API Security Testing : Rules And Checklist

One of the most valuable assets of an organization is the data.  It is important for an organization to identify the threats to secure data from any kind of risk.
That’s why API security testing is very important. An Application Programming Interface provides the easiest access point to hackers.
To make your data safe from hackers, you should use API security testing and ensure that the API is as safe as possible. If there is an error in API, it will affect all the applications that depend upon API.
alt
An API is a user interface intended for different users.
It is made for a machine running software so that two machines can communicate with each other in the same way that you are kind of communicating with your devices when you are browsing the internet or using certain applications.
Rules For Api Security Testing
Unfortunately, a lot of APIs are not tested to meet the security criteria, that means the API you are using may not be secure.
So, you have to ensure that your applications are functioning as expected with less risk potential for your data. You must test and ensure that your API is safe.
Although, API testing is simple its implementation is hard. Here are some rules of API testing:

  • An API should provide expected output for a given input
  • The inputs should appear within a particular range and values crossing the range must be rejected
  • Any empty or null input must be rejected when it is unacceptable
  • Incorrectly sized input must be rejected

Methods Of API Security Testing
Fuzz Testing
It is one of the simple and common ways to test the delicacies in a web service.
It is basically a black box software testing technique which includes finding bugs using malformed data injection.
Fuzz testing does not require advanced tools or programs. Fuzz testing can be performed on any application whether it is an API or not.
You can simply use the command lines like curl and simply send some unexpected value to API and check if it breaks. For example:
Fuzz Testing Numbers: If your API expects numbers in the input, try to send values such as negative numbers, 0, and large digit numbers.
A badly coded application will depend on a certain format, so this is a good way to find bugs in your application.
Fuzz Testing Strings: the best way of fuzz testing strings is to send SQL queries in a criterion where the API is expected some innocuous value.
Undoubtedly, an API will not run any SQL sent is a request
Command Injection
An injection flaw occurs with respect to web services and API when the web application pass information from HTTP request through other commands such as database command, system call, or request to an external service.
For example, you send a request to an API by entering a command  ?command=rm -rf / within one of the query parameter.

If the API does not validate the data within that parameter properly, then it could run that command by destroying the contents of the server.
Here we will discuss the ways to test API vulnerabilities.
Operating System Commands in API Requests: You can start with determining the operating system on which the API runs. Generally, it runs on Linux and Windows.
Now, try to send commands within API request that would run on that operating system.
Consider the following example in which the API request deletes a file by name.

$fn = $_GET[‘filename’];
system(“rm $file”)

If the user’s request sends a vicious command in the filename parameter, then it will be executed like:

https://example.com/delete?name=file.txt;rm%20/

SQL in API parameters: As similar to operating system command injection, SQL injection is a type of instability that happens when invalidating data from an API request is used in database command. For example

$name = $_GET[‘username’];
runDbTransaction(“UPDATE user SET username=$name WHERE id = …”)

An attacker or hacker can easily run database command by making an API request if the input data is not validated properly.
(Un) Authorized Endpoints And Methods
It is very important that an API should authorize every single request before processing it because when the API reveals any sensitive data and allow the users to make damaging actions.
Test For Authentication On All EndPoints: This is one of the ways to test your API security is to set up automated tests in the scenarios such as test authorized endpoints without authorization, test authorized endpoints without authorization and test user privileges.
Test Unhandled HTTP Methods: API that uses HTTP have various methods that are used to retrieve, save and delete data.
The ways to set up a security test for these cases are using HEAD to bypass authentication and test arbitrary HTTP methods.
Parameter Tampering
It takes the advantage of backend sanitizing errors and then manipulates parameters sent in API requests.
According to this, the forms that use type=”hidden” input should always be tested in order to make sure that backend server correctly validates them.

<input type=”hidden” name=”price” value=”100.00″ />

Conceptually, when the user opens his web browser and changes the input valued from 100.00 to 1.00 and submit the form, then the service will be vulnerable to parameter tampering.
API Security Testing Tools
SoapUI
It is a functional testing tool specifically designed for API testing.
It allows the users to test t is a functional testing tool specifically designed for API testing.
It allows the users to test SOAP APIs, REST and web services effortlessly.
Features:

  • It runs the test quickly and easily with point & clicks and drag & drop
  • The load tests and security scan used in SoapUI can be reused for functional testing

Katalon Studio
It is a free security testing tool for API, web and mobile applications.

It supports both REST and SOAP request with various commands and functionality.
It has the capability of combining UI and API for multiple environments.
Features:

  • It supports the data-driven approach
  • IT support CI/CD integration
  • It supports both SOAP and REST

Postman
It is a security testing tool used to test web services and API.
It was designed to send HTTP requests in a simple and quick way.
Now it has extends its solutions with the native version for both Mac and Windows.
Features:

  • It can be run on Linux, Windows, Mac and chrome apps
  • It is easy to use REST client
  • Rich interface
  • Used for automated and exploratory testing
  • It doesn’t require learning a new language
  • It also has run, test, document and monitoring features

Tricentis Tosca
It is a continuous security testing platform with several benefits and features
Features:

  • It supports an array of protocols such as SOAP, IBM MQ, Rabbit MQ, JMS etc.
  • API tests can be used across packaged apps, cross-browser, mobile etc.
  • It reduces the time of regression testing

Apigee
It is a cross-cloud API security testing tool which allows the users to test and measure the performance of API.
Features

  • Powered by Javascript.
  • It allows design, monitor, scale and deploys API.
  • Identify performance issues.
  • Create API proxies.

How To Hire A Software Testing Team That Fits Your Office Culture

Hiring a software testing team can enhance the productivity and quality of solutions you create.
With that, you can improve your market position and build a reputation among your clients. However, all these benefits come down to the team you build.
A team of software testers has to fit the office culture you have. For that, you can follow the following steps for a successful hire:
1. Evaluate Your Stakeholders
Before you make any moves, it is important to learn your office culture comprehensively.
Office culture is not just the rules you follow on a daily basis.
It is the people in your office, especially the stakeholders of your business.
You should have a meeting with your project managers and other leaders who understand the requirement of your company.
Ask their point of view on hiring a team of software testers.
Their recommendations will help in creating a basic idea of what sort of software testers you should hire.
Such meetings will help you understand questions regarding manual testing, automated testing, deadlines followed generally, time management requirements, communication and other requirements.

Also, you can ask your stakeholders and managers about the preferred coding language utilized.
2. Evaluate Your Company’s Methodology
You probably know the coding and testing methodologies utilized in your company.
However, it would be wise to re-evaluate the methodologies utilized in your company.
If you are a startup, an established company or trying to transition to a new methodology.
These aspects matter to decide what sort of software testers you want.
3. Target Community Events And Testing Conferences
After evaluating your office culture, you need to find the right testers in order to create a software testing team. However, there are many potential testers who don’t fit your criteria for hire.
Hence, you need to avoid the clutter and reach the right software testers quickly.
One way of doing that is getting involved in community events and testing conferences. These scenarios provide a meeting ground with group defined testers.
You already know what kind of testers are coming to attend a community event or testing conference.
banner
Hence, obtaining potential candidates from these events is a smart move to save time and efforts without compromising in any manner.
You can announce your interest in hiring a software testing team and allow the potential firms or testers reach you.
4. Gathering Potential Options Online
You can start promoting your requirements via social media, job portals, and other ways. Attract with competitions focused towards testing needs and office culture you desire.
Right candidates are always available on platforms such as LinkedIn and Twitter.
Hence, you can utilize the online presence of your company to gather candidates faster without too much investment.
5. Ask Questions About The Procedure They Follow
When you have found the right candidates to build a team, understand their approach.
Give them scenarios and ask questions regarding the testing procedure, bug finding, and other associated concepts.
This way, you can understand their thinking ability and recognize problem-solving capacity, which is a much-needed trait.
Also, include questions associated with the office culture you have. Here you can ask about the coding approach and knowledge, their ability to provide flexible timings and more.
Also, find the understanding of manual and automated testing approach of software testers.
6. Test The Testers
An actual execution test is necessary before you make your final decision. Hence, you should invest in creating an assignment that aligns with your work culture.
Put some limitations that you face on a daily basis. For instance, you can decide the ratio of manual and automated testing.
This way, you can test the testers in terms of their approach, skills, techniques, and methodologies.
7. Evaluate Teamwork of the Testers
It is essential for software testers to work in coordination with each other and other programmers in your company.
app testing
The ability to communicate matters, so that, the testers and enhance the productivity of your team with seamless collaboration with programmers and designers.
After going through each and every step mentioned above, you will find the right software testers to hire.
They all will blend into your office culture and become an inherent part of your company. However, it is still important to allow them some time to adjust to the work culture.
Hopefully, you are now ready to make the right moves and hire your software testing team.

How To Do Responsive Design Testing? Rules, Challenges and Tips

Website responsiveness acts as an important factor for the search engine ranking and influences Google search results largely. And above all, the majority of people nowadays access the internet through their smartphones. So website responsive design testing is essential as a validation method for any website to ensure that their website works fine when viewed through a mobile phone.
What is responsive web design (RWD) or simply responsive design?
Responsive web design is a technique or approach by which the web pages render themselves adaptively to suit the size and resolution of the device on which they are being accessed. This gives the users an easy reading experience along with simpler navigations.
With the huge number of websites and domain names getting added to the internet, it is very important from the user experience perspective for the website to be responsive. Else you can be sure of losing your audience. Imagine the plight of having to scroll your page in all direction to find a single button to click
responsive web design

Challenges in Responsive Design Testing

The experience of internet users on mobile devices varies from that on desktops. Therefore, testing a responsive web design is very important.
The main challenge when testing a responsive website is to ensure that the respective website works the same on different platforms.
However, this testing is not really practical for all mobile devices available in the market.
Testing a responsive design starts with resizing of the browser’s window in order to fit view port of a tablet, desktop or mobile phone.
The approach is enough for a quick visual check of the website in various view ports. It helps the testers to detect major issues while shrinking or enlarging the browser window.

