A follow-on to the risk catalogue from previous assignment and DW post. Again here is a messy blog post on methodology and what the cat was doing (yowling) while download LibO to my iMac and as I struggle to put together the formal report specified in the assignment.
LibO lastName entry points
I started off this morning at the VW dealership with some exploratory testing to see if any of the spare few test ideas I have noted are feasible/sensible. I quickly realized a few key things. To keep my test case collection manageable I should probably settle on one or at most two ways to input values of the variable under test. In my initial risk catalog write-up (cf prev post) I identified three major entry points: start-up wizard, options, read from user settings.( Collapse )
Some notes on tools
While blundering around I found many better ways to do what I was up to. Even without a formal harness it's easy to generate and evaluate data against a SUT this way with the built-ins of any scripting language. I settled on Python because after trying some Ruby and Perl I got going the fastest in Python .. though as I found easily enough I was still going much slower than I needed to. I should have googled sooner as that would have saved me some time and keystrokes.
Here are two things I will use in the future for this sort of exploration: Python libraries to interact directly with the platform clipboard and (if available) the Ruby black bag security toolset. There's no coincidence at all that the same tools that work for neutral/academic software testing and QA are also used to attack software and find its weak point and I've studied both.
Ed note: I've submitted the assignment to the class and will post it here after the course is done and grading is completed.