Saturday, August 16, 2008

Software Testing

Non Functional Testing
Posted by at No comments:

Wednesday, July 30, 2008

Security Testing

Security Testing: (The) Process to determine that an IS (Information System) protects data and maintains functionality as intended.

The six basic security concepts that need to be covered by security testing are: confidentiality, integrity, authentication, authorization, availability and non-repudiation.

Authentication
Brute Force:
A Brute Force attack is an automated process of trial and error used to
guess a person's username, password, credit-card number or
cryptographic key.

Insufficient Authentication:
Insufficient Authentication occurs when a web site permits an attacker to
access sensitive content or functionality without having to properly
authenticate.

Weak Password Recovery Validation:
Weak Password Recovery Validation is when a web site permits an
attacker to illegally obtain, change or recover another user's password.

Authorization

Credential/Session Prediction:
Credential/Session Prediction is a method of hijacking or impersonating a
web site user.

Insufficient Authorization:
Insufficient Authorization is when a web site permits access to sensitive
content or functionality that should require increased access control
restrictions.

Insufficient Session Expiration:
Insufficient Session Expiration is when a web site permits an attacker to
reuse old session credentials or session IDs for authorization.

Session Fixation:
Session Fixation is an attack technique that forces a user's session ID to
an explicit value.

Client-side Attacks

Content Spoofing:
Content Spoofing is an attack technique used to trick a user into believing
that certain content appearing on a web site is legitimate and not from an
external source.

Cross-site Scripting:
Cross-site Scripting (XSS) is an attack technique that forces a web site to
echo attacker-supplied executable code, which loads in a user's browser.

Command Execution

Buffer Overflow:
Buffer Overflow exploits are attacks that alter the flow of an application by
overwriting parts of memory.

Format String Attack:
Format String Attacks alter the flow of an application by using string
formatting library features to access other memory space.

LDAP Injection:
LDAP Injection is an attack technique used to exploit web sites that
construct LDAP statements from user-supplied input.

OS Commanding:
OS Commanding is an attack technique used to exploit web sites by
executing Operating System commands through manipulation of
application input.

SQL Injection:
SQL Injection is an attack technique used to exploit web sites that
construct SQL statements from user-supplied input.

SSI Injection:
SSI Injection (Server-side Include) is a server-side exploit technique that
allows an attacker to send code into a web application, which will later be
executed locally by the web server.

XPath Injection:
XPath Injection is an attack technique used to exploit web sites that
construct XPath queries from user-supplied input.

Information Disclosure

Directory Indexing:
Automatic directory listing/indexing is a web server function that lists all of
the files within a requested directory if the normal base file is not present.

Information Leakage:
Information Leakage is when a web site reveals sensitive data, such as
developer comments or error messages, which may aid an attacker in
exploiting the system.

Path Traversal:
The Path Traversal attack technique forces access to files, directories,
and commands that potentially reside outside the web document root
directory.

Predictable Resource Location
Predictable Resource Location is an attack technique used to uncover
hidden web site content and functionality.

Logical Attacks

Abuse of Functionality:
Abuse of Functionality is an attack technique that uses a web site's own
features and functionality to consume, defraud, or circumvents access
controls mechanisms.

Denial of Service:
Denial of Service (DoS) is an attack technique with the intent of
preventing a web site from serving normal user activity.

Insufficient Anti-automation:
Insufficient Anti-automation is when a web site permits an attacker to
automate a process that should only be performed manually.

Insufficient Process Validation:
Insufficient Process Validation is when a web site permits an attacker to
bypass or circumvent the intended flow control of an application.
Posted by at No comments:

Bug Life Cycle

Introduction:

Bug can be defined as the abnormal behavior of the software. No software exists without a bug. The elimination of bugs from the software depends upon the efficiency of testing done on the software. A bug is a specific concern about the quality of the Application under Test (AUT).