Responsive Design Testing tools

Have a look at the Top 10 tools used to test responsive design.

  1. Responsinator

This is one of the most widely used tools for responsive testing. The highlight of the tool is that it is one of the easiest and simplest tool to work with. And to it the fact that it is a free web browser-based tool. To check the responsive nature of your website all you need to do is enter the URL along with then select the different size and shapes of screen available. The moment you hit the submit button, the tool will display how the website will render in device with the shape and size of your choice.

  1. LambdaTest

This is a cross-browser mobile testing tool which enables the users to test up to 22,000 different browsers, mobile, and OS combinations. This tool especially supports the responsive design testing with a separate tab under Visual UI dedicated to responsive testing. It is a free cross-browser testing application which comes with some premium features as well, which is priced. This is tool is widely used across the IT industry with some major names like Capegemini, Deolite, Virtusa, edureka and many more.

  1. Screenfly

This is another tool which is very commonly used for testing the responsive design of a website. Another very simple tool, all you need to do to get started it to type the URL and click the GO button.
You will be directed to the screen where you will be able to choose your device. Screenfly currently gives you several options in television, tablet, mobile and desktop to choose from. It will also give an option to choose a custom size it they already do not have that option.
The only drawback with Screenfly is that it will not take into account the rendering. It accounts only for the fluid layouts and different screen sizes.

  1. Device Tools

Google chrome comes with a set of inbuilt DevTools, Device Tool is one of them. It may not be very accurate but can definitely be used by the developers as the first ballpark estimate of how the web page will look in different devices.
Similar to other tools available, device Tools also gives you the option to select the device size. But the difference here is that the mobile user experience is simulated using code and it will definitely not be able to replicate the mobile architecture. But again it is a handy tool for developers to instantaneously check and authenticate the responsive design.

  1. Google Resizer

Google resizer works on material design patterns. The material design consists of columns, gutter, and margins. Google material design advocates on the usage of column widths, gutters, etc. in a way which such that it can responsively adjust to the screen size by making use of the gutters and margins.
There are a number of UI patterns that come into picture when the responsive resizing happens like transforming, dividing, expanding, revealing, hiding, etc. A resizer will help you better understand each of these and thus help you decide which one would be best suited for your needs.

  1. GhostLab

GhostLab is a paid website testing app. And the best part is that it allows you to perform your tests and actions on a large number of browsers and mobile devices of different screen size and resolution at the same time. The best part of this app is that you need not perform your actions on each browser. Whatever your actions are performed on the first browser get replicated in all other browsers, hence the name GhostLab. The app also allows you to take screenshots, add text to the screenshot and even attach it to your bug tracking tool if needed.

  1. BrowserStack

BrowserStack is a cloud-based web and mobile testing platform. It is one of the most advanced and full-featured testing tool available in the market today. It boasts of more than 2000 devices and desktop browsers solely dedicated for testing purpose. Time and again they keep adding more devices to their kitty based on the popularity of the device and the features offered. BrowserStack works by connecting you to a device or server located somewhere which you can access through the cloud in a webpage. All actions performed by the user on the web page are replicated on the mobile devices and browsers as well. Some of the very high profile clientele for BrowserStack includes Twitter, RBS, Microsoft, Harvard University among others.

  1. CrossBrowser Testing

CrossBrowser Testing is the BrowserStack’s biggest competition. It works almost the same way and presently includes more than 1500 browsers and mobile devices which can be used for testing and development. All the actions are performed in real devices and it is able to replicate the mobile features like swipe, pinch in and pinch out as well. Besides providing real-time experience with real devices, it also supports CI, which is the next big onus across the IT industry.

  1. Responsivedesignchecker

This is a free tool which can be used to test the responsiveness of a website and how well your website renders on different devices and browsers. Currently, it supports tablets, mobile phones and desktop only. The user can choose different sizes and resolutions for these three categories to test their website for responsiveness.

  1. Viewport Resizer

Viewport Resizer is a free tool which can be used to see how the webpage will look in different screen sizes and resolutions. It is a very simple and easy to use tool which is completely free. All one needs to do is, create and save a bookmark let of the website that we are trying to check. Once you click GO you will be able to select the screen size and resolution in which you want to see your website. It is a very basic and simple tool which can be used within minutes to get the desired results.
How To Test a Responsive Design?
A responsive design tester can consider the following variances for Responsive testing-
Emulators: it is a simulation-based on the web. It simulates how a website or application will look like or function in a mobile device.
The emulator does not serve you with the exact testing facilities.
However, they are a very cost-effective and powerful solution to test a website’s compatibility in different screen size.
Google Dev Tools-Device mode: it consists of a feature known as device mode which includes tools that are very helpful for debugging and testing responsive designs.
It tests your responsive design by emulating various screen resolutions and sizes.
Moreover, it uses a network emulator to evaluate your site’s performance without hindering the operations of other tabs.
The tool inspects and visualizes media queries and simulates device input accurately.

General Rules For Responsive Design Testing

  • Never visualize the horizontal bar in the page
  • Text included in the website should be properly visible when scrolling
  • Pages should be readable and clearly visible in all resolutions
  • The important content in the page should be visible in all *breakpoints
  • There should be proper padding around the corners
  • The font color, size, and style should be consistent for all sort of text
  • Shading, gradient, and color should be consistent
  • Frames, images, text, and controls should not run into the corners of the screen
  • Ensure that the controls, images, and texts are aligned properly
  • There should be a suitable clickable area present in the page
  • Selection and hovering highlights and changes color

*Break point demands an adaptation of the layout. It consists of modules that change their rules and positions.
Finally, you need to narrow down your options for device testing to ensure your website works perfectly for the majority of your users.
However, responsive design testing on every device combination does not seem to be a practical option.
Determine the use of your web application. You can take the help of Google Analytics to identify which devices are used by your customers to reach your website.
Furthermore, you should be able to detect the breakpoints and all the elements that will be appearing as you shift from one breakpoint to another.
After this is done, its time you take into consideration the automated tools and emulators and conduct basic checks and functional testing.
Combine the testing with the real device manual testing in the end.

Tips For a Successful Responsive Design Testing
  • While in the process of the test, the tester should be well aware of the nitty-gritty of the test. He/she should know what and how to test on a variety of devices at various breakpoints. Or otherwise, it can become quite disorientate.
  • For the correct and proper testing of a responsive design website, there needs to be perfect coordination between the tester and the developer. The developer must help the tester through creating the necessary conditions as mentioned in the test cases.
  • The main content of the responsive website should be visible from every breakpoints. The transition of the website from the desktop screen to the mobile screen size should not affect the main text and other content.
  • Responsive design testing only detects major issues. However, you should always remember to test the small features like tapping, swipes, and other finger related issues. Doing so will lead you to better and successful testing.
  • Ensure that the content of the responsive website is visible in every size and resolution.
  • Once the browser is resized, make sure that all the clicking areas of the design are suitable for clicking.


Conclusion
Testing a responsive design is very challenging. However, you must choose the most efficient way to tackle them. A successful future of a mobile application depends largely on its responsive design testing. Proper and successful responsive design testing can contribute in a great way to meet up to your expectations of setting your site up.

How To Do Security Testing: Best Practices

The industry of software has a huge reputation and presence in almost every sector.
Most businesses utilize IT solutions and web-based systems to manage and maintain their business. The banking, payments, stock, purchasing and selling, and many other activities are conducted digitally these days.
alt
The rise of digital business has made security testing extremely important. This article will show you the major steps to perform security testing.
1. Test The Accessibility
Access security should be your first priority to ensure the safety of your business and your customers.
Accessibility includes authentication and authorization. You decide who will get the accessibility and how much accessibility is allowed to an authenticated person.
This helps in ensuring that your data stays safe from internal and external breaches.
To conduct the accessibility test, you are required to test the roles and responsibilities of people in your company.
Hire a tester who is qualified for the job. He or she will generate multiple user accounts, including different roles.
security testing those generated accounts will help in ensuring the security level in terms of accessibility.
The same test can also include password quality, default login capacities, captcha test, and other password and login related tests.
2. Test The Protection Level of Data
The security of your data depends on:

  • Data visibility and usability
  • Data storage

While data visibility is about how much data is visible to users, the data storage involves the security of your database.
Proper security testing measures are required to ensure the effectiveness of data storage. However, you have to test first to check the vulnerabilities.
A professional tester can test the database for all kinds of critical data such as user account, passwords, billing and others.
It is important that the database stores all the important data. The transmission of data should be encrypted as well. The qualified tester also checks the ease of decryption of the encrypted data.
3. Test For Malicious Script
Hackers utilize XSS and SQL injection to hack a website. A malicious script is injected into the system of a site, which allows the hacker to control or manipulate the hacked website.
selenium
A tester can ensure the safety of your site against these practices.
The tester can check the maximum lengths allowed for the input fields. This restriction doesn’t allow a hacker to include these malicious scripts.
4. Test The Access Points
In today’s market, collaboration is the way of doing business. Many businesses collaborate on a digital level by providing services in a collaborative way.

