Sunday, 30 April 2017

Open Source Automation tool - SAHI

Hi Friends,
Thank you for visiting my blog. Today, lets see another open source tool -SAHI.

 SAHI is a web automation tool which is easy to use and helpful for cross browser as well as multi browser testing. SAHI works with any installed browser which supports JAVA scripts. It helps automating web applications which have AJAX and Dynamic web elements.

SAHI has a dashboard i.e. friendly user interface to Select available browsers and links to various operations. SAHI controller is useful for record and play back. It uses SAHI, JAVA or Ruby for the same.

The idea of SAHI is to inject JAVA script into webpages and create event handlers. SAHI uses own wrappers to identify elements in DOM.

SAHI helps creating functions from the recorded script with just a click on the button. Creating library files for our automating test becomes easier.SAHI scripts can be executed on one browser, multiple browser or even on distributed machines. The most interesting part of execution is parallel run of the automated scripts. This feature makes it far more advance to test multiple scripts at the same time.

This tool automatically adds wait for AJAX and dynamic controls so that the script will work smoothly. SAHI Pro also works with FLEX controls on the web pages. Screenshot capture is an inbuilt feature of tool hence no need to write a single line of code.  Also, it provides all types of reports in form of Excel and HTML. Email feature can be used to send out reports after each execution.

SAHI provides ANT script which we can add to deploy and can integrate with JENKINS like CI tools. This integration is simple.

SAHI OS is free for lifetime, however SAHI Pro is free for one month only. SAHI Pro costs $695.

The installation and setup is simple. Please find a free demo and check the tool on the following links -

https://sahipro.com/docs/using-sahi/quick-tutorial.html
http://sahipro.com/request-a-demo/ 

Sunday, 15 January 2017

Selenium for Desktop Application - Winium

Wish you all Happy New Year 2017. This year, I am planning to bring more tools, techniques and frameworks for all my readers.

I have few requests around the Windows based application automation which will be as simple as Web based automation using Selenium. Hence I thought of writing this post on "Winium" which is  "Selenium for Desktop Application - Winium"

Winium is simply Selenium Remote WebDriver  implementation for testing Windows based application. Winium can be useful for Windows based application based on WinForms and WPF platforms. We need other drivers as well if the Application under test is Silverlight application. However the control positions can be the best option for some of the tricky applications.

So when we are working on the complex applications pool under test and do not want license tools to complete the test automation requirement for Windows, Web and Mobile then we can consider Selenium for all in different forms. Hence for Windows - Winium, Web - Selenium WebDriver and for Mobile Appium.

As Selenium supports Java, C#, PHP, Ruby, Python like languages, Winium also supports. As we have seen that Winium desktop driver implements Selenium Remote WebDriver and listens for JsonWireProtocol and use Winium Cruciatus, Winium Cruciatus is a C# framework for WinForms and WPF Platforms.

Now, we have option to use core C# framework using Winium.Cruciatus or Selenium WebDriver remote using Winium.Desktop. Here the difference is the prior helps to write a code in C# using System.Windows.Automation namespace and the later helps to write the automation script in Selenium supported languages.

As WebDriver implementation is simple, lets talk about core C# implementation using Winium. Cruciatus wrapper on the System.Windows.Automation namespace.  First we need to add the reference to the project and then we need to create the mapping. Once the mapping  is created use the mapping in tests. Its simple.

Please refer example here -
https://github.com/2gis/Winium.Cruciatus/tree/master/src/TestApplications.Tests

Happy Automating Desktop Applications!

Sunday, 20 November 2016

Selenium Automation Framework

Selenium automation is one of the biggest favourite for automation testers. One of the key factor to deliver the automation work is to build the required framework which will reduce the time to maintain the automation scripts.

Lets find out what is Selenium automation framework in this post.

Selenium Automation Framework is setting standards to make the development, maintenance and operations simple. In other words any one who wants to run the scripts and analyse the results should not see any complexities in operations. All the complexities will be hidden in a logic and the libraries.

