My personal list of useful testing software, scripts, extensions and resources collected over several years of testing career
- Testing stratregy
- Test heuristics and checklists
- Tools
- Scripts
- Continuous Integration
- Blogs
- Useful Resources
- Communities and Conferences
- Articles
Various sources and articles about and around testing strategy (testing pyramid, testing types and other considerations)
- Test heuristics cheat sheet, PDF in this repo - Data type attacks, WEB tests, testing wisdom and frameworks
- Software testing pyramid, PDF in this repo
- Selenium - web applications automation (multibrowser support).
- Cypress - javascript end to end testing for browser based apps (not extensive multibrowser support).
- Courgette - Simple UI testing. Proper declarative BDD scenarios using Gherkin, Gherkin templates and composable YAML-style page and component objects. Selenium-based UI Testing Framework written in JS that’s built on top of Cucumber with Protractor for desktop / hybrid apps and Cucumber with WDIO and appium for native mobile apps.
- Codeception - collects and shares best practices and solutions for testing PHP web applications.
- http://appium.io/ - open source test automation framework for use with native, hybrid and mobile web apps. It drives iOS, Android, and Windows apps using the WebDriver protocol.
- Postman - the collaboration platform for API development.
- Percy - Automation tool for visual UI changes with versions comparison and workflows for changes approvals.
- Applitools - Automated testing platform powered by Visual AI.
- Fluxguard - Screenshot pixel and DOM change comparisons and regressions.
- recheck-web - Open Source change comparison tool with local Golden Masters, git-like ignore syntax and "unbreakable selenium" tests.
- Container Structure Tests - validate the structure of a container image. These tests can be used to check the output of commands in an image, as well as verify metadata and contents of the filesystem.
- k6.io - write your tests as a series of HTTP calls and assertions. k6 does the heavy lifting
- Apache Bench - designed to give you an impression of how your current Apache installation performs. This especially shows you how many requests per second your Apache installation is capable of serving
- Siege - an http load testing and benchmarking utility. It was designed to let web developers measure their code under duress, to see how it will stand up to load on the internet
- k6.io - write your tests as a series of HTTP calls and assertions. k6 does the heavy lifting.
- Apache JMeter - popular tool with strong community backing, supports many different protocols and has rich extensibility that can be leveraged to customize the tool to your needs
- Locust.io - define user behaviour with Python code, and swarm your system with millions of simultaneous users
- Gatling - code-like scripting with own developed Domain Specific Language (DSL) with web recorder and colorful reports
- Taurus - test automation framework for Continuous Testing which helps by hiding the complexities of running performance tests. Think of it as an automation-friendly wrapper
- Bees with Machine Guns - authors describe it as "a utility for arming (creating) many bees (micro EC2 instances) to attack (load test) targets (web applications)."
- Multi-Mechanize - runs concurrent Python scripts to generate load (synthetic transactions), commonly used for web performance and scalability testing, but you can also use it to generate a workload against any remote API accessible from Python.
- Siege - designed to let web developers measure their code under duress, to see how it will stand up to load on the internet
- Artillery - performance testing toolkit with YAML based scripts, built on top of Node.js and allows tests customization with Javascript code
- Httperf - provides a flexible facility for generating varied HTTP workloads and measuring web server performance.
- Element - a Puppeteer node library that uses a browser-based load-testing tool, create scripts using Typescript, and use them against a web app in the same way that the customers would do, opening a browser and interacting with page elements.
- Neoload - YAML based code description, but also with code-less capabilities
- Blazemeter - continuous testing including performance testing
- Distributed Load Testing on AWS - a scalable, distributed, and serverless architecture to deliver a load testing tool for web application performance testing (demo)
- Distributed load testing using Google Kubernetes Engine with Locust - Google Kubernetes Engine (GKE) to deploy a distributed load testing framework that uses multiple containers to create traffic for a simple REST-based API
- Alternatives in Azure
- Google Lighthouse - is an open-source, automated tool for improving the quality of web pages, is available in Google Chrome tools.
- Google PageSpeed Insights and Tools - a service that analyzes the content of a web page and generates suggestions to make your pages load faster. Reducing page load times reduces bounce rates and increases conversion rates.
- sitespeed.io - a set of open source tools evaluating client-side performance from real browsers.
- webpagetest.org - a service that provides insights into the performance of the client side in a variety of real browsers. This utility will test a web page in any browser, from any location, over any network condition—and it's free.
- Yslow - Analyse why web pages are slow based on Yahoo!'s rules for performance. Last update on 15.03.2014
- Cypress to capture Google Chrome's performance data - allows to find and fix common performance issues such as slow-time-to-first-byte.
