Category: How-To
-
Convert Postman Collection to Apache JMeter (JMX)
Hey! , i know that you had thoughts about it before , so am i. What if i want to move my API collection to JMeter to start a performance test run. Should i do it manually , or use the JMeter “Test Script Recorder”. i am here to offer two solution , but in…
-
[DAST] Dynamic Application Security Testing , Tools and examples
![[DAST] Dynamic Application Security Testing , Tools and examples](https://thetesttherapist.files.wordpress.com/2022/08/web-application-penetration-testing.jpg?w=1024)
DAST stands for “Dynamic Application Security Testing” , it means analyzing a web application through the front-end to find vulnerabilities through simulated attacks. This type of approach evaluates the application from the “outside in” by attacking an application like a malicious user would. In this kind of testing you can try attacks like SQL injection…
-
API Security Testing With Postman and OWASP Zap
Most of the content around API testing is about functional testing or recently about API automation testing , so what about Security Testing? We’re going to use Postman and consume our existing collections. The idea here is to send the Postman requests to OWASP Zap to be able to start automated pen-testing. Why? Sometimes we…
-
Performance Testing background noise – What , why and how?
The main goal for any Performance Test Engineer is to make the perfect simulation , because this will lead to accurate test results and that’s what we need from this kind of test. What is background noise? The idea is to record and play some users behaviors which is not meant to be measured or…
-
Forecasting Number of users in performance testing
How many users should be applied in our performance tests ? in a previous article we discussed some ways that may simplify the process of setting system SLA , so if we can say that we have now our SLA or simply what is the response time we are hoping to operate under , what…
-
Availability Testing | what , how and why?
A while ago , a colleague of mine was asking me about the availability test and my first answer was , do you mean soak/endurance test? , but I was wrong , both tests have something in common but they are totally different in the objective of the test. What is Availability Testing? As a…
-
How to Set your performance testing acceptance criteria
This is always a question for people who are doing performance testing (as a general term) for the first time and also those who don’t have a specific performance requirements. What numbers to compare to? what are the current response time means? is it good or bad? How to set an acceptance criteria? All the…
-
How to add security checks to your manual / automation test suite
Let me tell you that you can have a basic / moderate security checks in your manual test suite by extending your test cases in two different areas : Input validation Authentication Most of test suites if not all of them are already testing the sections mentioned above but mostly just a basic checks like…
-
Performance Test Script Validation – Why & How?
The main goal for any performance test script simply is to work , but is this enough? I mean is it enough that your script has no errors ? No errors do not mean that your script is working flawlessly , you may get a 200 response code but the script functionality is not working…
-
How to write data from JMeter response to a csv file
I though about it when i wanted to execute a data prepration script to generate some system ids and use them in a another script , but how can i get a certain value from the response and write to a file , CSV file specifically. In this post i will tell you how i…
The Test Therapist 