The first step is to find out about the application feasibility. This is very essential, remember Selenium works only with web applications and any windows based alerts will not be handled using webdriver. Autoit kind of tools are required to handle such alerts. So for any project to be successful the feasibility  study is must.

Next important step is to study the application flow. Straight forward steps and exceptional steps will be noted down and segregated. The requirement of test data for the steps are identified. Such data is more and follows the same steps each time then we will start thinking about data driven automation. Data driven steps are identified if certain type of data decides the flow and with all different sets of data the same steps are executed which results in different sets of outcome requires data driven framework.

We also need to decide how the reporting should be done. Most simple reports are biggest advantage of framework however they are most complex to build in many cases. The tools for reporting like TestNG and Junit are widely used. However if you have enough time and demand for some specific reports then HTML reports are very useful.

Now we know the framework for the project and reporting needs. We can start building library functions. These functions are as simple as opening client site, clicking on button and entering data in text field. The basic control should be targeted first.

Another important step is to create the driver and decide how do you want to call the scripts. All the library functions and client scripts should take values from property files only. This way we can make sure that the same function can be used for different operations.

Hope the above information gives basic idea of the selenium automatio framework. I will be waiting to hear from all of you.


Happy framework designing.

Saturday, 12 November 2016

Security Testing

This post is dedicated to the specialised branch of software testing - Software Security Testing.

Before we get into Software Security Testing which is always part of Non Functional Testing unit we will see what are the types of Software Threats -

1. Brute Force Attack

Brute Force Attack is a vital information guessing technique. In this process automated system generates many combinations of user password or pin (personal identification number) to get into the business machines with the intention of stealing the data. These attacks are crafted very carefully so that automated system should get the access to the business systems quickly.

2. Denial of Service

This type of attack is on the critical business systems like bank, payment gateways, booking sites or critical news boards. The intention of this attack is to stop users to access the application. The attack is usually  done by the automated system by creating virtual users in exponential process with the intention of blocking available bandwidth of server to deny access to any users who need information.

3. SQL Injections

SQL Injections are the SQL queries to read, modify or delete business critical information stored in the database  using presentation layer. These attacks are easy and can be planned quickly. However these attacks are most of the time risky attacks and easy to track down.

4. Trojan Attacks

Trojan attacks are most common and easy to find. In these attacks users are presented with some of the interesting tasks like disk back up, disk fragmentation or memory management and at the background  automated scripts are executed to steal information. These attacks are successful if the user follows instructions given on the websites without confirming with the security teams.


5. Fishing

These attacks are usually crafted by sending out emails to mass users. These emails are lottery, charity or some business proposals. Users fall for this type of invitations because the offer is very lucrative and directly comes to the email inbox. The email comes with some kind of URL to hit or buttons or images to click the confirmation so that users get trapped.


Now we understand the possible attacks and threats to the business so the first task is to create test strategy to find out, in our client's business such vulnerabilities are present and if present raise an issue to fix them before the business application starts handling the user information or business critical information.

Except the fishing attack all other types of attacks are tested using penetration tools. For fishing attack we usually inform the staff and add email scanners to scan the emails coming into the business network and going out of the business network.

Open source tools used for testing above attacks are Aircrack-ng, Automatic backholing, SQLMap, pfSense and Gophish respectively.

Enjoy Security Testing!

Saturday, 5 November 2016

Mobile Testing



Mobile testing or Mobile Application Testing is a complex and time consuming process. Due to the immense pressure of quicker delivery to the market, it is more critical to complete the task in less time. Let’s find out, what Mobile Application Testing is all about. 

Mobile application testing is a process where mobile application is tested for usability, functionality and consistent performance. Mobile testers use Mobile emulators to test the mobile applications. Mobile emulators help to test the application on different devices without having physical mobile phones present to test. Remember all mobile devices are on different platforms with different screen sizes.

Screenfly and CrossBrowserTesting are two easy to use screen emulators to test the mobile application. These emulators provide screens with different sizes and with different platforms like iOS and Android.

