Software Testing

Digital Assignment – 1

Name : M.Ramya Sai

Reg No : 17MIS1148
Faculty : Prof.Maheshwari.N
Date :
Question : Describe any 5 types of Software Testing and its tools for
each of its types.

1. Unit Testing : is defined as a type of software testing where individual

units/ components of a software are tested. Unit Testing of software applications
is done during the development (coding) of an application. The objective of Unit
Testing is to isolate a section of code and verify its correctness. Unit Tests fix
bug early in development cycle and save costs .It helps understand the developers
the code base and enable them to make changes quickly. Good unit tests serve as
project documentation. Unit tests help with code re-use. Migrate both your
code,your tests to your new project. Tweak the code till the tests run again. The
workflow of Unit Testing is 1) Create Test Cases 2) Review/Rework 3) Baseline
4) Execute Test Cases.

Unit Testing Tools

There are several automated tools available to assist with unit testing. We will
provide a few examples below:

1. Jtest: Parasoft Jtest is an IDE plugin that leverages open-source

frameworks (Junit, Mockito, PowerMock, and Spring) with guided and easy one-
click actions for creating, scaling, and maintaining unit tests. By automating these
time-consuming aspects of unit testing, it frees the developer to focus on business
logic and create more meaningful test suites.
2. Junit: Junit is a free to use testing tool used for Java programming
language.  It provides assertions to identify test method. This tool test data first
and then inserted in the piece of code.
3. NUnit:  NUnit is widely used unit-testing framework use for all .net
languages.  It is an open source tool which allows writing scripts manually. It
supports data-driven tests which can run in parallel.
4. JMockit:  JMockit is open source Unit testing tool.  It is a code coverage
tool with line and path metrics. It allows mocking API with recording and
verification syntax. This tool offers Line coverage, Path Coverage, and Data
Coverage.
5. EMMA:  EMMA is an open-source toolkit for analyzing and reporting
code written in Java language. Emma support coverage types like method, line,
basic block. It is Java-based so it is without external library dependencies and can
access the source code.
6. PHPUnit: PHPUnit is a unit testing tool for PHP programmer. It takes
small portions of code which is called units and test each of them separately.  The
tool also allows developers to use pre-define assertion methods to assert that a
system behave in a certain manner. 

Unit Testing Advantage

 Developers looking to learn what functionality is provided by a unit and how to
use it can look at the unit tests to gain a basic understanding of the unit API.
 Unit testing allows the programmer to refactor code at a later date, and make
sure the module still works correctly (i.e. Regression testing). The procedure is
to write test cases for all functions and methods so that whenever a change
causes a fault, it can be quickly identified and fixed.
 Due to the modular nature of the unit testing, we can test parts of the project
without waiting for others to be completed.

Unit Testing Disadvantages

 Unit testing can't be expected to catch every error in a program. It is not possible
to evaluate all execution paths even in the most trivial programs
 Unit testing by its very nature focuses on a unit of code. Hence it can't catch
integration errors or broad system level errors.

2. White box Testing : White Box Testing is defined as the testing of a

software solution's internal structure, design, and coding. In this type of testing,
the code is visible to the tester. It focuses primarily on verifying the flow of
inputs and outputs through the application, improving design and usability,
strengthening security. White box testing can be quite complex. The complexity
involved has a lot to do with the application being tested. A small application that
performs a single simple operation could be white box tested in few minutes,
while larger programming applications take days, weeks and even longer to fully
test.White box testing should be done on a software application as it is being
developed after it is written and again after each modification.

White Box Testing Tools

Below is a list of top white box testing tools.

 Veracode : Automate testing throughout the SDLC and across your software
portfolio.Reduce the cost of application security by finding and fixing flaws at
 the most cost-efficient point in the development process.Avoid the capital
expense of deploying in-house white box testing tools.Combine white box
testing tools with dynamic application security testing assessment, or DAST
assessment, for a comprehensive gray box testing solution.Scale easily from
testing a handful of software products to scanning thousands of applications as
needed.

 EclEmma : is a free Java code coverage tool for Eclipse .It brings code
coverage analysis directly into the Eclipse workbench .

Fast develop/test cycle: Launches from within the workbench like JUnit
test runs can directly be analyzed for code coverage.

Rich coverage analysis: Coverage results are immediately summarized

and highlighted in the Java source code editors.

Non-invasive: EclEmma does not require modifying your projects or

performing any other setup.

 RCUNIT : RCUNIT is a small framework for testing C programs. It uses non-

local jumps to emulate exceptions and handles program terminating signals
(e.g. SIGILL) during test runs. RCUNIT allows creation of test fixtures, either
per test or per test group.
 NUnit : NUnit is a unit-testing framework for all .Net languages.
 JSUnit :
 JUnit : is the next generation of JUnit. The goal is to create an up-to-date
foundation for developer-side testing on the JVM. This includes focusing on
Java 8 and above, as well as enabling many different styles of testing.
 CppUnit : is a unit testing framework module for the C++ programming
language. It allows unit-testing of C sources as well as C++ with minimal
source modification.

