Software Testing Tools Blog – Testertools

FaSur Technologies has officially released the automated software testing tool, Lorica Version 3.0.

The first release already has been used with clients in higher education, health care, social media and insurance.

Lorica ATS can test on any web application and is compatible on all major web browsers (like Chrome, Firefox, Internet Explorer and Safari). The Lorica testing tool is available in two pricing models: Licensing and TaaS (Testing-as-a-Service).

Micro Focus is focusing on performance testing of mobile web applications through SilkPerformer, a software application performance testing solution. <

”Micro Focus SilkPerformer offers simulation capabilities for a variety of mobile phones, such as Android, iOS and Blackberry devices. It also simulates the bandwidth limitations of mobile network connections and supports all existing and upcoming mobile phone standards like GPRS, EDGE, UMTS, HSDPA, HSPA+ and LTE, while its mobile browser simulation emulates mobile device traffic from different parts of the world,” said Archie Roboostoff, Borland solutions portfolio director, Micro Focus.

iPass, a leading provider of enterprise mobility services, has deployed SilkPerformer and SilkTest, to facilitate access from any device on any network while giving the enterprise essential visibility and control.

”The exemplary use of Silk by iPass is just one example of how we are helping enterprises outpace the building momentum of today’s mobility trend. In fact, the business advantages that Silk provides are felt right across iPass operations,” said Nitin Dang, country GM, Micro Focus India.

TestPlant, the UK-headquartered international software company, has launched the eggPlant Mobile Testing Solution ( http://www.testplant.com/mobile/mwc). eggPlant is the world’s leading robotic test tool for GUI testing used by many leading software companies, by significant defence, security and aerospace organisations and by global media broadcasters and on-line entertainment businesses. The mobile testing solution extends eggPlant’s reach into software running on smartphones and tablets across the major mobile operating systems.

The launch is in partnership with RealVNC, the original developer and leading provider of VNC(R) technology used by millions of computer users around the world. Testing software or apps on mobile devices is a major pain point for app developers, for device manufacturers and for network operators. There has not been an effective in house automated solution to testing software on the full range of devices. Existing techniques are either manual, which is extremely tedious and error-prone, or electro-mechanical, which is limited, does not reproduce a real user experience test and can place IP outside the enterprise environment.

eggPlant uses RealVNC’s VNC Mobile Solution to connect directly to a device. A true user experience test is created as eggPlant is capable of recognising icons, colours, text and fields on any display. A test script is automatically generated as eggPlant is trained to move around an app using its image store to spot and compare display prompts. Multiple tests become effortless and eggPlant reports test failures with helpful screen images of the exact point of failure. An automated test script can be created on one device (or emulator) to be repeated many times on other devices.

Typemock, the leading provider and pioneer of easy unit testing solutions, announced today their prediction that a rise in unit testing will occur in 2012 as software development continues to climb significantly. Eli Lopian, founder and CEO of Typemock , speaking at a developer seminar said, “In 2012, we will see a major shift in the efforts of software developers to focus on better code. Unit testing is significantly more important today as we see an eruption in software development in the coming years.” In addition, Lopian added “Unit testing is a key aspect of all Agile methodologies, and, in order to remain agile, unit testing must be properly executed.”

In an article on the Testing Tools Landscape, a leading analyst firm noted, “Now it is time for quality management and testing to respond to this faster-moving environment. Functional testing tools are not enough. Quality must move beyond the purview of just the testing organization and must become an integrated part of the entire software development life cycle (SDLC) to reduce schedule-killing rework, improve user satisfaction, and reduce the risks of untested non-functional requirements such as security and performance.” In addition, a recent Forrester report recommended that developers engage in automated testing, including unit testing, in order to build higher quality software.

According to one notable developer, there will also be more consideration for unit testing in software development. Kevlin Henney, co-author of several software architecture and programming practice books and former columnist for Better Software Magazine, was interviewed by Typemock on his predictions for the upcoming year, commenting that there will be “increased acceptance of unit testing and techniques surrounding it, particularly in domains where it has been considered off the menu.”

