There’s lots of quick attacks you can do on an web page input field. Gojko Adzic has written a useful extension called BugMagnet (Chrome only at the moment) that puts a lot of these quick attacks a right-click away.
I’ve found the BugMagnet tool useful in several ways.
- It saves typing and test data preparation. With a right-click you can enter 64Kb of data, Chinese characters, XSS exploits, different types of email formats, etc. No need for lengthy typing or cut and pasting from your test data document. Right-click, select, and there it is.
- It reminds me of all the different tests that could be done—overflows, special characters, white space handling, error handling of invalid input, security considerations, etc. I have the Test Heuristics Cheat Sheet handy as a reminder and can now have this as well.
- It can also be useful for demonstrating to someone who may not have much exposure to testing just how much could go wrong with just one simple inout field. A few years ago I had a conversation with a manager who was confused as to how hard it could be to test an input form—didn’t you simply enter some values and check that it worked? With this extension, you can explain all the possible inputs that could happen, what could go wrong if the app did not process them properly, and why you needed to test these possibilities.
Hi Phil,
Great post, and I agree BugMagnet is a great add-on.
I liked your 3rd bullet also, way too often testing is over simplified on the minds of those who really haven’t done testing or seen prober testing applied..
I have also personally explained so many times over the years how Exploratory testing can be great addition to test teams, but equally often I have had to explain testers common test objectives they should be thinking. For that purpose I have started to collate very recently a list that I can refer my testers.. simply because its indeed a talent to find all different ways that something could break, and yes experience does matter in this field too.