using different data, the program may flag a bug that needs to be corrected. That raises the question “What is a bug?”

A bug is a programming error that affects the execution of a program. The program may not function properly or does not execute at all. Some of the bugs may be caused by the omission of a code or the use of a wrong one. In either way, the program will not execute in line with the objective of developing the program. The result of the execution may be at variance with the expected result. This brings about the concept of debugging.

What is debugging?

When an error or bug is detected in a program, it must be corrected. Otherwise, the objective of developing the program is defeated. Nobody will feel comfortable processing the payroll of his employers with a flawed program, neither will one trusted a program filled with errors for information on construction, lest people’s lives are put at risk.

The process of removing or correcting these errors is called debugging, derived from the word “bug.” Wikipedia defines debugging thus “Debugging is the process of finding and resolving of defects that prevent correct operation of computer software or a system.”

Debugging varies in the degree of complexity. There are some simple debugging such as a small program designed for in-house use and some other related programs. Due to the relatively short length of the program, the debugging done by a programmer will be relatively simple.

Contrary to this, the code for some big conglomerate like Facebook or Google will run to millions of lines of code. In this case, debugging may be complex and difficult because the debugger may need to trace the origin of all the bugs before correcting them.  Either way, debugging still remains an important part of a robust and well-functioning program.

How do programmers detect bugs? The answer is simple: through testing. As discussed above, one of the reasons for testing a program is to identify potential bugs that may impede the smooth execution of a program. When these bugs are detected during testing, the developer immediately takes over to correct all the errors, in another word, to debug the program.

Debugging can be strenuous and time-consuming. Each of the errors will be read and understood before debugging takes place. This requires much time and effort on the part of the programmer if he wants to be credit for a good job and meet the needs of the users.

There is this confusion when people have to make a distinction between Quality Assurance and Testing. Although they share some similarities, they have some distinctions which are hidden to most people. A discussion of these terms will throw a light on their differences.

What is Quality Assurance?

Quality Assurance is the general term used for activities that make sure that some procedures, processes, and standards are implemented in relation to the development of a software program and the intended use and requirements.

According to the respected technology website, “Software quality assurance (SQA) is a process that ensures that developed software meets and complies with defined or standardized quality specifications. SQA is an ongoing process within the software development life cycle (SDLC) that routinely checks the developed software to ensure it meets desired quality measures.”

The objective is to ensure the development of a software program that meets all the basic requirements that will qualify it as a high-quality software program. Rather than wait until when the program is completed before checking its potential for quality, quality assurance is done at every stage of the development in order to give the software a good foundation.

While developing a software program, the next stage of development will not be moved to until the present stage is tested and found to meet all the quality standards that are already defined. There are many methods that can be implemented to promote quality assurance. Some are CMMI model and ISO 9000 and some other standards. A proper quality assurance may require conforming to one or more of these techniques.

The complete Quality Assurance encompasses requirements definition, coding. Software design, source code control, software configuration management, code reviews, testing, product integration, and testing. The process is organized into commitments, goals, abilities, measurements, abilities, and verifications.

With the meticulous testing of each stage of the development against some tested and proven standards, the quality of the software is guaranteed.

What is software testing?

All the activities that are targeted towards the identification of defects, bugs, or errors in software are collectively known as software testing. Software testing is the execution of the software program with the aim of evaluating its performance in relation to the objective of developing the software. During the testing, the testers will check whether the software:

• Is designed in total conformity to its design and development.
• Is efficient when tested with a variety of inputs.
• Is effective in addition to its efficiency.
• Is usable under all the expected circumstances.
• Can be distributed to be used in different environments it was built for.

The testing is done by executing the software on different environments, intentionally changing the inputs, deliberate introduction of wrong inputs to see the response of the system, and other testing techniques.

The importance of software testing has been discovered many times. Bugs can alter the output of a system, leading to misinformation and unreliable results. During testing, bugs and other errors can easily be identified for correction. This will give a clue to the quality of the software under test and its potential for failure.