Also Read : How to Test a Bank ERP System

For instance, a stock trading app has to provide consistent access to the latest data to the users and new visitors as well. But this open access also presents the risk of unwanted breach.
To immune from such attacks, a tester can check the entry points of the app.
The professional tester evaluates and ensures that all the access requests come from reliable IPs or application.
If not, the app system should have the capacity to reject those requests.
5. Test The Session Management
Session on the web includes the response transactions between your web server and the browser utilized by a user.
Testing the session management involves multiple actions such as expiry time of the session after a certain idle period, maximum lifetime of termination, session end time after a user logs out and others.
6. Test The Error Handling
Testing the error codes is important too. This includes the errors of 408, 400, 404, and others.
The tester can perform directed actions to reach such pages and ensure that the presented page doesn’t contain any critical data or information.
This helps in ensuring that all the data presented on error pages are safe and can’t help the hackers.
This test also includes the checkup of the stack traces, which can help the potential hackers to breach.
7. Test For Other Functionalities
Other functionalities that require testing are the file uploads and payments. These functions require thorough testing.
app testing
Any malicious file should be restricted. Also, the tester should check the vulnerabilities associated with the payments such as buffer overflows, insecure storage, password guessing, and other issues.
Apart from the mentioned tests, a professional tester can recommend others, according to the business model you have.
Conducting the tests in the mentioned way will help you ensure a comprehensive security of your digital presence.

How to Test a Bank ERP System

Enterprise Resource Planning is the planning procedure oforganization or enterprise to increase its efficiency and productivity with the help of resource integration.
selenium
There is no rocket science to understand the concept of ERP since it works on 4 M’s – Man, Method, Machine and Materials.
Here, in banks, ERP holds a lot of importance due to the finance management properties.
However, testing the system before deployment is a must since millions of people and humongous amount of money is associated to it.
ERP in Banking
The Banking ERP services industry helps in the delivery of more agile spectrum for banking services and solutions.
The software of ERP is immensely used to comprehend all of the large-scale deployment and small point solutions when they are integrated with the banking industry.
The ERP services are the way to get the solution easily transferred to the financial and banking institutes with the help of enterprises that can help in the expansion of upcoming ventures.
Testing Bank ERP System
There are usually two methods to test the ERP system on the bank – core testing team and implementation testing team.
The core testing team is responsible to test the functionality of the ERP system that is static in nature while the implementation testing team helps in the customized and dynamic functionalities.
When a small function or feature is altered in the system, it affects multiple systems or modules.
Hence, the team tries to capture all the alteration made and the impact it will have on the system via traceability.
The ERP banking system is usually tested by the company that develops the system.
However, the system is large in nature that requires automated test execution.
The ERP companies analyze the requirement to design testing framework that is completely automated and then set their task on infrastructure.
Now, don’t get confused with automated testing in a banking environment.

Also Read : Top 25 Software Testing Companies to Look Out For in 2018

It is just that the ERP testing method that is widely used since the manual method is not ideal in time limitations.
If the ERP system is not thoroughly tested with 100 percent quality and efficiency then the implementation of the ERP system will fail.
Hence, the automated testing framework has generally used that guarantee to test on each and every component.
The common testing that is used in the Banking ERP system are:

  • Adaptability testing
  • Data Handling testing
  • Functional testing
  • Image testing
  • Infrastructure testing
  • Installation testing
  • Integrity testing
  • Interface testing
  • Interoperability testing
  • Load testing
  • Parallel testing
  • Performance testing
  • Regression testing
  • Reliability testing
  • Scalability testing
  • Security testing
  • System testing
  • Usability testing

However, it will depend on the system and ERP companies on which testing system they opt for. The most common and highly used techniques for testing are:
System Testing
In this type of testing, the whole system is tested by taking it as a whole. It will include all the components and modules that are integrated to verify the working of the system.
app testing
This type of testing is done when the system passes off the integration testing to ensure that the quality of a system is maintained.
However, there is no need to have in-depth knowledge about a system. All you need to do is simply run the system in the integrated format to see how the modules are coming out.
Security Testing
The main focus of the banking and financial institutions is to provide 100 percent security to their customers.
Hence, security testing is the most essential part of the testing phase that is done with uttermost care and safety.
Each and every module is checked to make sure that there are no loopholes since the millions and billions of money is at stake.
The main focus of this testing is to see that the confidential data can’t be leaked by using any of the illegal methods.
Usability Testing
Another type of testing that is followed in Bank ERP system is usability testing in which the interface is checked to make sure that user requirements and fulfilled with efficiency and effectiveness.
In this, the validation of the modules is checked out to make it easy to learn and familiarize it.
It is done at the design level when the software undergoes a number of changes, implementation, and interpretations.
Performance Testing
There is no point of building off the Erp system if the performance is not 100 percent accurate or it is extremely slow.
Hence, it is crucial to have a check on the performance of the whole system that can ensure the success and reliability.
There is a number of testing phase that falls into the category of performance testing such as load, stress, capacity, volume, scalability, and reliability.
Regression Testing
This type of testing is done when a small change is made in a module.
This will ensure whether there is any impact on the system due to the change or not.
It is not only done on that particular module but on the whole system to see what a simple change in the module can do on the system.
The modules are interdependent on each other and hence, it is essential to verify whether they are hampering each other or are running smoothly.
Installation and Uninstallation Of Testing
The installation and uninstallation testing is the one that is extremely crucial for a system. If the installation is not successful in a system, it is essential to check it up to determine the root cause.
Sometimes, the whole reinstallation of Operating system is required if the ERP system is not installed correctly.
This is the last thing that you will need as a first impression on your banking client. Hence, it is essential to get it tested beforehand while installing it on a spare system and checking on its working.
The Requirement Of ERP Software For a Bank
The ERP system in the banking sector ensures innovation and agility that helps in driving the insight on the accuracy, change in practices of a business and customer requirement expectations to offer them a much more excellence in operations.
The implementation of the ERP system in the banking sectors is a big step towards the expansion of business that will include topmost customer experience, profit, share market, and acquiescence devotion.
Benefits Of Banking ERP System
Now, since we know the importance and testing procedure of the ERP System in the bank, it is essential to know why they are beneficial for the business.
banner

  • Transactions are extremely secure. The system keeps on monitoring each and every transaction and in case any of the transaction is odd, it will block it while generating an alert.
  • The real-time tracking system has made it easy to depend on telebanking, net banking, etc. They can easily monitor the details on accounts that ensure no mistake operation services with better administration.
  • The 24×7 database system helps in making transaction at any time irrespective of your location. It is a huge chance for business personals to explore their business options.
  • Evaluation and investigation can also be done easily with the history of the account just a click away. It will store the detail of a single penny transaction that will help you to see that your money is in safe hands.

For the ERP testing, make sure that everything is covered and a professional is doing the task. There is simply so much at risk so it is better to follow up a roadmap.

What is User Acceptance Testing? Why is it so Awesome?

User Acceptance Testing  (UAT) is essential in SDCLC ( Software development life cycle). The process is considered an effective method to analyze the UX ( user experience) of the app and to check whether the app has met its requirement specification.

Just keep in mind that it is all done from the user’s perspective.
User Acceptance Testing

UAT is the last and the most important one in the lane to ensure that a user is enjoying your product to the max.

The main motive of this whole step is to make sure that a software system is all set to be in front of users in the real world.

This testing phase is also known as Beta and End-user Testing is considered chiefly during the web development process to ensure that the software is set for the final installation for the client site.

The software is tested in the real world by a particular set of users that test all the recording and correcting of any sort of small defects.

It is a chance for a user to do depth search on the application to understand the features and their working. The main task for a user is to look out for miscommunication, overlooked and not communicated points.

The key of UAT is to evaluate if a software system is able to support day-to-day activities and perform well in real scenarios.

Another use is to ensure that the system is necessary and precise for commercial practice.

What is User Testing?

It’s all about determining the app’s behavior with user interaction!

Mobile App User Testing is a great way to get the actual user to interact with your application.

The process will help help you to evaluate the behavior, and functionality of the app is performing as required.

it is a technique to evaluate the product by testing it on representative users by designing a user-oriented interaction environment to record the session and act according to the test results.

selenium
Types of User Acceptance Testing (UAT)

There are mainly five types of User Acceptance Testing such as:

  • Alpha & Beta Testing–Alpha testing is done by the staff members only on an internal Whereas beta testing involves the testing on the field in the customer’s environment with the help of some customers that will use it.
  • Black Box Testing–It is a type of functional testing in which functionalities are analyzed without knowing about internal code structure.
  • Contract Acceptance Testing–In this type of testing, the software is tested against some specifications or criteria which are predefined in a proper contract.
  • Operational Acceptance Testing–The Production Acceptance Testing or Operational Readiness Testing ensure that all the workflow used in the system is intact in a place and working properly.
  • Regulation Acceptance Testing–Compliance Acceptance Testing helps in investigating that the software fulfills all the appropriate guidelines of the legal and governmental processes.

Different Methods for User Acceptance Testing (UAT)

Generally, there are six methods for a successful mobile app user testing and each method gives you deep insights into intended userbase requirements and expectations from the product.

Let’s discuss these methods and choose any one or all based on our project goal and resources.

