-
Mobile App Security Testing – Static Analysis Overview
Introduction The mobile industry is booming like never before. This has created a number of types of mobile devices, mobile OS. The mobile boom is not without its risks. Developer generally creates application from a “functionality first” perspective, but with security as a low priority. This is an unfortunate reality. In fact, using mobile devices […]
-
OWASP ZAP – add-ons that will enrich your discovery
In this article i will refer to number of add-ons that i think may help enrich the vulnerability discovery and also give a clear understanding about the system under test. First of all what is OWASP ZAP? Zap is a famous open source automated pen testing tool , created and maintained by the OWASP community. […]
-
API Security Testing With Postman and OWASP Zap
Most of the content around API testing is about functional testing or recently about API automation testing , so what about Security Testing? We’re going to use Postman and consume our existing collections. The idea here is to send the Postman requests to OWASP Zap to be able to start automated pen-testing. Why? Sometimes we […]
-
Web performance testing – an overview (presentation)
During 2021 I’ve presented this presentation different times to a different crowds in a different regions. In this presentation I was trying to knock different doors that are related to performance testing without digging deeper , giving the audience the freedom to search and decide which part is more important to them to look into. […]
-
Running performance tests from the cloud , why?
Does it necessary , why , for what cost and limitations ,all these questions are valid and make totally sense. Let me first define what is meant by running performance tests from the cloud , in the simple form it is running performance test scripts from a rented virtual machine(s) from a cloud service provider […]
-
Performance Tuning – A Team Effort
Days ago, I was discussing the idea of performance tuning with a number of fellow testers and the discussion direction was heading mainly towards the responsibilities than the methodology. The main question was who is responsible for the performance tuning? I think we have to define what is performance tuning in the beginning, Performance tuning […]