Corey Haines, self-proclaimed Software Journeyman and co-founder of Code Retreat had this to say: “Honestly, I see more of the same. Lots of people exposed to it for the first time. Lots of people trying it, finding it hard, then saying it doesn’t work. Lots of people trying it, finding it hard, keeping with it, and seeing benefits over the years.”

“Unit testing is like staying healthy,” said Lopian. “Staying healthy requires best practices such as eating right and working out. Similarly, development teams need the right practices in order to innovate faster. Just as it’s hard to start working out, many find it’s hard to unit test and thus stop – despite its well-known benefits. This is why Typemock’s vision has always been providing easy unit testing tools for agile software developers to release better software, even with legacy code.”

JCGs (Java Code Geeks) have released an article on common mistakes of Software Testing.

Seven mistakes of software testing lists a number of common mistakes that are made in each of the test phases.

Though most developers know the importance of testing, it seems that a lot of them still aren’t testing enough. And if they write tests, they test just test wrong.

UNIT TESTS

If some tests are written in applications, most of them will be unit tests. It’s easy to test a utility class by just calling all utility methods, passing some values and checking if the expected result is returned.

A first mistake arises here. Most people don’t think out of the box, or not enough. You can test that 1 + 1 =2 , that 2 + 1 = 3 and that 3 + 1 = 4. But what’s the benefit of doing almost the same test 3 times? It’s better to test the boundary cases. Are the arguments of the sum( ) method primitive types or Objects? If they are Objects, what happens if you pass null values? If an exception is thrown, is that the expected one? Does it clearly tell what the problem is?

JCG is an independent online community focused on creating the ultimate Java-to-Java developers resource center; targeted at the technical architect, technical team lead (senior developer), project manager and junior developers alike. JCGs serve the Java, Scala, Android, SOA, Agile and Telecom communities with daily news written by domain experts, articles, tutorials, reviews, announcements, code snippets and open source projects.

To read the full article visit Seven mistakes of software testing

Byteman is a tool which simplifies tracing and testing of Java programs. Byteman allows you to insert extra Java code into your application, either as it is loaded during JVM startup or even after it has already started running. The injected code is allowed to access any of your data and call any application methods, including where they are private. You can inject code almost anywhere you want and there is no need to prepare the original source code in advance nor do you have to recompile, repackage or redeploy your application. In fact you can remove injected code and reinstall different code while the application continues to execute.

The simplest use of Byteman is to install code which traces what your application is doing. This can be used for monitoring or debugging live deployments as well as for instrumenting code under test so that you can be sure it has operated correctly. By injecting code at very specific locations you can avoid the overheads which often arise when you switch on debug or product trace. Also, you decide what to trace when you run your application rather than when you write it so you don’t need 100% hindsight to be able to obtain the information you need.

When testing your application you can use Byteman to inject faults or synchronization code, causing your application to perform unusual or unexpected operations required to exercise a test scenario. Byteman provides a library of built-in functions which allow you to do anything from generating simple error conditions to propagating complex error flows which require coordinated actions in different parts of your application. However, you are not limited to these operations. You can inject almost any Java code into your application so long as the classes you refer to are in scope at the injection point. You can also replace or extend the available built-in functions by supplying a POJO (plain old java object) as a plugin. So, Byteman makes it easy for you to program even the most complex test scenarios.

Byteman works by modifying the bytecode of your application classes at runtime. Since it only needs access to bytecode this means it can modify library code whose source is either unavailable or unable to be recompiled. This even includes the Java code which forms part of the Java virtual machine, classes such as String, Thread etc. So, with Byteman you can trace what the JVM is doing on behalf of your application code or cause JVM classes like FileInputStream or Map to throw exceptions when your application calls them.

Byteman uses a clear, simple scripting language, based on a formalism called Event Condition Action (ECA) rules to specify where, when and how the original Java code should be transformed. An event specifies a trigger point, a location where you want code to be injected. When execution reaches the trigger point the rule’s condition, a Java boolean expression, is evaluated. The Java expression (or sequence of expressions) in the rule action is executed only when the condition evaluates to true. Normally execution continues from the trigger point once the inejcted code has been executed. However, rule actions may also throw an exception or force an early return from the triggering method.