Moderated and Unmoderated

A moderator is involved in Moderated Usability Testing who guides the participated users through the testing session telephonically using Skype, zoom calls, face-time, etc.

It enables the testers to analyze users’ thoughts and reactions about the application and ask follow-up questions for elaborated feedback and clarification for better accuracy.

Unlike moderated, unmoderated testing does not require anyone for direct supervision.

The testing participants can freely interact with your app without any external input.

This method is the best to record user experience while they navigate through your app and learn more about their thoughts and feelings.

It can draw quick results but lacks accuracy and follow-up feedback is out of the equation.

Lab-based and Guerrilla Testing

Lab-based testing is one of the most used methods to validate the app design.

It is performed in a controlled environment, to restrict naturalistic bias, on a small size selected population and evaluates the easiness of users to complete the set of tasks on an app while being evaluated.

Once the test is complete, ask about users’ feedback with follow-up questions.

This method may cost you more but provides deep insights you may haven’t noticed.

Whereas Guerrilla Testing enables testers to select a completely random group of people from a public place and get them to test the usability of your app in exchange for gift cards or coupons while also building interest and awareness about your product.

It is cost-effective but you cannot have a follow-up as customers are reluctant to disclose their personal identities like numbers or addresses.

In-person and Remote Testing

In-person app user testing is more effective and provides the testers with a larger context and deep insights into the product’s behavior by observing users’ facial expressions and body language.

It is performed during moderated lab-based testing and can be performed remotely when necessary.

Remote Testing is much less costly and provides researchers an opportunity to perform a test on a larger number of people at once, in different geographical locations, using limited resources.

It is performed during moderated remote testing where users and researchers are connected via recorded video/phone call or webcam, and real-time interaction.

Card sorting

An effective approach to prioritizing app features and functions in the user interface helps determine the effective way to organize an app’s navigation structure.

The user is asked to sort virtual cards representing different items or shapes in the app’s navigation structure that make sense to the users.

Eye Tracking

This method lets the testers observe and evaluate the eye movements of the users via advanced eye-tracking technology to monitor the direction where the user is looking, the features they are interacting with, and for how long. It also allows testers to address the challenges faced by the users without interrupting the user’s natural flow.

Session Recording

It is a method used to record the actions on the screen by the user in a real-time environment. It includes clicking, scrolling, and selecting an element while using an application on their phone. It also allows the testers to observe the type of content attracting the users most for better engagement and understanding of the possible user interaction challenges they may face while using the mobile application.

What is the need for User Acceptance Testing (UAT)?

For someone who is in direct contact or has been involved in a thorough app development process, testing an application cannot be unbiased.

To get the unbiased test results, they must be conducted by the user who is not familiar with your application workings.

From a UI/UX perspective, doing a pre-launch app testing can help you understand the ways to improve your app, and hence, usability testing is essential for-

  • Valuable insights into what works better and what may create hindrances after post-launch.
  • Increases user satisfaction and your revenue. Excellent for the bootstrapped apps.
  • Learning about user experience, behavior, and preferences.

Points To Note Before User Acceptance Testing (UAT)

UAT is an essential phase for software development. It can’t be taken until a software system is complete and intact with the fundamental features.

However, there are a few points that must be taken into consideration before placing it for UAT.

  • All the requirements must be intact.
  • The entire application code must be up-to-date.
  • The main three-phase of testing must be done beforehand – Integration testing, Unit testing, and System testing.
  • There must be no discontinuing or medium/high faults in the Integration phase of testing.
  • Before sending for UAT, Improving errors are adequate in the application.
  • There must be no major defect in the regression testing.
  • All the defects that come into play during the time of testing must be corrected and tested again.
  • The traceability environment must be complete for all the testing.
  • UAT setting must be complete.
  • Sign off communication or mail from any of your testing system team that elaborates that the software is all set for UAT.

There are so many changes that can be missed during the testing phase and it will look complete.
app testing
However, there can be many changes that might be missed. Once a user will know because they know what they need and hence all the features will be checked by them thoroughly.

A customer and client can easily discover the problem that might be missed out on by you.

This will help you to conduct an accurate test, deliver the best outcome and maintain your reputation.

On top of that, customers will know that there is something new launched in the market for them to use.

Involvement of users in User Acceptance Testing (UAT)

The peer group that is most essential for the UAT testing must include real end-users that will perform a test on your system.

The stakeholders and role group must be incorporated.

This simply means that an individual of every group that is involved in the development phase must be in the team.

How to do User Acceptance Testing?

After the above explanation, you must be clear about what and why UAT must be included in the software development phase.

Now, you need to understand the ‘how’ of the UAT. Mainly there is a total of four steps that must be considered but it will depend on the number of users that will take advantage of this software.

Is it going to be a single client or for purchase for all the users or is it intended for the off-the-shelf applications.

Also Read : 10 Key Factors for Successful Test Automation

The main criteria that must be followed in the software are the ‘working’ requirement of the assembled application.

You can easily get a hang of it from the stories of users or system requirements. The second step is to create some test cases for UAT.

The UAT test cases are the test step sets, expected results, and execution conditions that must be developed for one or some specific purpose(s).

For instance, to authenticate the agreement with a precise requirement or to look out for a specific program or a feature.

In the next step when everything is in place then the tests are run and all the results must be documented.

Is there any defect? Are they successful? If there are any errors then it is essential to correct them and then perform a re-test on them.

At the final point, if everything turns out right in the testing phase then an orderly sign-off is the next thing to complete.

If you have an individual client then it is easier where the results must be documented. Once the application meets the criteria of the project then it is good to go.

Here are the Steps for User Acceptance Testing

Prepare and Plan

To run a successful usability testing, you must first develop a clear map with defined structures, test objectives, selecting participants, task-list to be completed by a user, create a testing environment, test moderator role, what data to collect, evaluate, and action, document and presentation.

Determine your Testing goals

Determining the exact goal for app testing is critical. Depending on the stage your app is on, the user testing goals may change according to its lifecycle.

The approach and extent of the testing are based on the goals and objectives. Find out which similar app a user is using and determine the users’ expectations from your app.

Determine the Testing Method Next, you need to figure out what approach is more effective and accurate, in-person and remote moderated or unmoderated while going to conduct the tests.

Remember each method has its pros and cons so choose wisely.

Recruit the test participants

It is crucial to find the right participants to get an accurate test response from the users.

Don’t just select the random people, look beyond the prospect. Select prior experienced people who have used similar apps to yours.

Organize testing environment

Once the participant’s recruitment is complete, it’s time to prepare a testing environment.

Keep the specific testing module and goals to be achieved in mind and create a list of tasks in a formatted test script.

You are not telling them how to do a test, you’re telling them what you want them to do without intervening with their natural flow while using your app.

make sure the testing environment doesn’t affect the user interface.

Prepare follow-up questions and ask for feedback from the user.

Keep it short and to the point

A developer knows the mechanics behind the app but a user doesn’t.

Follow the testing script and keep your sessions short, about 30 minutes or less, and to the point.

Make a list of the modules to be tested and explain to the user what he is supposed to look into.

Run the Test

After all your hard work, it’s time to finally conduct the test for your app.

This is the easiest step in the process, followed everything that is explained before.

Your participants are already recruited, and you’ve created a testing environment.

Now, just sit relax and let the users explore your product to your desired objectives.

Analyze and Act

Analyze the overall effectiveness of the app testing and gather all the useful information like recordings and feedback to get accurate recommendations to improve the overall app usability.

Conducting the sessions on participants and finding out the pattern will help you for understanding the problem better.

Analyze and resolve the issues, and repeat the usability test as many times as required until the app’s errors are fixed.

Determine what’s missing and plan for future

Ask the participants to point out the specific features they feel should change or are missing in your application. This makes your interface and overall application more intuitive and helps you plan better features and user interfaces in the future.

Conclusion

These are the main points of the User Acceptance Testing that is used in the development cycle.

The projects are reduced to the likelihood of any errors that are elevated.
Test-your-WebApps-for-better-stability
These are to reduce the total work required in the maintenance or development phase. It is another phase that must be managed but it will reduce a lot of costs.

On top of that, you will get a happy and satisfied user that will get you more revenue.

Tester VS Developer : When It Comes To Software Testing (Infographic)

Testers vs Developer, they are crucial for any software. However, nowadays there are a few vouching for a methodology where developers themselves become the tester.
Is it good? Will it save a lot of time and money?
Let’s keep it factual testing oriented development for certain procedures are indeed good.

Quality Analysis driven development would considerably increase the quality of their coding.
Especially when they are working in the DEV environment.
However, the unit test does not assure the quality of a software. There are other testing procedures that need to be done which requires skills.

  • Full code path testing
  • Component Testing (Unit testing might not work in certain situations)
  • Integration Testing (of components)
  • System testing

Apart from that, the hourly cost of a developer is bigger compared to that of a tester. Imagine his/her precious time invested in testing in which he/she might or might not be skilled in.
So why testers should be relied on?
Let’s go through an Infographic to get a detailed picture.
developer vs tester

Serious Security Issues in Robotics : There is a Solution!

