Web Testing in simple terms is checking your web application for potential bugs before its made live or before code is moved into the production environment.
During this stage issues such as that of web application security, the functioning of the site, its access to handicapped as well as regular users and its ability to handle traffic is checked.
Web Application Testing Checklist:
1. Functionality Testing:Link Testing:Web form testing:Cookies testing:Test HTML and CSS:Test business workflow:
2. Usability testing:
3. Compatibility testing.
Browser Compatibility Test:OS compatibility:Mobile browsing:
4. Database Testing:
5. Crowd Testing:
6. Interface Testing
7. Performance Testing:
8. Security testing:
Testing Activities will include-
Check if unauthorized access to secure pages, if user changes from “https” to “http” (secure to non-secure) in secure pages then proper message should be display and vice versa.
Check if accessing internal pages directly entering URLs in browser. If login is required then user should redirected to login page or appropriate message should be displayed.
Most of the information related to transactions, error messages, login attempts should be logged in log file.
Check if restricted files are able to access for download.
Check if internal Web directories or files are not accessible unless & until not configured for download.
Check if CAPTCHA is added & working properly for logins to prevents automates logins attempts.
Check if try to access others information by changing parameter in query string. For example if you are editing the information & in URL you are seeing UserID = 123, try to change this parameter values & check if application is not providing the other users information. It should display Access denied for this user to view others users information.
Check if sessions are got expired after pre-defined amount of time if user not using session.
Check if user not able to pass login page for invalid username/password combination.
Check if user is navigated to encrypted SSL pages for secure website.
Parameter tampering is a form of Web-based attack in which certain parameters in the Uniform Resource Locator (URL) or Web page form field data entered by a user are changed without that user's authorization.
This points the browser to a link, page or site other than the one the user intends (although it may look exactly the same to the casual observer).
My Other Related Videos:
Whatsapp Sniffing | WhatsApp Hacking
Kali 2017.1 Installation in vmware player
Kali 2017.1 Installation in Oracle VM virtualbox
Penetration Testing on windows 7 using NSA Exploit (MS17-010) | Exploiting NSA Eternalblue
Penetration Testing on windows 10 using Parrotsec Os | Exploiting window 10 with Metasploit framework
How to use Xerosploit in Kali linux
Parrot Security OS Installation
Security Auditing on linux | Vulnerability Analysis & Assessment on Kali linux
Penetration Testing on Linux ftp server with Metasploit using Vsftpd Vulnerability
Penetration Testing on Wi-fi wpa wpa2 Passwords using wifite
Penetration Testing on Wi-Fi WPA/WPA2 without Dictionary and Brute Force Attack
Network Scanning in Windows using Angry IP Scanner:
Network Scanning in Kali using Angry IP Scanner:
Tor Browser Installation in kali:
If u like the video please Like the Video
if u have any doubt please comment on video...
for more education videos please subscribe the channel...
This video is only for education purpose ....