Website Testing

Basic Security Testing

High profile websites being hacked is nothing new nowadays - we hear about a different hack every week, if not every day. Hackers will use many different techniques to break into high profile websites and systems - including targeting weaknesses in the website's security, social engineering [...]

Device testing in the cloud – I’m now using Kobiton

I've recently started using the Kobiton device testing cloud, to enhance the range of iOS and Android devices that I can test apps and websites on. Over the last few years, I've looked into several other device testing cloud platforms from all sorts of companies and [...]

Testing invisible reCAPTCHA

This is a rehash of my own posts on the Ministry of Testing regarding testing Invisible reCAPTCHA. Google provides various information on Invisible reCAPTCHA, such as the links below, but none of these provide much information. https://developers.google.com/recaptcha/docs/invisible https://www.google.com/recaptcha/intro/invisible https://developers.google.com/recaptcha Here's what I've found out so far from [...]

2018-04-08T15:21:32+00:00March 26th, 2018|Categories: Google, Website Testing|Tags: , , , |

Firefox Quantum browser’s built-in screenshots tool

While trying out the updated Firefox browser - Firefox Quantum - one of the handiest features I've found is the built-in screenshots functionality. I'd read briefly about it at https://screenshots.firefox.com and was expecting it to be available via a button or a menu option, but its actually [...]

2018-09-17T16:37:02+00:00January 17th, 2018|Categories: Browsers, Website Testing|Tags: , , , , |

Using Charles Proxy to test different HTTP Response Codes

Note: If you're new to Charles Proxy, you may need to read my earlier post on Using Charles Proxy for bandwidth throttling testing to get started on this. Charles Proxy really is a neat box of tricks and two of the best are the Rewrite Tool [...]

Using Charles Proxy to test Apps and Websites using SSL

Note: If you’re new to Charles Proxy, you may need to read my earlier post on Using Charles Proxy for bandwidth throttling testing to get started on this. Update: There is now also a Charles Proxy iOS app, which allows you to do the following: Capture HTTP and [...]

Mobile Device Quick Comparison Chart

Update - September 2019 - new iPhones added to the list. Update - August 2019 - lots of phones and tablets added to the list. Update - September 2018 - I've now added the latest devices to the list - iPhone XS Max, iPhone XS, iPhone [...]

Annotating iOS 10 screenshots using Markup in Photos app

In iOS 10 you can annotate your screenshots within the Photos app, using the Markup editor. I only found this by accident the other day, but it's a very useful tool if you're taking screenshots for iOS App Testing and/or Website Testing on iOS 10 devices. [...]

Mobile Device Quick Comparison Chart – Feb 2016

Update - the latest version of the Mobile Device Quick Comparison Chart will now always be at https://www.patwalsh.co.uk/mobile-device-quick-comparison-chart/ It can be difficult keeping track of all the different mobile devices - smartphones and tablets - and the differences between them. With each new version of the [...]

Testing projects so far in 2016

2016 has been busy so far, I’ve worked on lots of different testing projects, with a brief outline of some of them below: Property crowdfunding website testing: mobile device testing Coastal ecosystem website testing Cinema info and booking website testing Cinema iOS 9 app testing Cinema [...]

2015 – Overview of my projects and training

2015 was a busy year for me, with a wide range of projects worked on and also some excellent training and education completed, including the Rapid Software Testing Applied course run by James Bach, which I completed in July. And to give a flavour of the [...]

WordPress Website Healthcheck service added

I've recently formalised and added a new service to my offerings - a WordPress Website Healthcheck. This service is ideal if you’re launching (or re-launching) a WordPress website and want to give the website a healthcheck before the go-live.

Quick Intro to Gherkin

Having used Gherkin in a couple of different testing projects, I thought I'd provide a Quick Intro to Gherkin, for those not familiar with it. So far, I've used Gherkin as a way of documenting tests, rather than automating tests, but it's used in both scenarios. [...]

Website Testing – Checking Network Requests and Activity

Sometimes when Website Testing (or Debugging) you may want to check exactly what's being loaded into the browser from the Network/Internet. You may need to check the sequence that files are loaded in, in order to see what's being run and where it's being accessed from. [...]

iPhone 6 bug raised with Apple – Bug Nr 19094247

Here's the full bug details as I raised on Apple's Bug Reporter (it's nr 19094247) Summary: On iPhone 6, I need to enter a Manual Http Proxy setting via Settings/Wifi I choose the Manual tab, then enter Server nr and Port nr - but this setting [...]

Website Security Testing training – Module 11

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 11 - Web Services Module 11 covers Web Services, including an introduction to Web Services, their possible vulnerabilities and attacks that hackers may carry out. It covers the [...]

Website Security Testing training – Module 10

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 10 - Common Vulnerabilities Module 10 covers common vulnerabilities including some of the OWASP Top 10 Security Risks, plus a wide range of different security threats. It covers [...]

Website Security Testing training – Module 9

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 9 - HTML5 & New Frontiers Module 9 covers the attack vectors and weaknesses introduced in HTML5 and other new standards and protocols. It covers the following: Cross [...]

Website Security Testing training – Module 8

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 8 - Authentication Module 8 covers Authentication, including the most common authentication mechanisms, their weaknesses and the related attacks. It covers the following: Single-factor Authentication Two-factor Authentication Credentials [...]

Website Security Testing training – Module 7

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 7 - Flash Security & Attacks Module 7 covers Flash Security and possible security breaches within web applications using Flash. It covers the Flash Security model and its [...]

Website Security Testing training – Module 6

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 6 - Session Security & Attacks Module 6 covers the use of the Session Identifier, various methods of Session Hijacking and also how it can be prevented. It [...]

Website Security Testing training – Module 5

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 5 - SQL Injection Module 5 covers SQL Injection, where malicious SQL queries can be used to access the database and data that are used to run a [...]

Website Security Testing training – Module 4

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 4 - Cross Site Scripting (XSS) Module 4 covers XSS, one of the oldest types of hacks which is still top of the OWASP Top 10. XSS is [...]

Website Security Testing training – Module 3

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 3 - Information Gathering Module 3 covers the Information Gathering process. This is where the security tester gains an understanding of the web application and collects useful information [...]

Website Security Testing training – Module 2

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 2 - The Penetration Testing Engagement Module 2 covers the overall process of a Penetration Test - from pre-engagement to reporting. A Penetration Test is a complex process [...]

Website Security Testing training – Module 1

As mentioned previously, I'm doing an online training course – Web Application Penetration Testing – from ELearnSecurity. Module 1 - Web Application Essentials Module 1 is an Introduction to the subject, covering Web Application Essentials. It covers the following: HTTP Protocol - HTTP Requests - HTTP [...]

Upgrading Avada from version 3.0.1 to 3.4.3

It had been a while since I'd updated the Avada theme that this website uses and it seems the longer you leave it, the more there is to consider - what will I need to backup, what about WordPress versions, what about my plugins etc? Anyway, [...]