We often hear about the cyber threats that hackers posed and most of them were cyber attacks and security breaches.
But now, the main concern of threat which people are mainly discussing is how complex the security system will become with global promotion of robotics.
app testing
Robotics has been introduced to computers as well as computer-related machines by early adopters without taking security issues and privacy into consideration.
The threats that robots poses are much higher than the threats compared to security breaches of the computer.
The attack on the computer may result in the data loss or identity theft, but what will happen if the robots were to hack?
Adoption of Robots in Market
Already, many industries have started practices to use automated robots for their operations and tasks which were once done by a human.
These robots generally involve open networks and remote access which lets the user use these machines from distant or from a remote location.
Many robotics companies use authentication, basic security level, and authorization while developing robotic software.
For instance, a teleoperated surgical robot which is a machine can be used by a doctor to perform a procedure on a patient from the other side of the world.
In the future, these robots could provide urgent care to people in disaster zones, on the battlefield, even up in space or radioactive zones where people can’t reach.
If you’re sending a robot to these areas but still want the human in control, there is a link between robot and human that let them interact with each other.
It can be used to control movements and operation of robots from remote locations via a network.
This may arise the potential that it can be compromised by the hackers and used for the disastrous purpose.
The long distance between the human operator and the robot means the communications between the two could be vulnerable to attack.
Cyber Security Problems in Robots
 Cyber security problems in robots arise due to some of the following reasons listed below:

  • Due to insecure communication between user and robot becomes the main cause for a cyber attack. Hackers can easily hack into insecure communication link in no time.
  • Another reason that can let hackers into the robot’s system is their authentication issues. Failure in guarding against unauthorized access can easily let hackers to use features of robots from remote locations without using any valid username and password.
  • If vendors do not have any proper encryption, it can expose sensitive data to the potential hackers.
  • Most of the features of robots are programmable and accessible. If the default configuration of the robot is weak, hackers can easily get access to these programmable features and change them.

Cyber Attacks On Robots
Thousands of robots are now showing up in professional as well as personal organizations. As many of them are self-propelled it is important to make them well protected that is not easy to hack.
If they are not secured, instead of helping people it can become a dangerous tool capable of doing unthinkable damages and causing havoc. Already, we have seen numerous consequences of cyber security problems associated with iOT (internet of things) that affects the internet, companies, and consumers.
Compromised cyber security in robots could result in massive impact. Moreover, computers like robots having legs, arms or wheels can pose serious threats which we have never confronted before.
As the communication between robot and human enhances, more severe attacks appear that eventually become a larger threat.
Humans are now researching over new peripheral devices and mechanical extremities that robot can operate, any mistakes in security could even lead up to kill.
We have already witnessed serious incidents associated with robots. In 2015, an incident took place at a car part manufacturer where a robot killed a woman worker at Ajin USA plant. It was said that the robot was restarted unexpectedly and loaded a trailer attachment assembly part onto the women’s head that crushed her skull. Similar incidents involving robots took place at other places as well. Here are the few examples:

  • At Stanford Shopping Center in Silicon Valley, a security robot runs over a toddler.
  • In Manesar India, a factory worker died after his ribs and the abdominal region was tightly gripped by the robot.
  • In 2007, 9 soldiers were killed by a robot cannon that was malfunctioned during the shooting exercise.
  • A study in the US has shown that robotic surgery is associated with 144 deaths.

These cases may be accidents, but we have a clear illustration of the consequences due to malfunction of robots. Hence, similar incidents can be caused by a robot that can be remotely controlled by the hackers.
How To Prevent Robot Hacking?
Robots use networks to communicate with human and then operate. It becomes easier for hackers to hack into the system of these networks and induce threats.
Currently, there are numerous popular home, business, and industrial robots available that can be accessed by the hackers.
Since the potential threat to the robot is much higher, a team of experts around the globe is finding ways to hack these vulnerable robots in order to figure out what security features need to be included in teleoperated robots, they find different ways to hack and then overcome it by introducing new features of security to these robots. Building a secured robot is a complex task and is not easy to achieve, thus below are some recommendations that can exponentially improve the security of a robot.

  • Encryption: Communication link and software updates in the robot must be properly encrypted by the vendor. If this link is not properly encrypted, it can become the major cause of the cyber
  • Factory Restore: Methods of restoring a robot to its factory default state must be provided by the vendor.
  • Authentication and Authorization: Vendors should ensure that the authorization and authentication to robot services and functionality are only accessible to specific users.
  • Secure by Default: The vendors need to ensure that the robot’s default configuration is properly secured so that if the robot were to be compromised, its configuration does not get changed by the hacker.
  • Supply Chain should be Secured: The technology providers should implement the best practices for Cybersecurity. Vendors must ensure whether the proper Cybersecurity practices are being done on the robot.
  • Proper Education: There should be a proper education for the cyber security that should be provided by the vendor not only to developers or engineer but to all the executives who all are involved in the product decisions. Thus it should be mandatory to train them with proper cyber security
  • Security Audits/QA Analysis: Before letting go the robot into production, the vendor should properly complete assessment to check safety and security aspects and also the performance of the robot.

The robotic industries are now making their way to disrupt other industries with their innovative technology in robots.
selenium
As many of the people are now becoming dependent on the robots, it has become mandatory for these industries to quickly enhance its security to avoid any consequences or cyber attacks. It is time for robotic industries to take immediate action for securing their technologies from any vulnerable attacks.

Also Read : Major Cyber Attacks on India(2018)

100 Important Selenium Interview Questions and Answers

Easily prepare for the Selenium interview with our detailed list of over selenium interview questions and answers.
These interview questions are solely designed to serve the purpose to enrich you with knowledge.
These sample questions are meant for both beginners and professionals that will help them to become more advanced and knowledgeable to face any typical interview.

Q 1. What is Selenium?
Selenium is a WebDriver automation tool that is used to test web-based applications via automating the test procedure. It supports various browsers, programming languages, and platforms.

Q 2. What is Automation Testing?
Automation Testing is a procedure for automating the manual steps or processes to test the application or software.
It requires an additional testing tool to create test scripts that can be executed repeatedly.

Q 3. What are the advantages of automating the test procedure?
Advantages of automation testing are:

  • Improvement in accuracy by eliminating human-generated errors
  • Efficient and time-saving process
  • Helps in testing a large application
  • Tests can be repeatedly executed
  • Allows another test to run simultaneously
  • Provides test reports automatically

Q 4. Name some automation tools which are used for application testing?
Automation tools used for application testing are

  • Selenium
  • TestingWhiz
  • Katalon
  • Tosca Testsuite
  • TestComplete
  • Ranorex

Q 5. Why do we need software testing?
Once an application is developed, it is mandatory to check whether that application contains any errors or not.
Software testing provides a tester to check for substantial errors or bugs in the application and resolves it.

Q 6. Explain different components of Selenium?
Selenium consists of four components:

  • Selenium Web Driver: It is used for automation testing of web-based applications with the browser’s class method.
  • Selenium Integrated Development Environment (IDE): It is a Firefox plugin used to record and playback test cases.
  • Selenium Remote Control (RC): Selenium RC works on JavaScript to automate test procedures for web applications.
  • Selenium Grid: It helps selenium to run different tests simultaneously.

Q 7. What are the advantages of using Selenium?
Below are the advantages of using Selenium:

  • It is an open-source automation tool that is available freely without any licensing cost.
  • It supports multiple languages such as Java, Python, Ruby, etc.
  • It also supports various browsers.
  • It has a rich community that provides any type of information to any problem.
  • It is user-friendly and even a beginner can easily understand and write the automated scripts for the test.

Q 8. When will you choose to use Selenium Grid?
When there are multiple tests to be executed, we will use the selenium grid.
It will enable us to run some test scripts on multiple platforms simultaneously and thus reducing the time consumption.

Q 9. Can you illustrate the drawbacks of Selenium?
Below are the drawbacks of Selenium:

  • It cannot be used for desktop application testing.
  • Also, it cannot perform tests on web services.
  • To create vigorous scripts, knowledge of programming languages is required.
  • External libraries are required to perform tasks in Selenium.

Q 10. Name a few browsers that are supported by Selenium? Also, mention the name of the drivers.
Some common browsers supported by Selenium are:

Sr. No. Browsers Drivers
1. Google Chrome Chrome Driver
2. Mozilla Firefox Firefox Driver
3. Internet Explorer Internet Explorer Driver
4. Safari SafariDriver
5. HtmlUnit HtmlUnitDriver

Q 11. Name the types of testing in Selenium?
Selenium supports the following types of testing that are:

  • Regression Testing
  • Functional Testing
  • Load Testing

Q 12. Name the different ways to find an element in a web page using Selenium?
Every object on a web page is referred to as an element in selenium. These can be found using different ways such as:

  • ID
  • CSS Selector
  • Attribute
  • Link text
  • Xpath
  • Name
  • DOM
  • ClassName
  • Tag, etc.

Q 13. Can you test APIs or web services using Selenium Web Driver and why?
No, we cannot test web services using Selenium. Web services are headless and it only uses browser’s class method to automate web applications. Thus it cannot automate web services.

Q 14. When will you choose to use Selenium IDE?
When there is repetition in the test procedure and we want to run the same sequence over and over again. Thus, Selenium IDE provides a record and playback feature that we can use to run tests repeatedly in the same sequence.

Q 15. What is X Path in Selenium?
X Path is a locator that uses an XML path to locate a web element in Selenium.
It can also be used to locate HTML elements. X Path uses references from another element to find the specific element on a web page.

