Top 5 Performance Testing Tools – Comprehensive List of In-Demand Tools with Download Link

• Apache JMeter
• NeoLoad
• LoadRunner
• LoadUI
• WebLOAD

1. Apache JMeter

Description: Open source load testing tool: It is a Java platform application. It is mainly considered as a performance testing tool and it can also be integrated with the test plan. In addition to the load test plan, you can also create a testplan.  This tool has the capacity to be loaded into a server or network so as to check on its performance and analyze its working under different conditions. Initially, it was introduced for testing the web applications, but later its scope had widened.   It is of great use in testing the functional performance of the resources such as Servlets, Perl Scripts and JAVA objects.  Need JVM 1.4 or higher to run.

Apache JMeter System Requirements: It works under Unix and Windows OS
Download link: Apache JMeter download

2. NeoLoad

Description: Load and performance testing software: This is a tool used for measuring and analyzing the performance of the website. The performance and the end result can be evaluated by using this tool and any further steps can be taken. This helps you in improving and optimizing the performance of your web application. This tool analysis the performance of the web application by increasing the traffic to the website and the performance under heavy load can be determined. You can get to know the capacity of the application and the amount of users it can handle at the same time. This tool was developed by a French company named as Netosys and it was written in JAVA.  It is available in two different languages; English and French.

NeoLoad System Requirements:  This tool is compatible on operating systems like Microsoft windows, Linux and Solaris.
Download link: NeoLoad download

3. LoadRunner

Description: This is a HP product which can be used as a performance testing tool.  This can be bought as a HP product from its HP software division.  Also, it is very much useful in understanding and determining the performance and outcome of the system when there is actual load. One of the key attractive features of this testing tool is that, it can create and handle thousands of users at the same time. This tool enables you to gather all the required information with respect to the performance and also based on the infrastructure.  The LoadRunner comprises of different tools; namely, Virtual User Generator, Controller, Load Generator and Analysis.

LoadRunner System Requirements: Microsoft Windows and Linux are the favourable OS for this measuring tool.
Download link: LoadRunner download  

4. LoadUI

Description: Open Source Stress Testing Tool: Load UI is yet another open source and load testing software used for measuring the performance of the web applications. This tool works effectively when it is integrated with the functional testing tool soapUI. LoadUI is the most flexible and interactive testing tools. This allows you to create, configure and update your tests while the application is being tested. It also gives a visual Aid for the user with a drag and drop experience. This is not a static performance tool. The advanced analysis and report generating features allows you to examine the actual performance by pumping in new data even while the application is being tested. You need not bother to restart the LoadUI each and every time you modify or change the application. It automatically gets updated in the interface.

System Requirements: Cross platform.
Price: This tool being a open source application, it is available for free and everyone can have the easy access to its full source code.
Download link: LoadUI download  

5. WebLOAD

Description: Load testing and stress testing tool for web application: To find out the bottlenecks of the website, it is necessary to examine the pros and cons. There are many performance testing tools available for measuring the performance of the certain web application. WebLoad is one such tool used for load testing and stress testing. This tool can be used for Load testing any internet applications such as Ajax, Adobe Flex, Oracle Forms and much more. Through this tool, you have the ability to measure the working performance and also its response to the users. This was developed by the Radview Software for the applicaion Tesing.  This tool was a famous and award fetching software of the Radview Software. This tool is widely used in the environment where there is a high demand for maximum Load testing. This tool gives you a clear information on the functionality and the actual capacity of the web applications.

WebLOAD System Requirements: Cross Platform.
Download link: WebLOAD download

Test case writing techniques for dynamic testing-cause effect Graph

Test case writing techniques for dynamic testing

Equivalence partitioning
Boundary Value Analysis
Decision table
Cause and effect graph technique
State transition diagram
Orthogonal array testing(OATS)
Error guessing.

We have some really good papers 1^st, 2^nd and 3^rd points (Equivalence portioning, BVA and decision tables) here in STH. I am going to discuss about point 4 which is Cause and effect graph.