Advantages of White Box Testing

 Code optimization by finding hidden errors.
 White box tests cases can be easily automated.
 Testing is more thorough as all code paths are usually covered.
 Testing can start early in SDLC even if GUI is not available.

Disadvantages of WhiteBox Testing

 White box testing can be quite complex and expensive.
 Developers who usually execute white box test cases detest it. The white box
testing by developers is not detailed can lead to production errors.
 White box testing requires professional resources, with a detailed
understanding of programming and implementation.
 White-box testing is time-consuming, bigger programming applications take
the time to test fully.
3. Perfomance Testing : testing to ensure software applications will
perform well under their expected workload. Performance Testing is done to
provide stakeholders with information about their application regarding speed,
stability, and scalability. The focus of Performance Testing is checking a
software program's

 Speed - Determines whether the application responds quickly

 Scalability - Determines maximum user load the software application can
handle.
 Stability - Determines if the application is stable under varying loads.

Performance Test Tools

 NeoLoad - is the performance testing platform designed for DevOps that
seamlessly integrates into your existing Continuous Delivery pipeline.
With NeoLoad, teams test 10x faster than with traditional tools to meet the
new level of requirements across the full Agile software development
lifecycle - from component to full system-wide load tests.
 LoadView Testing - Test your infrastructure at any scale. From small
targeted tests to millions of users, find performance bottlenecks and adjust
your capacity plan accordingly. LoadView offers on-demand, 100% cloud-
based load testing. Test user experience with real browsers, for a complete
performance picture.
 HP LoadRunner - is the most popular performance testing tools on the
market today. This tool is capable of simulating hundreds of thousands of
users, putting applications under real-life loads to determine their behavior
under expected loads. Loadrunner features a virtual user generator which
simulates the actions of live human users.
 Jmeter - one of the leading tools used for load testing of web and
application servers.

4. Fuzz Testing : is a type of testing where automated or semi-automated

testing techniques are used to discover coding errors and security loopholes in
software, operating systems, or networks by inputting invalid or random data.
Usually, Fuzzy testing finds the most serious security fault or defect.Fuzz testing
gives more effective result when used with Black Box Testing, Beta Testing, and
other debugging methods.It is used to check the Vulnerability of software. It is
very cost effective testing techniques.It is one of the black box testing technique.
Fuzzing is one of the most common method hackers used to find vulnerability of
the system. The steps for fuzzy testing include the basic testing steps-

Step 1) Identify the target system

Step 2) Identify inputs

Step 3) Generate Fuzzed data

Step 4) Execute the test using fuzzy data

 Step 5) Monitor system behavior

Step 6) Log defects

Fuzz Testing Tools Tools which are used in web security can widely be
used in fuzz testing such as Burp Suite, Peach Fuzzer, etc.

 Peach Fuzzer : Peach Fuzzer provides more robust and security coverage than
a scanner. Other testing tools can search only for known threads whereas Peach
Fuzzer enable users to find known and unknown threads.
 Spike Proxy : It is a professional-grade tool looking for application-level
vulnerabilities in web applications. SPIKE Proxy covers the basics, such as
SQL Injection and cross-site-scripting, but it's completely open Python
infrastructure. SPIKE Proxy is available for Linux and Windows.
 Webscarab :Webscarab is written in Java thus portable to many platforms. For
analyzing application Webscarab framework is used that communicate using
HTTP and HTTPS protocols.

Ex: Webscarab works as an intercepting proxy, it allows the operator to review

and modify request created by the browser before they are received by the
server. And allow to review and update response generated by the server
before received by the browser. In this way, if web scarab finds any loophole,
it will make the list of the reported issues.

 Burp : Burp used as a security tool for java web application. Burp is used to
process attacks against applications which include testing for web application
vulnerabilities such as buffer overflow, cross-site scripting, SQL injection, etc.
 OWASP WSFuzzer : WSFuzzer is a GPL'd program that written in Python.
GPL'd a program currently targets Web Services. In the current version of
OWASPWSFuzzer HTTP based SOAP services are the main target.

Advantages of Fuzz Testing

 Fuzz testing improves software Security Testing.
 Bugs found in fuzzing are sometimes severe and most of the time used by
hackers including crashes, memory leak, unhandled exception, etc.
 If any of the bugs fail to get noticed by the testers due to the limitation of
time and resources those bugs are also found in Fuzz testing.

Disadvantages of Fuzz Testing

 Fuzz testing alone cannot provide a complete picture of an overall security
threat or bugs.
 Fuzz testing is less effective for dealing with security threats that do not
cause program crashes, such as some viruses, worms, Trojan, etc.
 Fuzz testing can detect only simple faults or threats.
 To perform effectively, it will require significant time.
  Setting a boundary value condition with random inputs is very problematic
but now using deterministic algorithms based on users inputs most of the
testers solve this problem.