There are two types of testing. These are:

• Manual testing: This is done by humans and not a machine. No scripts or any other tools are used.
• Automated testing: This requires the use of scripts and other tools to test a software program.

Regardless of the testing method used, the same objective of finding errors and correcting them in a software program is achieved. This will help the developers to develop a bug-free and efficient software program before its distribution to the end users.

Testing remains an integral part of the success of a software project. These are obviously the two software testing methods. They share the same objective of helping the developers write a flawless program that meets the users of the users without hitches. However, there are some differences between the methods of operation of these different testing techniques. Let’s discuss them.

Manual software testing

The name of this testing technique says it all. The testing is done manually without the input of any testing machine, script, or tool. The developer(s) will manually go through the code to detect the bugs before debugging them.

This process is very time-consuming, especially if there is a huge amount of code lines to be manually searched for hidden bugs. It will take the debuggers some amount of time to identify an error, and this may become strenuous and boring to them.

Manual testing is the ideal testing method if the test case is expected to be repeated just once or twice or when embarking on UI testing. In each case, using automated testing will be too expensive. If regression testing is contemplated, manual testing will be inefficient in catching hidden defects if the requirements change frequently.

Another con of manual testing is that it is not an effective way of testing a program on many machines with different Operating Systems. In this case, each task has to be executed by different testers. This will be time-consuming as well as cost a lot to be implemented.

Automated testing

In opposition to manual testing, automated testing refers to the process of testing a system by using some tools, software, and scripts.  While humans take care of the manual testing, the input of human is removed here and scripts and other tools are given the liberty to take absolute control over the testing.

Some of the reasons why many software development companies prefer automated testing to manual testing include:

• Speed: This is definitely the first advantage of automated testing on the manual counterpart. While it will take days or weeks to fully test a program manually, automated testing will be through within a couple of hours. This saves time for the company. If the business lacks complex business rules, automated testing will be ideal in getting things done better and faster.
• Reliability: Manually testing a program exposes it to some minor human errors. A bug may be accidentally overlooked, leading to more problems in the long run. An automated testing will definitely spot such bugs and report them for correction. A great advantage too.

When testing is expected to be repetitive for a good number of times and manual testing is found inefficient, automated testing will adequately fill the vacuum. This testing method is also the best for if the company wants to perform regressions in testing, acts that will involve frequent code changes.

Testing a software program across different platforms may be impossible to be done manually. However, that can easily be done with automated testing. The testing technique can leverage its versatility to test the program across man platforms concurrently.

While these testing techniques may be useful in different circumstances, it is advisable that a software development company gets it right.  Making the wrong choice will lead to tons of unseen bugs that may impact negatively on the output of the program. If the right choice is made, it will spare them a lot of stress as bugs can easily be detected and corrected. This will lead to a better and more robust program that has a better success rate among users.

Mobile testing requires frameworks on which to successfully do your job and get accurate results. There are frameworks that you can specifically and seamlessly use for your testing projects because they have been tested and proven to work perfectly well. In this post, we shall quickly take a look at some of those frameworks.

What is a testing framework?

A testing framework otherwise known as testing automation framework is an execution environment where automated tests are carried out. It is the general system which helps n automating the tests.

A testing framework is the set of assumptions, concepts and practices that form a work platform or automated testing support.

Majorly, the works of the testing framework include:

• To define the format in which expectations are expressed
• Create a mechanism to hook into or drive the application being tested.
• Execute the tests as well as report the results.

Framework Architecture

To carry out mobile testing automation, a good mobile automation testing framework is required. Test cases can be built on top of the framework. Separation of mobile automation testing frameworks is done based on the mobile device’s operating system. We are going to be taking a look at two main types of mobile testing frameworks – iOS testing frameworks and Android testing frameworks.

Popular iOS Testing Frameworks

Different iOS testing frameworks are readily accessible in the market. But, we will discuss briefly some of them that are quite popular.

