It’s been more than three years since I released one of my most popular posts - Tester’s toolbox - an alternative guide. Today I’d like to share tools and projects created by me for various occasions (public speaking, teaching on...
In my last ‘Continuous Security - how to get involved?’ post I showed you quickstart guide on how to start helping your team in reaching the desired security level. The article contained simple OWASP ZAP scanning technique and very easy...
Introduction As you may have already noticed I often drift into the security domain. My interests focus mainly on continuous security (i.e. automated security tests). So far I had featured three tools on my blog: OWASP Dependency-Check, OWASP ZAP, and...
It’s a good testing practice to avoid as many external dependencies as possible. We want to run everything on localhost and avoid test failures caused by things outside our application scope (environment issues, network problems, unavailable web services). Unfortunately, our...
As test engineers when we approach performance testing we usually only think about final end-to-end application verification with tools such as JMeter, Locust or Gatling. We know that such tests should run on a separate environment with conditions resembling production...