5. Automation Testing : Automated software testing is important due

to the following reasons:

 Manual Testing of all workflows, all fields, all negative scenarios is time
and money consuming
 It is difficult to test for multilingual sites manually
 Automation does not require Human intervention. You can run automated
test unattended (overnight)
 Automation increases the speed of test execution
 Automation helps increase Test Coverage
 Manual Testing can become boring and hence error-prone.

Automation Testing Tools

There are tons of Functional and Regression Testing Tools available in the
market. Here are 5 best tools certified by our experts

1. Tricentis is the industry’s #1 Automation Testing platform and is

recognized for reinventing software testing for DevOps. Tricentis is the
only vendor to achieve “leader” status in all three top analyst reports.

Features:

 Risk-based testing
 Scriptless end-to-end test automation
 Supports API, BI, Mobile, Cross Browser, RPA and other automation
testing types
 The industry’s most extensive technical support

2. Mabl : delivers scriptless end-to-end test automation, integrated with your

delivery pipeline, so you can focus on improving your app.

Features:

 Proprietary machine learning models automatically identify and surface

application issues
 Tests are automatically repaired when UI changes
 Automated regression insights on every build

3. Selenium : It is a software testing tool used for Regression Testing. It is an

open source testing tool that provides playback and recording facility for
Regression Testing. The Selenium IDE only supports Mozilla Firefox web
browser.

 It provides the provision to export recorded script in other languages like

Java, Ruby, RSpec, Python, C#, etc
 It can be used with frameworks like JUnit and TestNG
 It can execute multiple tests at a time
 Autocomplete for Selenium commands that are common
 Walkthrough tests
 Identifies the element using id, name, X-path, etc.
 Store tests as Ruby Script, HTML, and any other format
 It provides an option to assert the title for every page
 It supports selenium user-extensions.js file
 It allows to insert comments in the middle of the script for better
understanding and debugging

4. QTP (MicroFocus UFT) : QTP is widely used for functional and

regression testing, it addresses every major software application and
environment. To simplify test creation and maintenance, it uses the concept
of keyword driven testing. It allows the tester to build test cases directly
from the application.

 It is easier to use for a non-technical person to adapt to and create working

test cases
 It fix defects faster by thoroughly documenting and replicating defects for
developer
 Collapse test creation and test documentation at a single site
 Parameterization is easy than WinRunner
 QTP supports .NET development environment
 It has better object identification mechanism
 It can enhance existing QTP scripts without "Application Under Test" is
available, by using the active screen

5. Rational Functional Tester : It is an Object-Oriented automated

Functional Testing tool that is capable of performing automated functional,
regression, data-driven testing and GUI testing. The main features of this
tool are

 It supports a wide range of protocols and applications like Java, HTML,

NET, Windows, SAP, Visual Basic, etc.
 It can record and replay the actions on demand
 It integrates well with source control management tools such as Rational
Clear Case and Rational Team Concert integration
 It allows developers to create keyword associated script so that it can be re-
used
 Eclipse Java Developer Toolkit editor facilitates the team to code test
scripts in Java with Eclipse
 It supports custom controls through proxy SDK (Java/.Net)
 It supports version control to enable parallel development of test scripts
and concurrent usage by geographically distributed team

6. WATIR : It is an open source testing software for regression testing. It

enables you to write tests that are easy to read and maintain. Watir supports
 only internet explorer on windows while Watir webdriver supports
Chrome, Firefox, IE, Opera, etc.

 It supports multiple browsers on different platforms

 Rather than using proprietary vendor script, it uses a fully-featured modern
scripting language Ruby
 It supports your web app regardless of what it is developed in

7. SilkTest

Silk Test is designed for doing functional and regression testing. For e-business
application, silk test is the leading functional testing product. It is a product of
Segue Software takeover by Borland in 2006. It is an object-oriented language
just like C++. It uses the concept of an object, classes, and inheritance. Its main
feature includes

 It consists of all the source script files

 It converts the script commands into GUI commands. On the same
machine, commands can be run on a remote or host machine
 To identify the movement of the mouse along with keystrokes, Silktest can
be executed. It can avail both playback and record method or descriptive
programming methods to get the dialogs
 It identifies all controls and windows of the application under test as
objects and determines all of the attributes and properties of each window.

6. Regression Testing : testing to confirm that a recent program or code

change has not adversely affected existing features. Regression Testing is
required when there is a

 Change in requirements and code is modified according to the requirement

 New feature is added to the software
 Defect fixing
 Performance issue fix 

Regression Testing Tools

Selenium: This is an open source tool used for automating web applications.
Selenium can be used for browser-based regression testing.

Quick Test Professional (QTP): HP Quick Test Professional is automated

software designed to automate functional and regression test cases. It uses
VBScript language for automation. It is a Data-driven, Keyword based tool. 

Rational Functional Tester (RFT): IBM's rational functional tester is a Java

tool used to automate the test cases of software applications. This is primarily
used for automating regression test cases and it also integrates with Rational Test
Manager.