• FRANK-BDD for iOS: It is a great tool for doing end-to-end testing in iOS. FRANK enables you to use Cucumber to create acceptance tests and requirements.
• Zucchini: This is an open-source visual functional testing framework for iOS application that is performed on the concept of the APPLE UI Automation.
• Appium: Another open-source test automation framework is the Appium. It is the framework for testing native and hybrid apps as well as mobile web apps. Inside the framework is the Appium library functions which make calls to the Appium server that is running in the background and operates the device that is connected.
• UI Automation: The UI Automation is used for black-box tests (more typical functional tests), where you need to write code simulating a case where an end-user navigates your app. Apple provides UI Automation and it is also the framework it permits testers to use for their iOS functional testing.
• Calabash: This is a functional testing framework applicable to Android and iOS functional testing. It is quite easy to use and non-developers can use it to create functional tests.

Popular Android Testing Frameworks

Apart from the availability of iOS testing frameworks, there are Android testing frameworks that you can use for your Android devices. We will also examine the 5 popular ones below.

• Appium: This is an open-source framework for testing native, and hybrid apps as well as mobile web apps. We have already talked about it earlier.
• Robotium: Robotium is also an open-source testing framework which you can use to develop functional, system and acceptance scenarios.
• Selendroid: Though relatively new, Selendroid can very well perform Android functionality tests. It is similar to Robotium. It is easy to use this framework especially if you are knowledgeable in the use of Selenium.
• Calabash: We have already discussed this under the iOS testing above.
• UIAutomator: This is Google’s own testing framework. It enables you to perform an Advanced UI testing of games and native Android apps. Its Java library contains API that can be used in creating functional UI test, as well as an execution engine for running the tests.

Conclusion

If you are looking for trusted open-source testing frameworks for your mobile testing, any of the tools we mentioned above can do a nice job for you. Make use of them and expect to get perfect results.

The mobile phone has gradually taken over completely from the analog/desktop phones. Mobile phones are not only for receiving calls; they perform multipurpose functions – phone calls/reception, snapping of pictures, video recording, voice recording, SMS messaging, internet browsing, etc. You can see that we really cannot do without these little appliances.

The mobile phones, Smartphones, tablets, iPhones, and the rest that we have today are only as good as the Apps that they run on. This is why particular attention is paid to making sure that these Apps do not only meet international standards, but that are also free of viruses and malware that are likely to give users a headache.

What is Mobile Application Testing?

Mobile App testing is the act of subjecting mobile applications to tests over diverse platform combinations, networks, and operating systems to ascertain their quality and safety before they are released into the global market. Besides, apart from functional testing, non-functional testing such as usability testing, security testing, and other important variables are carried out. The main reason for Mobile Application Testing is to ensure that mobile Apps quality is progressively improved upon.

Types of Mobile App Testing

There are two main types of testing that are carried out on Mobile Apps – Hardware testing and Software testing (also known as Application testing).

1. Hardware testing

   The major things to test as far as hardware is concerned include internal hardware, internal processors, WIFI, Bluetooth, memory, radio, resolution, and camera. This kind of testing is also known as “Mobile Testing”.

2. Software Testing (Application testing)

   There is also a need to test the applications that are installed on the mobile devices as well as their functionality. This testing is referred to as “Mobile Application Testing”. The mobile applications also have some basic differences that we need to familiarize ourselves with:

   1. Native apps: These are created specifically for platforms such as tablets and mobile.
   2. Mobile web apps: They are server-side apps designed to be used on mobile to enable you gain access to websites with the use of browsers such as Firefox, Chrome, Explorer, etc through the connection to a wireless network (such as WIFI) or mobile network.
   3. Hybrid apps: This is a mixture of native apps and web apps. Hybrid apps either run offline or on devices. They are usually written with the help of CSS and HTML5 technologies.