Byteman 2.0.0 is now available for download under the GNU LGPL. It requires a JDK 6 or higher JVM. The release includes a user guide which documents the scripting language and explains how to use byteman to inject faults or tracing and monitoring code. There is also a tutorial showing you how to get started with Byteman and a follow-up tutorial explaining how to use Byteman to perform fault injection testing. See the documentation page for more information.

ARCAD Software is now shipping version 8.12 of its application lifecycle management (ALM) suite for the IBM i OS. Among the enhancements is the capability of its regression testing product, called Verifier, to test multiple types of user interfaces simultaneously, thereby making it easier for IBM i shops to test Windows, Web, and mobile interfaces with the same effort used to test interactive 5250 screens or batch jobs.

The ARCAD ALM suite is a collection of tools used to aid developers in the development, testing, and roll-out of new and enhanced applications. The software is primarily used on the IBM i server, although some components support other platforms.

The main enhancement delivered by ARCAD with version 8.12 of the suite is a new data-driven capability in its regression testing engine. The primary impact of this database enhancement is that tests are no longer dependent on the user interface that is used. ARCAD customers can now test Windows-based interfaces to IBM i applications, right along side the equivalent Web and 5250 interfaces to the same IBM i application.

The technology used to create the interface–whether it was .NET, Java, Delphi, C++, or LANSA for a thick-client Windows interface, or PHP, AJAX, Flash, Java Server Pages (JSP), or plain HTML for a Web interface–no longer dictates the developer to run multiple regression tests to ensure proper functioning. This also applies to programs without user interfaces, such as IBM i batch jobs and integration routines that utilize Web services technologies or MQ Series.

The vendor says the “openness” of the underlying data capture mechanism has been enhanced, “so that ARCAD-Verifier can easily ‘connect’ to your processes, targeting capture and replay operations.” The results of the regression test are then compared to data created, modified, or deleted in the IBM i database.

As ARCAD CEO Philippe Magne explains, many test automation projects fail because the tool being used is limited to a comparison of user interfaces. “By focusing on the comparison of data stored in the database, ARCAD-Verifier gives greater flexibility of use and a wider scope, all with the same level of security,” he says in a press release.

Magne says the enhancement to Verifier makes it easier to use than other testing tools. “This ‘data driven’ testing tool becomes very easy to use, and can be placed under the sole responsibility of end-users, with no need for the development team to be involved.”

This feature had been requested by many of ARCAD’s customers, Magne says in a November newsletter. “Many of you had asked for this capability and we struggled for two solid years to find the stable, durable solution we were looking for. Our search is now over and our mission is accomplished.”

ARCAD is based in France, and has its U.S. headquarters in the former SoftLanding Systems stomping grounds of Peterborough, New Hampshire. For more information, see the company’s website at www.arcadsoftware.com.

SearchSoftwareQuality.com,  the online community for developers, architects and executives interested in building secure and quality software have released a great article on Software development bugs and how to prevent.

The article, titled ‘Software development bugs: How to identify and prevent them’, the  magazine has a Q & A with Dror Helper, to identify proper techniques to find those bugs early in the cycle, when they are least potent.

What types of bugs are typically introduced in each step of the application lifecycle?

An application lifecycle can be divided into five stages: requirements, design, development, testing and deployment. In each stage, a different kind of bug can be introduced. In the requirement stage, we can “forget” one of the requirements which would result in an incomplete product while a bug in the design stage would probably mean that the product does not work as intended.

For more details please read: Software development bugs: How to identify and prevent them

Laplink Software, Inc. today officially released PCmover® Windows® 8 Beta Assistant™, a free tool that makes testing Windows 8 more efficient and easily allows users to migrate selected programs, files and settings from a Windows 7 PC to a Windows 8 PC.

PCmover Windows 8 Beta Assistant is available now as a free download on Laplink’s website and can be used to perform an unlimited number of migrations at no charge prior to July 2012.

Beta Assistant provides a unique solution that allows users to move selected programs, files and settings from a Windows 7 or Windows 8 machine into a new machine running Windows 8. PCmover is the number one best-selling migration software in the world and is the only software that moves installed programs (as well as files, settings and user profiles) from an old PC to a new one. Unlike PCmover, Microsoft’s Windows Easy Transfer has never supported the process of migrating installed apps. Without PCmover, users must find old CDs, re-download applications, and locate serial numbers and keys to manually install programs when setting up a new PC.