The mobile application testing can be manual or automated, however all new mobile applications usually tested manually and then through automation. The usability, application GUI, functionality are tested manually and automation is applied to performance and testing the mobile application on various devices. If the application is web application and accessible through a browser on the phone then the testing will be different. Testing mobile application which requires application installation on mobile device will be tested using multiple emulators and hence requires automation.
  
MonkeyTalk is one of the open source automation tool which is very handy to automate functional tests for iOS and Android applications. We can create data- driven tests using MonkeyTalk.

Monkey is an automation tool which runs on Android emulators and creates user events like clicks, touches or gestures.

So from the above description, we have identified that mobile application testing requires manual as well as automation testing. Due to the complex nature and many mobile devices available in the market, mobile application testing requires skills and detailed manual and automation plan.

Hope this information will help who wants to enter in mobile application testing.

Happy Mobile Testing!

  

Monday, 31 October 2016

Automating using TestComplete

During Diwali, few of my friends discussed about the UFT automation tool and asked me to provide my review on any other tool which can be used for desktop, web and mobile automation. Hence I thought of writing this post on Smart bear - Test Complete.

One of my project required quicker automation to support desktop and web automation at the same time hence we reviewed the Test Complete and created the regression automation suite.

Test complete  supports JavaScript, Python, VB Script, JScript, Delphi Script, C++Script, and C#Script to create tests, however we decided to use VB Script and keyword driven framework.

 Test complete comes with Jenkins plugin which is helpful to create regression automation suite for continuous integration and delivery (CI and CD).

Another feature we liked about the tool is integration with Tortoise Subversion. The SVN is widows integrated versioning tool.

Test Complete provides built in test visualizer to capture the screenshots and object run time properties. This feature helps to understand the run time behavior of application feature.

In addition to the available plugins we can build our own plugins to support various applications. We can also create our own customized check points to verify if application with changes is working as expected.

Test Complete allows to run multiple test at the same time for desktop, web and mobile applications.

The last but definitely not the least part of tool is reporting capabilities. Test complete generates informative and easy to understand reports. We can create custom reports easily.

This automation tool for me is very easy to use tool with lot of inbuilt features and  add ins.

Keep Exploring!
    

Saturday, 22 October 2016

Salesforce Automation using Selenium

Salesforce is a Software as a Service (SaaS) application. This application is cloud based and from automation it is simple web based application.

Salesforce comes with an option as Sales cloud, Service cloud or Marketing Cloud. For simplicity of this post we will limit it to Sales cloud (CRM - Customer Relationship Management). This is commonly called as SFDC - Salesforce dot com.

Selenium webdriver is useful to automate, however the application uses iframe and CSS. Hence it is essential to first find out which element properties we will be using.

Salesforce has dynamic elements and hence during automation it is always challenging to identify the correct properties and then checking the modified properties to use them. The Salesforce testing is completely depends on the quality test data. Hence in automation before we run our scripts we need to generate sufficient but quality test data. In addition, we need to remove it after execution is complete.
This way we make sure that each time Selenium script will run, it will get the right data and right elements properties.

We usually run the test data as a part of our scripts to generate the case ids. Once all the required and sufficient test data is generated, scripts will run with the scenarios and validations. After completion of execution the last part of the scripts will have cleaning up activity. This will make sure that we can use the same data generation scripts in future as well.

The driver script is required which will be called by the test runner after initialization. So before we call the driver script to run the business flows we need to place our test data generation scripts. And at the end of each business flow, we need to run the clean up script.

This application is simple and straight forward, however for automation using Selenium the major challenge is its dynamic elements and changing properties. e.g Name of the element present on the page changes as soon as it gets data filled in its other controls. This creates issue for the automation engineer who has created script using static values. The first time execution itself fails and requires to put some logic behind identifying such elements. Here we need to decide which locators we will use and for most of such dynamic controlls the best solution is to take them out in property files.

If the above considerations are already in place then the Selenium webdriver is the best and quickest automation tool for Salesforce Automation.

Keep Automating!