Exploratory Testing & SBTM

Adhoc Testing:  Learn the application then test it.
Exploratory Testing:  Test the application while learning (or) tester test a application by exploring with his previous experience and based on the application tester writes test cases.
Example:
If a QA is asked to test an application without any concrete documents.
Adhoc: Gather information about the app from all possible sources and document and then test.
Exploratory: Gather, Document and Test the application simultaneously.
--------------------------------------------------------------------------------------------------------------
About SBTM - Session Based Test Management ?

• For each session, a session sheet is made. The session sheet consist of the mission of testing, the tester details, duration of testing, the TBS metrics along with the data related to testing like the bugs, notes, issues etc.
• Data files if any used in the testing would also be enclosed.
• Data collected during different testing sessions are collected and exported to Excel or some database.
• All the sessions, the bugs reported etc can be tracked using the unique id associated with each
• This is easy for the client as well to keep track.
• This concept of testers testing in sessions and producing the required output which are traceable is called as Session based test management.

A session can be broadly classified into three tasks (namely the TBS metrics).

• Session test up: Time required in setting up the application under test.
• Test design and execution: Time required scanning the product and test.
• Bug investigation and reporting: Time required finding the bugs and reporting to the concerned.

The entire session report consists of these sections:

• Session charter (includes a mission statement, and areas to be tested)
• Tester name(s)
• Date and time started
• Task breakdown (the TBS metrics)
• Data files
• Test notes
• Issues
• Bugs

About Mantra Browser

Basically mantra is nothing but a collection of free and open source tools integrated into a web browser, which can become handy for students, penetration testers, web application developers, security professionals etc. It is portable, ready-to-run, compact and follows the true spirit of free and open source software.

Mantra can be very helpful into all the phases of hacking attack like fingerprinting, enumeration and scanning, gaining access and covering tracks etc.
It contains a list of tools that are used by developers and debuggers, so mantra can be used for attacking as well as defensive way.

Mantra is available on backtrack 5, you can get it by click on Applications-->Backtrack-->Vulnerability assessment-->Vulnerability scanner-->Mantra
It is a user friendly,portable and GUI framework, you can carry it on flash drives and CD/DVD. It is a cross operating system framework that can be run on windows, Linux and MAC as well. It is a open source project so it is available on free of cost.

WCF Test Client

WCF Test Client  is an automation tool to test WCF service testing .It is inbulid in VS 2010 .  ( C:\Program Files (x86)\Microsoft Visual Studio 10.0\Common7\IDE\WcfTestClient.exe )
http://blogs.msdn.com/b/rjacobs/archive/2011/09/23/using-the-wcf-test-client-to-test-your-workflow-service.aspx

http://www.dotnetfunda.com/articles/article816-understanding-the-basics-of-wcf-service-.aspx

What is WCF?
·         WCF stands for Windows Communication Foundation.
·         WCF is advanced API (Application Programming Interface) for creating distributed applications using .NET framework.
·         It is introduced in .NET 3.0.
·         Distributed system in its simplest form is two executable running and exchanging data.
·         WCF API is found in System.ServiceModel namespace.
·         WCF is based on basic concepts of Service oriented architecture (SOA)

How to test WCF service by using Visual Studio 2010 – WCF Test Client tool ?

"WCF Test Client" is a automation tool to test the WCF Service. It is in build tool in Visual studio 2010.By default, you cannot see the WCF Test Client option in VS2010.

So we have to add this tool by using below steps :

·         Open the Visual Studio 2010

·         Go to "Tools" menu

·         Click the “External tools”

·         click Add button

·         Provide a name “WCF Test Client” (any name) in Title field

·         Browse the WcfTestClient.exe from the path  “C:\Program Files\Microsoft Visual Studio 10.0\Common7\IDE\WcfTestClient.exe”

·         click OK.

Now you can see the name (you provided) under the Tools menu.

Open the tool by selecting the menu Tools > WCF Test Client. The tool looks to be very simple to use. Just by right-clicking the option “My Service project”, it will prompt for the service URL. (Ex. http://localhost/applicationService/service1.svc). After adding the service URL, it will list out all the methods in the service on the left-side panel.

In order to Invoke the method, double-click any method it will list the details of the request like (Name, Value, Data Type).

To get the results/response, check the option “Start a new proxy” and click Invoke. It will display the results/response.

So now, while trying to invoke a particular method, I got the below exception like

"The maximum message size quota for incoming messages (65536) has been exceeded. To increase the quota, use the MaxReceivedMessageSize property on the appropriate binding element."

After googling, I found a solution like:

In the Client.config file, navigate to the section “binding name” and increase the value for the attributes maxBufferSize and

maxReceivedMessageSize to “2000000”.By Default, MaxBufferSize = “65536”

By default, it will prompt to reload the service and you have to click Yes/Ok. Now invoke the method, it will display the result..

 Service1.svc.cs

      using System;
using System.Collections.Generic;
using System.Linq;
using System.Web;
using System.Web.Services;

namespace WCF_Service_sample_application
{
    /// <summary>
    /// Summary description for Service1
    /// </summary>
    //[WebService(Namespace = "http://tempuri.org/")]
    //[WebServiceBinding(ConformsTo = WsiProfiles.BasicProfile1_1)]
    //[System.ComponentModel.ToolboxItem(false)]
    // To allow this Web Service to be called from script, using ASP.NET AJAX, uncomment the following line.
    // [System.Web.Script.Services.ScriptService]
    public class Service1 : IService1
    {

        public string Add(int a, int b)
        {
            string c = string.Empty;
            c = (a + b).ToString();
            return c;

        }

        public int Multiple(int a, int b)
        {         
            return a*b;
        }

        public int subtract(int a,int b)
        {
            return a - b;
        }

        public int divide(int a, int b)
        {
            return a / b;      
        }
        //[WebMethod]
        //public string simpleMethod(String srt)
        //{
        //    return "Hello " + srt;
        //}

        //[WebMethod]
        //public int anotherSimpleMethod(int firstNum, int secondNum)
        //{
        //    return firstNum + secondNum;
        //}

    }
}

  IService1.cs

      using System;
using System.Collections.Generic;
using System.Linq;
using System.Runtime.Serialization;
using System.ServiceModel;
using System.ServiceModel.Web;
using System.Text;

namespace WCF_Service_sample_application
{
    // NOTE: You can use the "Rename" command on the "Refactor" menu to change the interface name "IService1" in both code and config file together.
    [ServiceContract]
    public interface IService1
    {

        [OperationContract]
        string Add(int a,int b);

        [OperationContract]
        int Multiple(int a, int b);

        [OperationContract]
        int subtract(int a, int b);

        [OperationContract]
        int divide(int a, int b);
        //[OperationContract]
        //CompositeType GetDataUsingDataContract(CompositeType composite);

        // TODO: Add your service operations here
    }