“Setting up a new PC is a nightmare without PCmover,” explained Laplink Director of Marketing Neil Minetto. “The amount of time it takes to set up a new PC is staggering, not to mention all the hassle. With PCmover, users can have a new PC up and running in no time, and getting used to the new PC is much easier because PCmover transfers the personality and functionality of the old PC along with the rest of the data.”

PCmover Windows 8 Beta Assistant is compatible with physical or virtual machines (VMs) provided that both the source and destination are 64-bit operating systems. Beta Assistant will work with the Developer Preview as well as all of the upcoming Beta releases and RC (release candidate) builds. And, as new Beta and RC builds are released, Beta Assistant can be used to migrate between those builds, even to and from the same PC providing a fast and easy “Beta Upgrade” path.

“By using PCmover to migrate Windows 7 to a Windows 8 computer or VM, automating what is normally a series of manual processes, testers and developers stand to save hundreds of hours,” commented Laplink CTO Jack Wilson. “To conduct tests of Windows 8, it is typical for a user to provision several different Windows 8 VMs complete with a unique arrangement of development tools, debug software, SDKs and environmental variables. PCmover allows the user to quickly jump into the testing phase, using the same tools, software and environment they used in Windows 7.”

Laplink offers multiple editions of PCmover to serve the needs of every user and every scenario. From Home to Professional to Enterprise, PCmover expedites any migration scenario, whether a single consumer PC to refreshing thousands of business PCs. And, PCmover is safe to use as it doesn’t make any changes on the source PC and won’t overwrite anything on the destination PC. This means there is no risk to the user’s current environment and their data will remain intact on the old PC, preventing any risk of data loss.

All versions of PCmover are available at www.laplink.com, while a consumer version can be found in most major software retailers in the US, Canada, Europe and Japan.

A free utility that you can use to demonstrate SQL injection vulnerabilities in web apps has been released by web security specialists, NT OBJECTives.

NTO SQL Invader is interesting because it isn’t designed to find the vulnerability; instead, the aim is to give you a way to show how the vulnerability could be exploited.

NTO SQL Invader Provides Pen Testers and Developers the Ability to Quickly and Easily Exploit and Demonstrate SQL Injection Vulnerabilities in Web Applications
NT OBJECTives, a provider of automated, comprehensive and accurate Web Application security software, services and SaaS, today announced the availability of NTO SQL Invader, a free tool which provides pen testers and developers the ability to quickly and easily exploit and demonstrate SQL Injection vulnerabilities in Web applications.

Most organizations understand that SQL Injection vulnerabilities put their sensitive data at risk and it has been the dominant method used in this year’s high-profile web application attacks; with millions of sites attacked in 2011.

Despite the fact that SQL Injection is well documented and there are tools to discover the vulnerabilities, it has been very difficult to determine if the vulnerability can actually be exploited because most existing SQL Injection testing tools are executed from a command line, lack an intuitive user interface or are no longer supported. Without the ability to clearly demonstrate the exploitability of a vulnerability, remediation efforts are often delayed and friction between security and development teams surfaces. NTO SQL Invader allows pen testers and developers to quickly and easily leverage a vulnerability to view the list of records, tables and user accounts on the back-end database.

With a few simple clicks in NTO SQL Invader, a user can exploit a web application vulnerability that was discovered manually or from a Dynamic Application Security Testing (DAST) tool like NTOSpider. NTO SQL Invader works as a stand-alone tool and also includes integration with NTOSpider’s reporting technology to assist pen testers and developers in quickly identifying and validating discovered vulnerabilities. While reviewing and confirming results from NTOSpider, users can leverage NTO SQL Invader to provide a polished, real-world proof-of-concept for the discovered SQL Injection vulnerabilities.
“Accurate vulnerability identification is a crucial and challenging task but it is only half the battle,” says Dan Kuykendall, co-CEO and Chief Technology Officer of NT OBJECTives. “We wanted to support organizations in their analysis and remediation efforts by providing an easy to use tool that enables penetration testers to demonstrate how these vulnerabilities can be exploited. We felt it was important to provide a free and useful tool to our customers and to the entire community.”