Santhosh Tuppad's Web App Testing Tool-kit

Web Developer

 Perform Tests related to

  CSS

  Images

  Forms

  Cookies

  Responsive web design

Tamper Data

 Tamper HTTP POST requests

 Edit cookie values

 Play around with Session ID(s)

 Analyse Performance

Developer Tools (Network Tab)

 Edit and Resend Post Requests

 Analyse cookie / session ids

Fireshot

 Capture Screenshot

 Full-page screenshot

 Powerful editing features like adding annotations, highlighting text, blurring the specific area and more.

Fiddler Web Debugger

 Analyse Traffic

 Modify HTTP Headers

 Modify HTTP Post requests

 Analyse Cookie Data

 Identify 404 pages and other HTTP status code responses

 Analyse Performance

Workspaces (Sysinternals)

 Helps organize workspaces like Linux OS, but on Windows OS

Perlclip

 Generates test data

 Test with stressful inputs

 Helps identify boundary of text input

Wireshark

 Analyse data packets

 Helps in security testing

 Analyse mobile traffic

iMacros

 Quick automation

 Just Record & Playback

 Scripts editing allowed

 Generates automatic scripts

 Alert: Very basic. Know the context and use it.

FormFiller

Process Explorer (Sysinternals)

 Extract Possible Strings in *.exe

 CPU Utilization metrics

 Pause, start, re-start, kill operations on process

PDT

 Generate Test Data for various formats

  Phone Number

  Time

  Date

HCE (HTML Comment Parser)

 Open-source code

 Provide URL list in CSV & extract HTML comments.

 Keyword driven HTML data parsing

 Extract sensitive data in comments

Charles Proxy

 Analyse mobile app traffic

 Modify data requests and send to server

BurpSuite

 Security Tests

 Intercepting Proxy

 Spider feature

 Replay Attacks

 Testing randomness of tokens

 Support for writing your own plugins for custom tasks

 Intruder Tool

 Free / Commercial Version

Resolution Test

 Helps test for various browser resolutions

 Identify layout issues

 Identify CSS issues and image issues

ColorZilla

 Identify RGB values for color

 Hex Value for colors