Cause-Effect Graphing is a technique which starts with set of requirements and determines the minimum possible test cases for maximum test coverage which reduces test execution time and ultimately cost.

The goal is to reduce the total number of test cases still achieving the desired application quality by covering the necessary test cases for maximum coverage.

But at the same time obviously there are some downsides of using this test case writing technique. It takes time to model all your requirements into this cause-effect graph before writing test cases.

Notations we are going to use:

Now let’s try to implement this technique with some example.

1. Draw a cause and effect graph based on a requirement/situation
2. Cause and Effect graph is given, draw a decision table based on it to draw the test case.

Let’s see both of them one by one.

Let’s draw a cause and effect graph based on a situation

Situation:

The “Print message” is software that read two characters and, depending of their values, messages must be printed.

• The first character must be an “A” or a “B”.
• The second character must be a digit.
• If the first character is an “A” or “B” and the second character is a digit, the file must be updated.
• If the first character is incorrect (not an “A” or “B”), the message X must be printed.
• If the second character is incorrect (not a digit), the message Y must be printed.

Solution:

The causes for this situation are:
C1 – First character is A
C2 – First character is B
C3 – Second character is a digit

The effects (results) for this situation are
E1 – Update the file
E2 – Print message “X”
E3 – Print message “Y”

LET’S START!!

First draw the causes and effects as shown below:

Key – Always go from effect to cause (left to right). That means, to get effect “E” ,what causes should be true.

In this example, let’s start with Effect E1.

Effect E1 is to update the file. The file is updated when
-  First character is “A” and second character is a digit
-  First character is “B” and second character is a digit
-  First character can either be “A” or “B” and cannot be both.

Now let’s put these 3 points in symbolic form:

For E1 to be true – following are the causes:
-  C1 and C3 should be true
-  C2 and C3 should be true
-  C1 and C2 cannot be true together. This means C1 and C2 ae mutually exclusive.

Now let’s draw this:

So as per the above diagram, for E1 to be true the condition is
(C1  C2)  C3

The circle in the middle is just an interpretation of the middle point to make the graph less messy.
There is a third condition where C1 and C2 are mutually exclusive. So the final graph for effect E1 to be true is shown below:

Lets move to Effect E2:
E2 states to print message “X”. Message X will be printed when First character is neither A nor B.
Which means Effect E2 will hold true when either C1 OR C2 is invalid. So the graph for Effect E2 is shown as (In blue line)

------------

For Effect E3.
E3 states to print message “Y”. Message Y will be printed when Second character is incorrect.
Which means Effect E3 will hold true when C3 is invalid. So the graph for Effect E3 is shown as (In Green line)

This completes the Cause and Effect graph for the above situation.

Now let’s move to draw the Decision table based on the above graph.

Writing Decision table based on Cause and Effect graph

First write down the Causes and Effects in a single column shown below

Key is the same. Go from bottom to top which means traverse from effect to cause.

Start with Effect E1. For E1 to be true, the condition is: (C1  C2)  C3 .
Here we are representing True as 1 and False as 0

First put Effect E1 as True in the next column as

Now for E1 to be “1” (true), we have the below two conditions –
C1 AND C3 will be true
C2 AND C3 will be true

For E2 to be True, either C1 or C2 has to be false shown as

For E3 to be true, C3 should be false.

So it’s done. Let’s complete the graph by adding 0 in the blank column and including the test case identifier.

Writing Test cases from the decision table

I am writing a sample test case for test case 1 (TC1) and Test Case 2 (TC2).

In a similar fashion, you can create other test cases.

(A test case contains many other attributes like preconditions, test data, severity, priority, build, version, release, environment etc. I assume all these attributes to be included when you write the test cases in actual situation)

Conclusion

Summarizing the steps once again:

1. Draw the circles for Causes and Graphs
2. Start from effects and move towards the cause.
3. Look for mutually exclusive causes.

