How to View URL Query Parameters using Browser Dev Tools

Mar 2, 2019 - 1 minute read - Software Testing Technical Testing Web Testing Evil Tester

I was testing a system that created particularly long URLs that were hard to read because there were so many query parameters. I needed a way to fix that.


How to Write a Chrome Extension from JavaScript Snippets code

Feb 28, 2019 - 4 minute read - Evil Tester JavaScript Chrome Extension

Writing a Chrome Extension is pretty easy (getting it in the Chrome Store is much harder!). In this post I will take the snippet code I wrote to generate CounterStrings and convert it into a Chrome Extension.


A Deep Dive investigation of a HTML search button bug in Github

Feb 28, 2019 - 4 minute read - Software Testing Technical Testing Web Testing Evil Tester Exploratory Testing

During the investigation of a CounterString GitHub search issue, I noticed that the search button displayed for the form I was using did not trigger the search functionality when pressed. In this post I investigate that.


A Deep Dive investigation of a live bug in Github

Feb 27, 2019 - 9 minute read - Software Testing Technical Testing Web Testing Evil Tester JavaScript Exploratory Testing

When we find a bug in a system we have to make sure we can isolate it and also reduce the risk that our approach caused the bug, rather than the system having a bug.


Demo of CounterStrings in Action finding a live bug in Github

Feb 26, 2019 - 2 minute read - Software Testing Technical Testing Web Testing Evil Tester JavaScript Exploratory Testing Chrome Extension

CounterStrings are an underused technique. Primarily because there are not a lot of tools that implement it. In this blog post I explain how you can use them from within your browser, and as a bonus, using them to find a bug in Github.


Which is easier QA Engineer, Software Developer or QA Automation Engineer? Quora Answer

Feb 25, 2019 - 3 minute read - Quora Test Automation Security Testing

Q: Which is easier, being a QA engineer or a software developer? I’m terrible at coding and I’m debating on switching to being a QA automation engineer.


CloudApp Tool Review for Testing and Consultancy

Feb 22, 2019 - 3 minute read - Software Testing Evil Tester Tools Exploratory Testing

I use a variety of screenshot tools in my work and for sharing the images, animated gifs, movies and pretty much any file, I use CloudApp.


JavaScript Tutorial Creating a CounterString tool in Chrome Browser Dev Tools Snippets

Feb 19, 2019 - 5 minute read - Software Testing Technical Testing Web Testing Evil Tester JavaScript Exploratory Testing Chrome Extension

I often talk about automating tactically and strategically. When we automate tactically we do what it takes to get the job done for us. When we automate strategically we build for the long term.

The same is true for programming tools. We can start small and tactical and scale strategically. In this example I create a Counterstring tool.


What is the best fuzzer (automated software testing tool) to find 0-days? Why? Quora Answer

Feb 13, 2019 - 1 minute read - Quora Technical Web Testing Security Testing

Q: What is the best fuzzer (automated software testing tool) to find 0-days? Why?

A:

0-day is a very broad statement.

I tend to use the payload fuzzers in BurpSuite and OWasp Zap Proxy, but these require me to identify the target that I’m testing, and the appropriate data scope and range to fuzz.


When getting rid of a browser, what are the advantages of using taskkill.exe over close method in Selenium? Quora

Feb 13, 2019 - 2 minute read - Quora WebDriver Test Automation

Q: When getting rid of a browser, what are the advantages of using taskkill.exe over close method in Selenium?

A:

I can’t really think of any advantages to using taskkill.exe over a close or quit method in Selenium.