Q 16. Can you state the difference between Verify and Assert commands?
Verify: Verify command checks whether the given condition is true or not.
Whatever the results, the program execution will not be halt. Even if the given condition is false, the program execution will not be stopped.
Also Read : Top 25 Software Testing Companies to Look Out For in 2018
Assert: Assert command also check whether the given condition is true or not.
If the condition is true, the program will continue to execute to the next step. But, if the given condition is false, it will immediately halt the execution of the program.

Q 17. Can you state the difference between the use of a single slash (/) and a double slash (//) in X Path?
In X Path single slash is used to derive the absolute path from the root node whereas a double slash creates relative X Paths.

Q 18. What is the basic difference between absolute and relative X Path?
The basic difference between them is:
Absolute X Path: It uses a complete path starting from the node of the root element to go to the desired element.
Relative X Path: It only uses references from another element to go to the desired element.

Q 19.How will you launch the browser using Selenium Web Driver?
We will use the following syntax to launch the browser using Selenium Web Driver.

Sr. No Browser Syntax
1. Google Chrome WebDriver driver = new ChromeDirver();
2. Mozilla Firefox WebDriver driver = new FirefoxDriver();
3. Internet Explorer WebDriver driver = new InternetExplorerDriver();

Q 20. Can you name the parameters which you have to pass in Selenium?
Yes, there are four parameters that need to be pass in Selenium. These are listed below:

  • Port Number
  • Host
  • Browser
  • URL

Q 21. Have you ever automated test cases, If yes, how many per day?
Yes, I’ve automated test cases and on average I can automate 3-5 test cases each day. Although, these test cases can be sometimes complex and lengthy that can take a day to complete.

Q 22. Can we locate the elements by only using their text in XPath?
Yes, we can simply use the text() method to locate the element by using their text.

Syntax: xPathExpression = //*[text()=’username’]

Q 23. Can you name the latest Selenium tool and its use?
WebDriver is the latest selenium tool used to automate web application testing and checks whether it is working as expected or not.

Q 24. How will you type in a textbox using Selenium and also give the syntax?
To enter the text in the textbox, we can use sendkeys(“Enter desired string”). The syntax is given below:

WebElement username = drv.findElement(By.id(“Email”));
// entering username
username.sendKeys(“sth”);

Q 25. How will you find if an element is displayed on the screen?
Web  Driver lets the user check the visibility of the web elements including labels, radio buttons, checkboxes, drop boxes etc. with the following methods:

Sr. No Command Syntax
1. isEnabled() boolean searchIconEnabled = driver.findElement(By.id(“trial”)).isEnabled();
2. isSelected() boolean buttonSelected =
driver.findElement(By.id(“trial”)).isSelected();
3. isDisplayed() boolean buttonPresence = driver.findElement(By.id(“trial”)).isDisplayed();

Q 26. How can you launch different browsers in Selenium Web Driver?
We can easily use the given syntax to launch multiple browsers:

WebDriver driver = new FirefoxDriver();

Q 27. Can you state the difference between driver.get(“URL”) and driver.navigate().to(“URL”) command? What is the use of them?
Both commands are similar and hence there is no difference between them.
These commands are used to navigate to the URL which is declared in the command.

Q 28. How will you select the value in a drop-down?
We can easily select the value in a dropdown using the syntax given below:

Sr. No. Command Syntax
1. selectByValue Select selectByValue = new Select(driver.findElement(By.id(“One”)));
selectByValue.selectByValue(“greenvalue”)
2. selectByVisibleText Select selectByVisibleText = new Select (driver.findElement(By.id(“Two”)));
selectByVisibleText.selectByVisibleText(“Lime”);
3. selectByIndex Select selectByIndex = new Select(driver.findElement(By.id(“Three”)));
selectByIndex.selectByIndex(2);

Q 29. When will you use findElement() and findElements()?
 findElement(): This command is used to fetch the first element of the current webpage which is matching to the specified locator value in the syntax.

Syntax:  WebElement element = driver.findElements(By.xpath(“//div[@id=’sample’]//ul//li”));

findElements(): This command is used to fetch all the elements of the current webpage which is matching to the specified locator value in the syntax.

Syntax: List <WebElement> elementList = driver.findElements(By.xpath(“//div[@id=’sample’]//ul//li”));

Q 30. Can you state the difference between driver.close() and driver.quit() command?
driver.close(): This command is used to close the current web browser window opened by the user.
driver.quit(): This command is used to close all the web browser window opened by the user.

Also Read: 52 Software Tester Interview Questions That Can Land You the Job

Both commands don’t need any parameters and do not return any value.

Q 31. Will Selenium be able to handle the windows based pop up if it shows up?
No, Selenium is only meant for web-based applications thus it only supports web-based pop-ups.

Q 32. How will you assert the title on your web page?
With the use of given syntax, we can easily assert the title on a web page.

Syntax: assertTrue(“The title is incorrect.”,driver.getTitle().equals(“Title of the page”));

Q 33. How will you clear the text which is written in a textbox?
We will use clear() command to clear the text which is written in a text box.

Syntax: driver.findElement(By.id(“elementLocator”)).clear();

Q 34. Can you state the difference between regression and functional testing?
Regression Testing: Regression testing is a repeated test of an already tested program.
Usually, it ensures to check the proper functioning of the application even if the minor modification is done that can create unexpected problems.

Functional Testing: Functional testing usually ensures the functionality of the software program.
The design and user experience remain untouched as the goal of functional testing is only to check the functionality of the program.

Q 35. What is the use of TestNG in Selenium?
TestNG in Selenium is used to cover a wide range of test categories such as functional, unit, end-to-end, etc.
Using TestNG we can easily generate a proper report of test cases and can easily gather information on how many test cases were passed, failed, or skipped.

Q 36. Are you familiar with the term GeckoDriver in Selenium? Why is it needed?
GeckoDriver is a web browser engine that forms a bridge between the Firefox browser and Selenium to interact with each other.
GeckoDriver is needed in Selenium because, until Firefox version 47, Selenium uses the Firefox driver to interact with the browser. Now, Firefox has introduced a new version starting from version 48 that won’t allow any third party to directly interact with the browser.
Thus, Selenium version 3 uses the driver to interact and run tests with the Firefox browser (version 48 onwards) which is GeckoDriver.

Q 37. Can we verify the image using Selenium?
No, we cannot verify the image in Selenium but we can easily verify whether the image is displayed or not using properties.

Q 38. Can you state the difference between ‘Type’ and ‘TypeAndWait’ command?
Type: When the user needs to enter the text into a text field, type command is used.
TypeAndWait: This command is generally used to reload the web page as soon as the typing of the text is completed.

Q 39. What are the different types of mouse actions supported by Selenium?
Following are the various mouse actions that are supported by Selenium:

Sr.No Syntax
1. click(WebElement element)
2. contextClick(WebElement element)
3. doubleClick(WebElement element)
4. mouseUp(WebElement element)
5. mouseDown(WebElement element)
6. mouseMove(WebElement element)
7. mouseMove(WebElement element, long xOffset, Long, yOffset

Q 40. Do you know who developed the Selenium and in which year?
It was Jason Huggins who developed the Selenium in the year 2004.

Q 41. How will you take screenshots using Selenium?
We can easily take screenshot using TakeScreenShot function with getScreenshotAs() method. Example:

File scrFile = ((TakeScreenshot)driver).getScreenshotAs(screenshot.JPG);

Q 42. Can you go back and forth in the browser using Selenium?
Yes, we can easily use the following commands to move back and forth in the browser using Selenium:

  • navigate().back()
  • navigate().forward()

Q 43. How would you delete the cookies using Selenium?
To delete the cookies, we will use the deletedAllCookies() command.

Syntax: driver.manage().deleteAllCookies();

Q 44. Write the code to double-click an element?

Actions action = new Actions(driver);
WebElement element = driver.findElement(By.id(“elementId”));
action.doubleClick(element).perform();

Q 45. Can you list all the navigation methods which are used in Selenium?
Yes, the following are the different navigation methods use in Selenium:

Sr. No. Syntax
1. driver.navigate().to(String url);
2. driver.navigate().refresh();
3. driver.navigate().forward();
4. driver.navigate().back();

Q 46. How will you perform drag and drop in Selenium?

Actions action = new Actions(WebDriver);
action.dragAndDrop(sourceWE, destWE)

Q 47. Which command will you use to retrieve the color of an element in Selenium?
We will use the following command:

getCssValue(“Color”)
getCssValue(“Background-color”)

Q 48. Which command will you use to copy the file from one location to another location?
We will use FileUtils.copyFile(srcLocation, destLocation) to copy the file from one location to another location.

Q 49. In what format the source view shows the script in Selenium IDE?
 The source view shows the script in XML format.

Q 50. How will you verify whether the element is visible or not?
To verify whether the element is visible or not, we’ll use the following syntax:

WebElement e = driver.findElement();
boolean result = e.isDisplayed();

Recommended For You: Top 10 Mobile App Testing Companies In India

Q 51. What are the exceptions available in the Selenium Web driver?
Ans. Selenium web driver supports most of the exceptions available in another programming language. Some of these are:
  • TimeoutException – it is triggered when an operation can not be performed within time.
  • NoSuchElementException – it is triggered when an element with the mentioned properties is not found on the page.
  • ElementNotVisibleException – It is triggered when the element is present in the page or DOM but its visible property is set to false.
  • StaleElementException – it is triggered when the element is deleted from the DOM.
Q 52. How do you navigate between different frames in Selenium?
Ans: switchTo() command can be used to switch between different frames in Selenium. It can be used to go to the default frame, parent frame and any specific frame based on the window ID or frame name as well.
Q 53.How can you submit a form in Selenium?
Ans: There are 2 methods to submit a form using Selenium

  • click() on the “Submit” button in the form
  • submit() – submit method for the element itself.

