A very short update this time. If you’ve been following all my posts, you’d know that I’ve been working along with Dinis trying to build a cool, reusable framework for testing web services. Right now all of the focus is on doing some authorization testing; I’ve been writing unit tests for each of the Web Service methods that are allowed to be consumed by the WSDL. Why? Read this 🙂
Now the update here is that out of a total of 123 methods I am done with 38 methods and have pushed all of it to our private Git repository. While that might seem like a long way to go, it really isn’t, as writing these tests becomes much much faster as you understand more of the application, its other methods and are able to re-use code that you yourself wrote. While I’m not a developer, I do strongly believe that the best code you could re-use, is your own old code. That’s clearly the case here as well.
Right. So that’s about it and I’m not on this for a few days due to another gig that has come up…but I should be back in a week or 10 days at most. I’ll link to our spreadsheet which is tracking all of this and much much more. Dinis talked about it in detail here; my personal thoughts are that it’s coming along really well; with potential to become even better.
The reason I say this is because when I started out, this sheet looked like this.
And now it looks like this 🙂
I’d started this out purely as an internal tracker; to track my own work and the potential attackers for each method. But after Dinis played around loads with it last week, and me helping him, it is converted into a lot more. So it is now….
a) A tracker for a security tester (Me)
b) A complete list of easily readable authorization mappings; useful for the tester, developer and management.
c) A clear picture which shows the state each method is in; what needs to be removed or fixed.
d) A sheet which shows what unit tests are done so the developer can use those whenever he/she wants.
and probably more… 🙂 but I guess you guys got what I was trying to say.
It’s really cool when you see something really raw, transformed into something really cool, in front of your eyes. For me anyway. Catch you guys in a week or so then. Cya 🙂