Differences between native apps and mobile web apps

The few differences between these two apps include the following:

• Native apps have an affinity for a single platform but mobile web apps have an affinity for cross platforms.
• Installation is needed for native apps but mobile web apps do not usually require installations
• Installation of native apps is done on the app store or Google play store. Mobile web apps, on the other hand, are websites and can be accessed through the internet.
• Mobile apps are written in platforms such as SDKs, but mobile web apps are written with Java, CSS, asp.net, PHP and HTML technologies.
• Native apps are usually faster than mobile web apps
• You can update native apps from the app store or play store. Mobile web apps enjoy centralized updates.
• A lot of native apps do not need internet connection whereas mobile web apps must be connected to the internet.

Conclusion

Mobile App Testing gives credibility to the mobile apps that the phones make use of and help to increase the trust that people have on them regarding their safety, security, and usability.

Penetration testers sure need special testing tools to be able to do their jobs successfully. Of what use is it trying to do the job of a machine manually? Any attempt to do penetration testing manually leads to excessive time consumption and fatigue. This can on its own produce human errors.

There are several professional tools readily available for penetration testers to make use of in order to make their jobs faster, efficient and more accurate. Below is a list of five penetration testing tools that you can employ for your testing anytime you wish to.

• Metasploit
• W3af
• Netsparker
• Back Track
• Wireshark

 

Metasploit

Metasploit is the most popular and advanced framework for penetration testing. It is built on the ‘exploit’ concept, a code for surpassing security arrangement and gaining entry into certain systems. When it successfully enters the system, it executes a ‘payload’, a code which carries out operations on a machine it targets, thereby helping to generate the framework that is ideal for pen testing.

Metasploit can be used on networks, web applications, servers, and others. It also works on Microsoft Windows, Linux, and Apple Mac OS X. It comes with a line of command and a GUI interface that is clickable. The product is produced for commercial use.

 

W3af

This is an Audit Framework and Web Application Attack. It has a line of command and works on Apple Mac OS X, Microsoft Windows, and Linux. Its outstanding features include: it injects payloads into different types of HTTP requests, it integrates web and proxy servers into the code, and its HTTP requests are quite fast. You can download all versions of W3af for free.

 

Netsparker

Netsparker has a strong web application scanner that is able to discover vulnerabilities, suggest actions that would help fix them, and lots more. With this tool, you can exploit SQL injection and Local File Induction (LFI).

Netsparker has a line of command and GUI interface. It only works on Microsoft Windows. As a commercial product, you need to pay for it before gaining unrestricted access for its use. You can get a trial version on their official website.

 

Back Track

Back track is one of the best tools that can be used for Injecting and Packet Sniffing. In order to be able to use this tool effortlessly, you need to be an expert in TCP/IP protocol and networking. It has a new version known as Kali Linux, and it works on Linux machines only. There are free versions that you can easily use without cost.

 

Wireshark

Wireshark is a network protocol analyzer that has gained fame because of its ability to offer the smallest details regarding your packet information, network protocols, decryption, and the rest. With the help of a GUI or TTY-mode TShark utility, you can easily view the information retrieved through this tool.

Conclusion

The above-listed penetration testing tools are among the best you can find anywhere. They are quite trusted and are able to deliver quality, tangible results that would not be contested by any standard. So, you can try them to see how they really work.

The beauty of any software testing is your ability to track the progress being made. If you cannot track your progress, then it would be difficult to know how much success is being recorded and also when your set goal has been achieved. Here is an introduction about the Software testing progress tracking and its PDF tutorial version.

Software tracking involves everything we do as testers to measure the planned against the actual over time. The role we play will usually determine what we track. For instance, if it is for quality assurance, we will be interested in tracking the progress of test cases, defects, man-hours, and the rest. But if we are financial investors, our interest would be to track how much money has been spent. In a nutshell, tracking would involve anything that is connected to results and the efforts put into getting the results. Below are some of the things you would love to track.

Track Planned hours/Actual hours:

It is necessary to track what we planned for versus what eventually we ended up spending. This will help us determine whether we were able to achieve our goals within or outside the set time. Tracking man-hour will help us discover any deviations and also know why the deviations exist in the first place. It is possible that deviations could occur from only certain testers, and possibly with testers handling just a specific part of the software. There is also the possibility of deviations occurring on certain days of the week. Whatever form the deviation takes, it helps us to get useful information that could point to a specific type of problem, thereby providing a clue on how to handle them.