Both work equally well.

Q54. What is the implicit and explicit wait?
Ans: Implicit wait directs the web driver to wait for a fixed time before throwing a “No Such Element Exception”. The default value is 0 and we need to set the wait time programmatically as below.
driver.manage().timeouts().implicitlyWait(TimeOut, TimeUnit.SECONDS);
Explicit wait, on the other hand, tells the web driver to wait for a certain condition before throwing the exception. These conditions can be element visible, element enabled, text present, title present etc.

Q55. What is a robot class in Selenium?
Ans: The robot class is used to perform actions using the keyboard or the mouse. It includes methods like KeyPress(), MouseMove(), MousePress() etc.

Q 56. When do you use robot class and methods?
Ans: Methods from the robot class can be used when the other functions do not work or there are issues with entering the value in the text box. Some examples:

  • It can be used for swiping in the screens
  • It can be used to type keys (shortcuts)

Q 57. What are listeners in Selenium?
Ans: Listeners allow the customization of reports and log. They help analyze failures.
There are 2 main listeners used with Selenium

  • WebDriver Listener
  • TestNG Listener 

Q 58. How can you get the size or set the size of a browser?
Ans: The maximize() method can be used to maximize the size of the browser.
driver.manage().window().maximize();
We can use getSize() and setSize methods to get and set the size of the browser.
System.out.println(driver.manage().window().getSize());
Dimension d = new Dimension(420,600);
driver.manage().window().setSize(d);

Q 59. How can you upload a file in Selenium?
Ans: To upload the file, we first need to identify the web element and then we can just send the file path using the send_keys method.
<input type=”file” name=”uploaded_file” size=”50″ class=”pole_plik”>
element = driver.find_element_by_id(”uploaded_file”)
element.send_keys(“C:myfile.txt”)

Q 60. Is it possible to skip a method or code block in TestNG? How?
Ans: Yes, it is possible to skip a method in TestNG. It can be done by setting the enabled parameter to false in the test annotation as below.
@Test(enabled = false)

Q 61. What is a Group Test in TestNG?
Ans: Methods in TestNG can be categorized into groups. The speciality of these groups is that when a group is executed, all the methods in the group also get executed. A group can be executed by calling it in the @Test annotation.
@Test(groups={“xxx”})

Q 62. How can you do database testing using Selenium?
Ans: Selenium does not support database testing, but it can still be used to do the testing partially with ODBC and JDBC connection strings.

Q 63. What is the latest version of Selenium?
Ans: The latest version is Selenium 4.0.0 Alpha 5, released in March of 2020.

Q 64. What is the “Same Origin Policy”?
Ans: The “Same Origin Policy” is like a security feature. It blocks scripts from other sites to access the contents of your site. According to this policy, the code loaded in a browser can only work within that domain and not outside.

Q 65. Name the JUnit annotations used with Selenium?
Ans: The JUnit annotations are:

  • @Before: This method is executed before the main test. It is used to set the perquisites for the test and also for the initialization of the variables.
  • @Test: Main test
  • @After: This method is called after the completion of the main test. It is used to clear out the variables and kill the drivers. A clean up is what is done by the @After method.

Q 66. What are the different types of locators available in Selenium?
Ans: The different type of locators are:

  • id()
  • name()
  • tagName()
  • className()
  • linkText()
  • partialLinkText()
  • xpath()
  • cssSelector()

Q 67. What is a recovery scenario and how can you use it in Selenium?
Ans: A recovery scenario is used to recover from an error and continue with automation execution without the need for manual intervention.
In Selenium, the recovery scenario used will be based on the programming language used. For Java, it can be done with the help of a simple “Try Catch Block”.

Q 68. What is a Selenese?
Ans: A Selenium set of commands used for running the tests is called Selenese.
There are mainly 3 types of Selenese:

  • Actions
  • Assertions
  • Accessors

Q 69. How do you debug a test in Selenium?
Ans: You can debug a test by inserting a breakpoint. When you run the tests, the execution will pause at the breakpoint, from there you can run it one step at a time. You may also want to monitor the value of the variables at each step to debug and analyze the code.

Q 70. What is a regular expression and how is it used?
Ans: Regular expressions are like search strings which are used to search for a range of strings or patterns. In Selenium, this can be done with the help of the keyword “regexp” as a prefix with the search string.

Q 71. Can you work with multiple windows in Selenium? How?
Ans: Yes, we can work with multiple windows in Selenium. For switching between the windows we can use the selectWindow() method.

Q 72. When will use AutoIt with Selenium?
Ans: Selenium works well with web-based applications. It is not designed to handle windows pop-ups or non-HTML pop-ups. In cases where one needs to handle such pop-ups as part of the automation, we can make use of AutoIT tool.

Q 73. What function or method can be used to scroll up and down on the web page using Selenium?
Ans: scrollBy() and scrollIntoView() are the 2 methods that can be used to scroll through a long web page.
((JavascriptExecutor) driver).executeScript(“window.scrollBy(0,500)”);
((JavascriptExecutor) driver).executeScript(“arguments[0].scrollIntoView();”, element);

Q 74. How to press ALT/CTRL/SHIFT with other keys to perform special functions using Selenium?
Ans: In some cases, we may need to work with keyboard shortcuts using the ALT, CTRL, or SHIFT keys in combination with others. In such cases, we can keyUp() and keyDown() method. The keyDown() method assumes that the keys will remain pressed till the keyUp() method is called. This helps to automation a special combination key.
Actions builder = new Actions(driver);
Action seriesOfActions = builder
 .moveToElement(txtUerName)
 .click()
 .keyDown(txtUserName, Keys.SHIFT)
 .sendKeys(txtUserName, “hello”)
 .keyUp(txtUserName, Keys.SHIFT)
 .doubleClick(txtUserName);
 .contextClick();
 .build();
seriesOfActions.perform();
}

Q 75. What are the programming languages supported by Selenium?
Ans: Selenium supports:

  • Java
  • Python
  • C-Sharp
  • JavaScript
  • Ruby
  • PHP
  • Perl

Q 76. What is the main difference between xpath and css selectors?
Ans: With xpath you traverse in both directions, forward and backwards. But in the case of css you can traverse only in one direction, i.e. forward.

Q 77. Which are the open-source frameworks supported by Selenium?
Ans: Selenium can be easily integrated and widely used with the following frameworks:

  • JUnit
  • TestNG
  • Maven
  • FitNesse
  • Xebium

Q 78. Is it possible to perform a mouse hover using Selenium?
Ans: Actions class can be used to perform the hover over any object in the webpage. We can use the moveToElement() method for performing the hover.
actions.moveToElement(driver.findElement(By.id(“id of the object”))).perform();

Q 79. What is POM (Page Object Model)?
Ans: Every webpage will have a page class that helps locate the page elements and perform the tasks on them. A POM is a design that makes use of this page class to build an object repository for these web elements. It helps to improve code reusability and readability.

Q 80. Can you use Selenium to automate captcha?
Ans: No, the idea of using the captcha is to prevent the use of the webpage using automation tools or bots. Also, Selenium is not very good when it comes to images.

Q 81. How can you handle authentication pop-up for Username and password in some web pages like SharePoint?
Ans. It can be done by first confirm the visibility of the authentication pop-up and then pass the authentication parameter using the alert class.
Alert alert = wait.until(ExpectedConditions.alertIsPresent());
alert.authenticateUsing(new UserAndPassword(<username>, <password>));

Q 82. What is the difference between typeKeys and type commands?
Ans: typeKeys is used to simulates a keystroke by collecting the key attributes using JavaScript. Type command on the other hand imitates the keypress just like a real user.

Q 83. What is the difference between setSpeed() and sleep() commands in Selenium?
Ans: Both the commands are used to alter the speed of execution of the automation script. In the case of sleep(), the execution is paused for a specific interval of time as passed in the method parameter. After this time elapses, the execution continues normally. In the case of setSpeed(), each line of code is delayed by a fixed time interval.

Q 84. What is a hub and node in Selenium?
Ans: A hub is a server or central point which can be used to run the automation scripts on different machines. The individual machines controlled by the hub are called nodes.

Q 85. Which WebDriver implementation is the fastest?
Ans. HTMLUnitDriver is the fastest WebDriver implementation because it does not execute the tests in the browser. It uses an HTML request and response mechanism for test case execution.

Q 86. What are the different commands that can be used to refresh the browser in Selenium?
Ans: There are multiple ways to refresh the browser, they are:

  • navigate().refresh()
  • get(“url”) or driver.getCurrentUrl()
  • navigate().to(“url”)
  • sendKeys(Keys.F5)

Q 87. How can we handle hidden elements using WebDriver?
Ans: We can make use of the javaScript executor to work with the hidden objects as below:
(JavascriptExecutor(driver)).executeScript(“document.getElementsByClassName(ElementLocator).click();”);

Q 88. How to find broken links on a web page?
Ans: In Selenium, we make use of request and response to find out the broken links on a web page. For that, we need to first collect all the links using the <a> tag. Once we collect these, we need to send an HTTP request to each and check the response received.
Codes in the series of 400 and 500 indicate broken links.