This finishes the Cause and Effect graph dynamic test case writing technique. We have seen how to draw the graph and how to draw the decision table based on it. The final step of writing test cases based on decision table is comparatively easy.

About the Author: This is a  article by Shilpa Chatterjee Roy. She is working in software testing field for the past 8.5 years in various domains.I have mad some minor changes to suite our context.

Using Software Testing Checklists to Ensure Software Quality – Sample Checklists Included.

 Below is an example of a sample Test Readiness Review checklist:

Test Readiness Review (TRR) Criteria	Status
All the requirements finalized and analyzed	Done
Test plam created and reviewed	Done
Test cases preparation done
Test case review and sign off
Test data availability
Smoke testing
Sanity testing done?
Team aware of the roles and responsibilities
Team aware of the deliverables expected of them
Team aware of the communication protocol
Team’s access to the application, version controlling  tools, test management
Team’s trained
Technical aspects- server1 refreshed or not?
Defect reporting standards are defined

Now, all you have to do with this list is mark done or not done.

Exit Criteria Checklist:

As the name indicates, this is a check list that aids in the decision making of whether a testing phase/cycle should be stopped or continued.

Since, a defect free product is not possible and we will have to make sure that we test to the best extent possible in the given amount of time – a check list of the below effect is created to track the most important criteria that needs to be met to deem a testing phase satisfactory.

Exit Criteria	Status
100% Test Scripts executed	Done
95% pass rate of Test Scripts
No open Critical and High severity defects
95% of Medium severity defects have been closed
All remaining defects are either cancelled or documented as Change Requests for a future release
All expected and actual results are captured and documented with the test script	Done
All test metrics collected based on reports from the tool
All defects logged in the tool	Done
Test Closure Memo completed and signed off

Points to note:

1. The above two are examples to show case the use of checklists to QA process, but the usage is not limited to these two areas.
2. The items in each list are also indicators to give an idea to the readers about what sort of items can be included and tracked – however, the list can be expanded and/or compacted as needed.

We really hope that the above examples have been successful in bringing forward the potential of checklists to QA and IT processes.

Front end Performance testing tools.

Page Speed

• It provides the web page performance overall score based on the front end performance optimization rules.
• Page speed provides complete detail of the time spent on web page’s different components i.e. Images, CSS and Java Script files etc.
• It lists down all the web page’s bottlenecks along with their details as well as all the possible solutions in order to help the developers to quickly fix those issues.
• Page speed also highlights all the good practices which are already followed by the developers to optimize the web page speed.
• Page speed provides all the above mentioned information for mobile devices browsers as well.
• Link : https://developers.google.com/speed/pagespeed/

Web Page Test

Web page test is a Google sponsored free online service which provides the web page complete performance details on a particular browser when it is accessed from a specific location. Following is the detailed list of web page test’s features:

• It provides web page performance results for modern browsers on different internet connections (including mobile 3G connection) from different geographical locations.
• Web page test also provides advanced test options like multistep transactions, video capturing and content blocking etc.
• It provides results for iPhone and Android devices browsers as well along with the desktop browsers.
• You can also compare different web pages performance results through web page test.
• It also provides web page diagnostics information like waterfall charts and page speed optimization checks along with the performance optimization suggestions.
• Web page test also provides the page statistics on first view and repeated view along with the details of server responses.

Link: http://www.webpagetest.org

BrowserMob – Neustar

Neustar is another free online service (offered by BrowserMob) to test the web page performance from different geographical locations. Following is the list of Neustar’s features:

• Neustar provides web page average load time, its total size and page requests information.
• It provides web page statistics from 4 different geographical locations like California, Washington DC, Singapore and Dublin etc. in order to provide the web page global performance results.
• Neustar also provides the details of each page component share in page load time.

Link: http://www.neustar.biz/lp/web-performance-trial/index.html

Powerful Penetration Testing Tools For Every Penetration Tester

What is Penetration Testing?

It’s the method of testing where the areas of weakness in software systems in terms of security are put to test to determine, if ‘weak-point’ is indeed one, that can be broken into or not.

