- Information
- AI Chat
Was this document helpful?
Test heuristics cheatsheet Document
Course: Computer Science and Engineering (CSE2001)
252 Documents
Students shared 252 documents in this course
University: BMS College of Engineering
Was this document helpful?
Test Heuristics Cheat Sheet
Data Type Attacks & Web Tests
Data Type Attacks
Long Name (>255 chars) Special Characters in Name (space * ? / \ | < > , . ( ) [ ] { } ; : ‘ “ !
@ # $ % ^ &) Non-Existent Already Exists No Space Minimal Space Write-
Protected Unavailable Locked On Remote Machine Corrupted
Paths/Files
Timeouts Time Difference between Machines Crossing Time Zones Leap Days
Always Invalid Days (Feb 30, Sept 31) Feb 29 in Non-Leap Years Different Formats
(June 5, 2001; 06/05/2001; 06/05/01; 06-05-01; 6/5/2001 12:34) Daylight Savings
Changeover Reset Clock Backward or Forward
Time and Date
032768 (215) 32769 (215 + 1) 65536 (216) 65537 (216 +1) 2147483648 (231)
2147483649 (231 + 1) 4294967296 (232) 4294967297 (232 + 1) Scientific Notation
(1E-16) Negative Floating Point/Decimal (0.0001) With Commas (1,234,567)
European Style (1.234.567,89) All the Above in Calculations
Numbers
Long (255, 256, 257, 1000, 1024, 2000, 2048 or more characters) Accented Chars
(àáâãäåçèéêëìíîðñòôõöö, etc.) Asian Chars ( ) Common Delimiters and Special
Characters ( “ ‘ ` | / \ , ; : & < > ^ * ? Tab ) Leave Blank Single Space Multiple Spaces
Leading Spaces End-of-Line Characters (^M) SQL Injection ( ‘select * from customer )
With All Actions (Entering, Searching, Updating, etc.)
Strings
Web Tests
Back (watch for ‘Expired’ messages and double-posted transactions) Refresh Bookmark
the URL Select Bookmark when Logged Out Hack the URL (change/remove
parameters; see also Data Type Attacks) Multiple Browser Instances Open
Navigation
See also Data Type Attacks HTML/JavaScript Injection (allowing the user to enter
arbitrary HTML tags and JavaScript commands can lead to security vulnerabilities) Check
Max Length Defined on Text Inputs > 5000 Chars in TextAreas
Input
HTML Syntax Checker (http://validator.w3.org/)
CSS Syntax Checker (http://jigsaw.w3.org/css-validator/)
Syntax
Javascript Off Cookies Off Security High Resize Browser Window Change Font Size
Preferences
Violates Domain-Specific Rules (an ip address of 999.999.999.999, an email address with
no “@”, an age of -1) Violates Uniqueness Constraint
General
Testing Wisdom
A test is an experiment designed to reveal information or answer a specific question about the software or
system. Stakeholders have questions; testers have answers.Don’t confuse speed with progress. Take a
contrary approach. Observation is exploratory. The narrower the view, the wider the ignorance. Big
bugs are often found by coincidence. Bugs cluster. Vary sequences, configurations, and data to increase
the probability that, if there is a problem, testing will find it. It’s all about the variables.
Copyright © 2006 Quality Tree Software, Inc.
www.qualitytree.com
This cheat sheet includes ideas from Elisabeth Hendrickson, James Lyndsay, and Dale Emery