Q 89. How can you handle the chrome browser notifications using Selenium?
Ans: To avoid the chrome browser notifications from popping up, we can programmatically disable them using Selenium.
ChromeOptions options = new ChromeOptions();
options.addArguments(“disable-infobars”);
WebDriver player = new ChromeDriver(options);

Q 90.Name the listeners available in TestNG?
Ans: The different listeners available in TestNG are:

  • IAnnotationTransformer
  • IConfigurable
  • IConfigurationListener
  • IExecutionListener
  • IHookable
  • IInvokedMethodListener
  • IInvokedMethodListener2
  • IMethodInterceptor
  • IReporter
  • ISuiteListener
  • ITestListener

Q 91.How can you configure parallel execution using Selenium?
Ans: Parallel execution can be done in Selenium using the concept of hub and nodes. Hub controls the multiple nodes where the scripts are executed.

Q 92. How can you verify colour changes as verification points in Selenium?
Ans: For the color change type verifications, we can fetch the css color codes and verify.

Q 93. How can we move to the parent of an element using xpath?
Ans: “/..” is appended to the xpath of an expression to move to the parent element of the child element.

Q 94. How can we move to the nth-child position using xpaths?
Ans: There are 2 ways to navigate to the nth-child element.

  • Using index within square brackets div[2]
  • Using position(). div[position()=2]

Q 95. How can you right-click an element in Selenium?
Ans: We can perform a right-click with the help of an action class. Here is the code.
Actions action = new Actions(driver);
WebElement element=driver.findElement(By.id(“elementId”));
action.contextClick(element).perform();

Q 96. Name some TestNG annotations?
Ans: Some of the important TestNG annotations are:

  • @Test – The test method
  • @BeforeSuite – runs once before all the test in the test suites
  • @AfterSuite – runs once after all the test in the test suites
  • @BeforeClass – runs once before the first test method in the current class
  • @AfterClass – runs once after all the test methods in the current class

Q 97. What is the use of the testng.xml file?
Ans: The testing.xml is the file that is used for configuring the execution. This file enables the user to create test suites, test groups, indicate the tests to be run in parallel, details of the hubs and nodes etc. It is also used to pass the test parameters and trigger the test suite.

Q 98. What is the default priority of a test method in TestNG?
Ans: The default priority of a test method is 0. Now, if you have a test method with priority 1 and another test method with no priority mentioned, then the default value for the priority will be taken as 0 and it will be executed first.

Q 99. What is a properties file in Selenium?
Ans: It is a text file with key and value pairs. We can create a properties file with element name and element property. The benefit of using the property file is that if there is a change in the property (like a change in object name or text), we can simply make the change in the property file without having to touch the code.

Q 100.What are the DesiredCapabilities in Selenium WebDriver?
Ans: DesiredCapabilities file or simply the capability file contains key-value pairs and is used to set the properties for the WebDriver. This can be used to set the properties of the browser before launching like the version, cookie settings, size of the browser, and more.

Top 10 Mobile App Testing Companies In India

The mobile app is the heart of digital evolution.In case that an application is not user-friendly, slow; the users don’t wish to utilize it any longer.
Henceforth, they begin searching for better options. So, any mobile application needs to be impeccable to build an organization’s business in the mobile world.
Here along with the mobile app development, testing also plays an imperative part for the app’s successful launch.
So, if you’re searing for mobile app testers, below is the list of best 10 Mobile App Testing Companies in India that have made a mark for the worldwide endeavors and startups.
1. Testbytes
alt
Testbytes is a team of software testers who are enthusiast about their job to provide the best mobile app testing services to its clients. They are Pune, Maharashtra based company with an overseas brach in New York. The company’s testing strategies and processes depend on CMMI, ISO, Agile best testing methods.
They have clients base is from India, USA, UAE, among other nations with 30+ already satisfied clients in its credit. In short, brands from all over the world trust their testing services. The company is admired for producing exceptional results in the most compelling way to offer user-friendly experience to the end users.

Testbytes offer mobile app testing services on platforms like iOS, Android, and Windows. They also specialize in game testing, load testing, automation testing, security testing etc.
Always eager to understand their clients, Testbytes is constantly diligent about their work and manage projects dedicatedly to accomplish the objectives within the due date.
Their software engineers are knowledgeable with the latest and different application development platforms and follow a streamlined technique while operating on any task.
2. FuGenX Technologies
alt
FuGenX Technologies is an ideal case of mobile app testing service. Today it is among the most trusted Mobile App Testing Companies in India. FuGenX won Deloitte Technology Awards in 2012, 2013, and 2016 for its magnificent administrations.
Their name came into lime light after they supported Big Basket build up a world-class grocery application. Byju’s, India’s most well-known e-learning education organization, is another profoundly fruitful client of FuGenX. Apart from these, FuGenX’s worldwide customer base incorporates Vodafone, Panasonic, and Praxair.
FuGenX is headquartered in Bangalore and has workplaces in Hyderabad, Ahmedabad, Dallas, and Chantilly.
The organization proficiently performs mobile app testing for Android, iPhone, iPad, BlackBerry, and Windows.
3. Tech Mahindra
alt
Tech Mahindra is one of the Top notch Mobile App Testing Companies in India. Tech Mahindra  was founded in 1986 and currently has above 10,000 employees. The organization has the expertise in test designing, test automation, system testing, and so forth. They likewise give mobile application testing consultancy facility.
They take a shot at a wide range of platforms such as Android, iOS, Symbian, Windows Phone, Blackberry, and Bada.
4. Konstant Infosolutions
alt
Konstant Infosolutions is in the business for more than 15 years now. The company is a group of creative professionals driving the offshore mobile app development.

Also ReadTop 10 Game Testing Companies In India

They are popular for custom services that are personalized as per different, personal needs of enterprises, startups, SMBs, and innovative brands, across various enterprises
.It has served in transport, travel, eCommerce, education, media, real-estate, social networking, restaurant, gaming, healthcare, events and tickets services.
What makes Konstantinfo a best mobile application testing and development organization in India, as well as the USA, is the reveling encounters the members convey to the customers. It has tested and delivered more than fifty mobile apps so far.
5. ChromeInfo Technologies
alt
ChromeInfo Technologies are a full stack mobile app development company based in Noida, India. The company has the vision to support the enterprises, startups, and agencies in running on mobile. It has severed more than 150 clients around the world on more than 600 projects successfully.
The company’s expertise is based on e-learning, on-demand, healthcare, real estate, entertainment, social networking, sales and much more.The company possesses skills in developing Android and iOS apps.
6. Consagous

Consagous is a mobile application development organization with experience in Android, iPhone, hybrid, and windows app development with the development and testing of more than 100 applications till date.
Consagous gives a full range of mobile solutions from its workplaces in Madhya Pradesh (India), Melbourne (Australia), and Texas (USA).The organization is delivering great mobile application services from more than 10 years to the clients all over the globe.
 
This Mobile App Testing Companies specialized team of testers in Consagous guarantees a project of any level a smooth delivery and because of this, they can give in-house services all through the mobile application testing and development process, i.e. from idea to configuration to bug testing to ultimate development.
7. Sourcebits
alt
Sourcebits is a mobile app development company based in Bangalore – India, and San Francisco –USA. Established in 2006, it is a venture of Globo Group, which has produced 500+ mobile application development projects with powerful agile app development procedures.
Sourcebit houses more than 200 employees, comprising of devoted app designers, engineers, and QAs. It creates mobile applications on all significant platforms, i.e.like iOS, and Android.
8. Appster
quotes
Appster isn’t any typical kind of mobile application development organization with general approaches, rather it has confidence in providing its clients with innovative, fresh, and modern mobile app solutions.
They are skilled in iOS, Android, and Rapid Agile Development and have tested and developed more than 100 apps till now.
Working under the tech umbrella since 2011, they have executed novel thoughts, supported the old ones and supported the organizations develop.
The team of mobile application development is sufficient to change your application thought into a completely practical product with the least issues and imperfections.
9. iMobdev
alt
iMobdev is another pioneer organization that leads in the development of iPhone and Android apps. With their head office located in Ahmedabad, Gujrat, they have a powerful worldwide customer base spread everywhere throughout the world.
They have around 7 years of involvement in mobile app testing and can render your application with all the recent features, important to produce more clients and more revenue.
This Mobile App Testing Companies group of 100+ experts has effectively finished over 500 ventures around the world.They have made mobile applications for various industries, for example, healthcare services, enterprise, education, real estate, gaming, and numerous others, they have picked up a broad affair.
10. GoodWorkLabs
alt
GoodWorkLabs has been producing exemplary mobile services since its origin. It is the beneficiary of numerous reputed awards and is known for its customer satisfaction standard.
It is perceived as the fifth quickest developing tech organization at the Deloitte fast 50 awards event. Founded in 2013, with its workplaces in Bangalore, Kolkata, and San Francisco, it obliges clients everywhere throughout the world.
They have built up themselves solidly in mobile app development and testing solutions.
The Mobile App Testing Companies professionals are profoundly trained on all significant mobile platforms, including Android, iPhone, iPad, and Windows.

They are pro in PHP, NET, Java, Ruby on Rails, Perl, Oracle, MySQL, and a few other technologies that can help you in delivering a stable and powerful app for your company.
You can likewise contact their designers for mobile gaming app service combined with an adaptable and bug-free code.
GoodWorkLabs has helped many new businesses and in addition big Fortune 500 organizations with their mobile app needs.

Recommended For You : Top 7 Test Automation Companies In India