How is it performed?

Step #1. It starts with a list of Vulnerabilities/potential problem areas that would cause a security breach for the systems.
Step #2. If possible, this list of items has to be ranked in the order of priority/criticality
Step #3. Devise penetration tests that would work (attack your system) from both within the network and outside (externally) to determine if you can access data/network/server/website unauthorized.
Step #4. If the unauthorized access is possible, the system has to be corrected and the series of steps need to be re-run until the problem area is fixed.

1) Metasploit 

This is the most advanced and popular Framework that can be used to for pen-testing. It is based on the concept of ‘exploit’ which is a code that can surpass the security measures and enter a certain system. If entered, it runs a ‘payload’, a code that performs operations on a target machine, thus creating the perfect framework for penetration testing.

It can be used on web applications, networks, servers etc. It has a command-line and a GUI clickable interface, works on Linux, Apple Mac OS X and Microsoft Windows. This is a commercial product, although there might be free limited trials available.

Download link: Metasploit Download

2) Wireshark

This is basically a network protocol analyzer –popular for providing the minutest details about your network protocols, packet information, decryption etc. It can be used on Windows, Linux, OS X, Solaris, FreeBSD, NetBSD, and many other systems. The information that is retrieved via this tool can be viewed through a GUI, or the TTY-mode TShark utility.  You can get your own free version of the tool from here.

Download link: Wireshark download

3) w3af

W3afis a Web Application Attack and Audit Framework.

Some of the features are: fast HTTP requests, integration of web and proxy servers into the code, injecting payloads into various kinds of HTTP requests etc.

It has a command-line interface, works on Linux, Apple Mac OS X and Microsoft Windows.
All versions are free of charge to download.

Download link: w3af download

4) CORE Impact

CORE Impact Pro can be used to test mobile device penetration, network/network devise penetration, password identification and cracking, etc. It has a command-line and a GUI clickable interface, works Microsoft Windows. This is one of the expensive tools in this line and all the information can be found at below page.

Download link: CORE Impact download

5) Back Track

Back Track works only on Linux Machines. The new version is called Kali Linux. This is one of the best tools available for Packet sniffing and injecting. An expertise in TCP/IP protocol and networking are key to succeed using this tool. For information and to download a free copy, visit below page.

Download link: Back Track download

6) Netsparker

Netsparker comes with a robust web application scanner that will identify vulnerabilities, suggest remedial action etc. This tool can also help exploit SQL injection and LFI (local file induction). It has a command-line and GUI interface, works only on Microsoft Windows. This is a commercial product, although there might be free limited trials available at below page.

Download link: Netsparker download

7) Nessus

Nessus also is a scanner and one that needs to be watched out for. It is one of the most robust vulnerability identifier tools available. It specializes in compliance checks, Sensitive data searches, IPs scan, website scanning etc. and aids in finding the ‘weak-spots’. It works on most of the environments.

Download link: Nessus download

8) Burpsuite

Burp suite is also essentially a scanner (with a limited “intruder” tool for attacks), although many security testing specialists swear that pen-testing without this tool is unimaginable. The tool is not free, but very cost effective. Take a look at it on below download page. It mainly works wonders with intercepting proxy, crawling content and functionality, web application scanning etc.  You can use this on Windows, Mac OS X and Linux environments.

Download link: Burp suite download

9) Cain & Abel

If cracking encrypted passwords or network keys is what you need, then Cain& Abel is the tool for you. It uses network sniffing, Dictionary, Brute-Force and Cryptanalysis attacks, cache uncovering and routing protocol analysis methods to achieve this. Check out information about this free to use tool at below page. This is exclusively for Microsoft operating systems.

Download link: Cain & Abel download

10) Zed Attack Proxy (ZAP)

ZAP is a completely free to use, scanner and security vulnerability finder for web applications. ZAP includes Proxy intercepting aspects, variety of scanners, spiders etc. It works on most platforms and the more information can be obtained from below page.

Download link: ZAP download