Bug Life Cycle:

In software development process, the bug has a life cycle. The bug should go through the life cycle to be closed. A specific life cycle ensures that the process is standardized. The bug attains different states in the life cycle. The life cycle of the bug can be shown diagrammatically as follows:

The different states of a bug can be summarized as follows:

1. New
2. Open
3. Assign
4. Test
5. Verified
6. Deferred
7. Reopened/Fail
8. Duplicate
9. Rejected
10. Closed



Description of Various Stages:

1. New: When the bug is posted for the first time, its state will be “NEW”. This means that the bug is not yet approved.

2. Open: After a tester has posted a bug, the lead of the tester approves that the bug is genuine and he changes the state as “OPEN”.

3. Assign: Once the lead changes the state as “OPEN”, he assigns the bug to corresponding developer or developer team. The state of the bug now is changed to “ASSIGN”.

4. Test: Once the developer fixes the bug, he has to assign the bug to the testing team for next round of testing. Before he releases the software with bug fixed, he changes the state of bug to “TEST”. It specifies that the bug has been fixed and is released to testing team.

5. Deferred: The bug, changed to deferred state means the bug is expected to be fixed in next releases. The reasons for changing the bug to this state have many factors. Some of them are priority of the bug may be low, lack of time for the release or the bug may not have major effect on the software.

6. Rejected: If the developer feels that the bug is not genuine, he rejects the bug. Then the state of the bug is changed to “REJECTED”.

7. Duplicate: If the bug is repeated twice or the two bugs mention the same concept of the bug, then one bug status is changed to “DUPLICATE”.

8. Verified: Once the bug is fixed and the status is changed to “TEST”, the tester tests the bug. If the bug is not present in the software, he approves that the bug is fixed and changes the status to “VERIFIED”.

9. Reopened/Fail: If the bug still exists even after the bug is fixed by the developer, the tester changes the status to “REOPENED” or “FAIL”. The bug traverses the life cycle once again.

10. Closed: Once the bug is fixed, it is tested by the tester. If the tester feels that the bug no longer exists in the software, he changes the status of the bug to “CLOSED”. This state means that the bug is fixed, tested and approved.

While defect prevention is much more effective and efficient in reducing the number of defects, most organization conducts defect discovery and removal. Discovering and removing defects is an expensive and inefficient process. It is much more efficient for an organization to conduct activities that prevent defects.

Guidelines on deciding the Severity of Bug:

Indicate the impact each defect has on testing efforts or users and administrators of the application under test. This information is used by developers and management as the basis for assigning priority of work on defects.

A sample guideline for assignment of Priority Levels during the product test phase includes:

  1. Critical / Show Stopper — An item that prevents further testing of the product or function under test can be classified as Critical Bug. No workaround is possible for such bugs. Examples of this include a missing menu option or security permission required to access a function under test.
    .
  2. Major / High — A defect that does not function as expected/designed or cause other functionality to fail to meet requirements can be classified as Major Bug. The workaround can be provided for such bugs. Examples of this include inaccurate calculations; the wrong field being updated, etc.
    .
  3. Average / Medium — The defects which do not conform to standards and conventions can be classified as Medium Bugs. Easy workarounds exists to achieve functionality objectives. Examples include matching visual and text links which lead to different end points.
    .
  4. Minor / Low — Cosmetic defects which does not affect the functionality of the system can be classified as Minor Bugs. Examples are spelling mistakes.

Guidelines on writing Bug Description:

Bug can be expressed as “Result followed by the action”. That means, the unexpected behavior occurring when a particular action takes place can be given as bug description.

  1. Be specific. State the expected behavior which did not occur - such as after pop-up did not appear and the behavior which occurred instead.
  2. Use present tense.
  3. Don’t use unnecessary words.
  4. Don’t add exclamation points. End sentences with a period.
  5. DON’T USE ALL CAPS. Format words in upper and lower case (mixed case).
  6. Mention steps to reproduce the bug compulsorily.

Posted by at No comments:
Subscribe to: Posts (Atom)