Security Testing

vibssingh

How to create Security Test from Functional test in ReadyAPI

HOME

The previous tutorial has explained the creation of a new Security Test. This tutorial explains the process to create a Security test from the existing Functional Test.

Steps to be followed to create a security test from a functional test case:

  1. Create the Security Test from Functional Test
  2. Run the Security Test
  3. Analyse Security Test Results
  4. Generation of Security Test Report
  5. Sample Test Report
  6. Analyse Security Test Report

Create the Security Test from Functional Test

Step 1 – Right-click the test case present under Functional Tests in the Navigator and select Create Security Test.

Step 2 – Click Select Test Target. Select the test case you want to apply the security scan to. All the applicable scans are selected by default

Leave the scans you want to have in your test checked and uncheck the other scans.

There is a list of Scans, you can select either one scan or multiple scans. I have selected all the scans.

  1. Boundary Scan
  2. Cross Site Scripting
  3. Fuzzing Scan
  4. Invalid Types
  5. SQL Injection
  6. XPath Injection
  7. HTTP Method Fuzzing
  8. Sensitive Files Exposure
  9. Weak Authentication

Click the OK button.

Step 3 – This screen shows all the scans added to the Security Test.

Run the Security Test

Step 4 – Click the Green arrow “Run” to start the test.

Step 5 – ReadyAPI will start sending modified requests and checking responses.

Step 6 – The security test window shows the progress of each test step and matching security scans. This screen shows all the configurations of Cross Site Scripting. Similarly, all the scans have their own in-built configurations.

Analyse Security Test Results

Step 7 – The Transaction Log shows additional information about security scans.

Step 8 – The details of a particular request or response are available in the inspector.

The Setup pane contains the detail about the configuration used for the tests.

Generation of Security Test Report

Step 9 – After the security test run finishes, click View Summary Report:

Step 10 – In the dialog that appears, click View Full Report.

Step 11 – After that, ReadyAPI will open the report in the default PDF viewer.

Sample Test Report

Analyse Security Test Report

 Step 12 – Example of HTTP Method Fuzzing

Example of Cross Site Scripting

Congratulations!! We have successfully created the Security Test from the Functional Test. We are also run the test and generated the Security Test Report also. That’s a great accomplishment.

Advertisement
vibssingh

How to install ReadyAPI

HOME

What is ReadyAPI?

ReadyAPI allows teams to create, manage, and execute automated functional, security, and performance tests in one centralized interface – accelerating API quality for Agile and DevOps software teams. It allows importing API definitions like OpenAPI/Swagger or AsyncAPI, testing and recording live API traffic, or virtualizing web services to remove pipeline dependencies.

ReadyAPI is handled by SmartBear. ReadyAPI is not an open source tool, but a licensed tool.

In ReadyAPI, We can easily manage our APIs and project. We can easily create APIs from an openAPI, Swagger, WSDL, and WADL definition and use Discovery to record API requests and methods.

ReadyAPI can be used to perform

  1. Security Testing
  2. Functional Testing
  3. Performance Testing

How to install ReadyAPI – Version 3.20.0

Step 1 – Go to SmartBear ReadyAPI Installation site.

Step 2 – Before starting the installation, please check the system requirements for ReadyAPI.

Step 3 – As ReadyAPI is a licensed tool, but it also provides a trial version as well as commercial Pro License.

If you want to go for the trial version, fill in the details on this page and get Free Trial.

If you have license, then download the installer for your platform from the ReadyAPI Downloads Center.

I have a license, so will download ReadyAPI Desktop 3.20.0 (Windows Installer 64-bit).

Step 4 – Once the download is completed, run the installer. The installer will unpack the files and prepare them for installation:

Step 5 – Click the Next button to proceed with the installation:

Step 6 – If you install ReadyAPI for the first time or have chosen to install it to a different directory, the wizard will ask you to specify the installation folder:

Step 7 – This image shows that installation is in progress.

Step 8 – When the installation is complete, you can select the Run ReadyAPI check box to run ReadyAPI upon closing the wizard. You can also select the Create a desktop icon check box to create a desktop icon for ReadyAPI. Click the Finish button.

Step 9 – Once the installation is successfully completed, ReadyAPI will open, and it will look like something as in the below image.

We are done! Congratulations on making it through this tutorial and hope you found it useful! Happy Learning!!