Track Man-hours/Test case executed:

Tracking man-hour versus test case executed is also important. There is always that desire to try and force down this aspect in order to reduce cost. However, we must always have it at the back of the mind that making this faster does not usually mean that you are going to have higher quality software.

Track Test cases executed/Planned:

If you want to ensure that you get the least amount done as far as executing our test cases, then there is the need to track the test cases executed versus the planned. If the cases are taking too long to execute regularly, then all is not well; a change is needed. Besides, going faster on a regular basis also indicates that something might be wrong with the test cases, especially when no defects are found or detected.

Track Test cases executed/Defects found:

This metric just shows how good our test cases are in regards to their ability to detect or find defects. When you run a test case and no defects are found, it does not translate to the fact that defects do not exist in the software. Same is true if you run a test case with a low ratio of defects found.

Conclusion

Tracking software testing progress is necessary in order to know whether the set target is met or not. It also enables testers to detect when there are defects that need to be corrected.

Do you know that several millions of WordPress sites are hacked daily? As bogus as the number may seem, WordPress sites are not the only sites that are attacked by hackers, other sites and personal computers equally are. One reason why some of these sites get so easily hacked is because a “penetration testing” wasn’t done to ascertain the level of vulnerability.Here is an overview about Penetration testing, why it necessary, types and steps involved etc. Also refer the PDF tutorial version.

What is penetration testing?

Penetration testing otherwise referred to as “pen testing” or “security testing” is the act of attacking your own or your clients’ IT systems to mimic an attack by a hacker, in order to detect security flaws within the system and then take appropriate measures to get them fixed.

Before carrying out a penetration testing

It should be noted that hacking is illegal in most countries and it attracts serious punishment if one is caught hacking into another person’s system. Therefore, before performing penetration testing, it is required that you inform the owner of the IT system about what you intend to do, and be sure that he/she grants you the ‘Go ahead’.

Why penetration testing is necessary

Penetration testing is necessary for the following reasons:

• Penetration testing is needed to guarantee the security of data in the financial sectors like stock trading exchanges, banks, and Investment banking.
• Doing penetration testing proactively is the best way to ensure your system is not hacked.
• In a situation whereby the software system has already been hacked, penetration testing becomes the best way to determine whether there are still loopholes that potential hackers can cash in on to repeat a future hack.

Types of penetration testing

Essentially, there are three types of penetration testing. The type of test carried out depends on the type of attack that is anticipated from within or from without. The three types of testing include

• Black Box Testing
• White Box Penetration Testing
• Grey Box Penetration Testing

In a black box testing, the tester has no prior knowledge of the system he is to test. He does the collection of data about what is to be tested by himself.

In white box penetration testing, the complete information that the tester needs to perform the test is provided to him. It is intended to mimic an attack from an insider or an employee.

In grey box penetration testing, partial knowledge of the system is provided to the tester. This is taken as an attack by an external hacker who has already gained unpermitted access to the database of an organization.

Steps in penetration testing

In order to effectively perform a penetration testing, the following activities are required:

1. Planning phase
   • To determine the scope and strategy of the test
   • The scope is defined through existing security policies and standards
2. Discovery phase
   • All necessary information – data, usernames, passwords, etc are collected. This is equally referred to as FINGERPRINTING
   • Scan, as well as probe into the ports
   • Check the system for vulnerabilities
3. Attack phase
   • Get necessary security privileges and then look for exploits for the various vulnerabilities
4. Reporting phase
   • Your report must contain comprehensive discoveries
   • Risks of vulnerabilities detected and the possible impact on business
   • Advice and solutions (if there are any)

Conclusion

Penetration testing is ‘a must’ for any business that wishes to operate in a healthy and risk-free environment. It is the best way to act proactively to keep your databases free from attacks.