Web Site Monitoring - Performance Monitoring - Free open-source website performance monitoring and uptime notification application in PERL, from AllScoop; sends email notification if site is slow or down.
TestMaker - Free open source utility maintained by PushToTest.com and Frank Cohen, for performance, scalability, and functional testing of Web application. Features test authoring of Web applications, Rich Internet Applications (RIA) using Ajax, Service Oriented Architecture, and Business Process Management environments. Integrates Selenium, soapUI, TestGen4Web, and HTMLUnit to make test development faster/easier. Repurposes tests from these tools into load and performance tests, functional tests, and business service monitors with no coding. Repurposes unit tests written in Java, Jython, JRuby, Groovy, and other dynamic scripting languages. Runs on any platform.
Cactus - A simple open-source test framework for unit testing server-side java code (Servlets, EJBs, Tag Libs, Filters, etc.). Intent is to allow fine-grained continuous testing of all files making up an application: source code but also meta-data files (such as deployment descriptors, etc) through an in-container approach. It uses JUnit and extends it. Typically use within your IDE, or from the command line, using Ant. From Apache Software Foundation.
Webmaster Toolkit - Collection of 35 free tools and utilities useful to webmasters; includes link checker, page analyzer, ping, color tool, FrontPage and DreamWeaver code cleaner, link extractor, etc.
JCrawler - An open-source stress-testing tool for web apps; includes crawling/exploratory features. User can give JCrawler a set of starting URLs and it will begin crawling from that point onwards, going through any URLs it can find on its way and generating load on the web application. Load parameters (hits/sec) are configurable via central XML file; fires up as many threads as needed to keep load constant; includes self-testing unit tests. Handles http redirects and cookies; platform independent.
Curl-Loader - Open-source tool written in 'C', simulating application load and behavior of tens of thousand HTTP/HTTPS and FTP/FTPS clients, each with its own source IP-address. In contrast to other tools curl-loader is using real C-written client protocol stacks, namely, HTTP and FTP stacks of libcurl and TLS/SSL of openssl. Activities of each virtual client are logged and collected statistics include information about: resolving, connection establishment, sending of requests, receiving responses, headers and data received/sent, errors from network, TLS/SSL and application (HTTP, FTP) level events and errors.
The Grinder - A Java-based load-testing framework freely available under a BSD-style open-source license. Orchestrate activities of a test script in many processes across many machines, using a graphical console application. Test scripts make use of client code embodied in Java plug-ins. Most users do not write plug-ins themselves, instead using one of the supplied plug-ins. Comes with a mature plug-in for testing HTTP services, as well as a tool which allows HTTP scripts to be automatically recorded.
HTML-Kit - Free, full-featured editor from Chami.com designed to help HTML, XHTML and XML authors to edit, format, lookup help, validate, preview and publish web pages. Uses a highly customizable and extensible integrated development environment while maintaining full control over multiple file types including HTML, XHTML, XML, CSS, XSL, JavaScript, Perl, Python, Ruby, Java, and much more. Finds errors and provides suggestions on how to create standards compliant pages. Includes internal, external, server-side and live preview modes; FTP Workspace for uploading, downloading and online editing of files; and the ability to use hundreds of optional free add-ins through its open plugins interface. GUI support of W3C's HTML Tidy; seamless integration with the CSE HTML Validator. Validate XML documents using its DTD and/or check for well-formedness. Over 400 free plugins available for extending and customizing HTML-Kit. Pro plugins available to paid registered users.
Web Testing Plugin collection - Large collection of links to and short descriptions of open source utilities and tools for web testing, unit testing, assertions, mocks, fixture utilities, reporting, validators, code coverage, etc. Mostly for Ruby, maintained by Benjamin Curtis
Venkman Javascript Debugger - Firefox extension; open source JavaScript debugging environment for Mozilla based browsers
FlexMonkey - A testing framework for Flex apps. Capabilities include capture, replay and verification of Flex UI functionality. Can generate ActionScript-based testing scripts that can easily be included within a continuous integration process. Uses the Flex Automation API and was created by extending Adobe's sample automation adapter, AutoQuick. Donated to the Flex community by Gorilla Logic. Site also lists info and links to three other open source Flex test tools/frameworks: FlexUnit, Selenium-Flex, and FunFx.
YSlow - Free open source tool analyzes web pages and explains why they're slow based on rules for high performance web sites. A Firefox add-on integrated with the Firebug web development tool. Includes a Performance report card, HTTP/HTML summary, list of components in page and related info, tools including JSLint. Generates a grade for each rule and an overall grade, lists suggested specific changes to improve performance, calculates total size of page for empty and primed cache scenarios, cookie info. Can also view HTTP response headers for any component
TPTest - An open source software suite for testing network throughput and Internet services. It consists of a software library with test functions that can be implemented in test client and server applications. Reference client/server apps are also included.
TestGen - Free open-source web test data generation program that allows developers to quickly generate test data for their web-services before publicly or internally releasing the web service for production.
Sunday, November 29, 2009
Web Site Security Test Tools
OWASP Security Testing Tools - Variety of free and open source web security testing tools via the OWASP (Open Web Application Security Project) site. SQLiX is an SQL injection vulnerability test tool that uses multiple techniques - conditional errors injection; blind injection based on integers, strings or statements, MS-SQL verbose error messages ("taggy" method); can identify database version and gather info for MS-Access, MS-SQL, MySQL, Oracle and PostgreSQL. Other security testing tools available include WebScarab, Tiger, LAPSE, Pantera, etc.
Wikto - Web server security assessment tool for windows servers, open source, from SensePost. It's three main sections are its Back-End miner, Nikto-like functionality, and Googler to obtain additional directories for use by the other two. Includes ability to export results to CSV file.
NMap Network Mapper - Free open source utility for network exploration or security auditing; designed to rapidly scan large networks or single hosts. Uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and many other characteristics. Runs on most flavors of UNIX as well as Windows.
Wikto - Web server security assessment tool for windows servers, open source, from SensePost. It's three main sections are its Back-End miner, Nikto-like functionality, and Googler to obtain additional directories for use by the other two. Includes ability to export results to CSV file.
NMap Network Mapper - Free open source utility for network exploration or security auditing; designed to rapidly scan large networks or single hosts. Uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and many other characteristics. Runs on most flavors of UNIX as well as Windows.
Subscribe to:
Posts (Atom)