- Selenium and BrowserMob Proxy (BMP) - has a few ways to capture performance data as well. One common approach is using a HAR file. This is done using the BrowserMob Proxy (BMP). BMP lets you manipulate HTTP requests and responses, capture HTTP content, and export performance data as a HAR file.
- JMeter Webdriver Sampler with Selenium Webdriver - useful for testing the performance of AJAX, GWT-based web applications, and simulated user actions.
- Cheatsheet God - a collection of resources, scripts and easy to follow how-to's for OSCP and general penetration testing.
- Tracy - A pentesting tool designed to assist with finding all sinks and sources of a web application and display these results in a digestible manner.
- Burp Suite - Burp Suite Community Edition is a feature-limited set of manual tools for exploring web security. Proxy your HTTPS traffic, edit and repeat requests, decode data, and more.
- Requestly - Setup redirects, modify headers, switch hosts, insert user scripts, cancel requests and much more.
- Fiddler - Capture all HTTP(S) traffic between your computer and the Internet with Fiddler HTTP(S) proxy. Inspect traffic, set breakpoints, and fiddle with requests & responses.
- BeEF - Manipulate the browser exploiting any XSS vulnerabilities you find.
- OWASP ZAP - This intercepting proxy allows you to see all HTTP traffic and manipulate it in real time. Easy to scan, catalog and exploit security issues.
- Cookie Inspector - View and Edit Cookies easily using the developer tools pane.
Ensure that the application being tested is usable by people with disabilities like hearing, color blindness, old age and other disadvantaged groups
- Colour Blindness Simulator - Simulate all types of Colour Blindness instantly!
Ensure that services (an API provider, a client etc) can communicate with each other.
Good articles describing consumer driven contracts in details:
Tools:
Sometimes for end to end testing we need to use email services and be able to access those programatically ie create email account and read emails. The following services can be considered depending on the user cases (for full services review read this article):
- MailSlurp - probably the best suited for testing
- Mailosaur - probably the best suited for testing
- Mailinator
- Gmail API
- MessageBird
- Mailgun
- Form Filler - Large forms can be really irritating to fill out each time, speed it up with dummy data.
- Bug Magnet - Suggests values based on the field type.
- Check All - "Select All" is often not available. Why not bring your own?
- Full Page Screenshot - For when PrintScreen isn't big enough.
- Loom - Google Chrome extension to record video of a website, automatically uploaded to loom and with link generated to view the video.
- Captura - Open Source video recording tool.
- BareTail - Brings the tail linux command to Windows, coloured lines and REGEX search and loads of other features.
- ProxySwitcher - We all have to mess with proxies, this makes it a lot easier when using Test/Prod/localhost proxies.
- MyWords - Handy extension that can be used to save common snippets (Jira tables, test data etc.) you use often for easy typing.
- Xmind - The free mindmapping tool for documenting your tests.
- Cookie Inspector - View and Edit Cookies easily using the developer tools pane.
- Reportportal.io - AI-powered test automation dashboard
- Allure - multi-language test report tool with graphical test results representations
- Dashing.io - dashboard framework, so you'll need to implement visualizations yourself
Collection of useful scripts:
- compareCSV.py - Python script to compare CSV files for differences
- Multiple github accounts on Mac - how to setup multiple github accounts on Mac
- James Bach - exploratory testing, Rapid Software Testing methodology inventor, founder of Context-Driven School of testing.
- Michael Bolton - co-author of Rapid Software Testing methodology.
- Janet Gregory - Agile testing.
- Nielsen Group - all about UX and usability.
- Martin Fowler - agile software development tech patterns, microservices best practices.
- Falsehoods - A funny and educational list of why nothing in Software Development is ever easy.
- Naughty Strings - This is the famous list of Naughty Strings. If you're doing some field validation, look no further for inspiration.
- Unicode - A great resource for learning how unicode works and the issues it can cause.
- Awesome Testing - A curated list of testing software, extensions and resources.
- Learn to Code - Learning to code, for those looking to make the move to automation
- Application Security - Incredibly extensive, but you'll find something to fit the bill.
- Selenium - Better than searching Google if you know what you want.
- Security - This is mostly focused on Infrastructure, but if you're testing a series of systems, this is very useful.
- Awesome Software Quality - A list of free software testing and verification resources.
- Awesome Cucumber - A (relatively-newer) curated list of awesome Cucumber and Gherkin-related resources.
- Awesome JMeter - A curated collection of resources around Apache JMeter.
- How They Test - A curated collection of public resources from tech companies on how they test their software and build a quality culture
- ISTQB - Organization to certify testers, but also has glossary of testing terms and description of the testing processes - handy reference when setting up testing from scratch.
- Technology Radar - an opinionated guide to technology frontiers.
- Testers.io - Community Slack for testers to discuss everything and rant. Mostly rant.
- Software Testing Conferences - A list of software testing conferences and workshops.