Penetration testing of Angular JS application in ZAP or Burp Suite - testing

I am struggling to test Angular JS application, Can someone provide me reference to learn that, Couldnt find any.
I want to attack the application but it seems not all links are being visited by Crawler.

How are you exploring the application?
In ZAP you should use the Ajax Spider as this will launch browsers in order to explore it. The standard spider will not be as effective.

Related

What types of dependencies available to do Api automation using selenium?

I am using rest-assured dependency in my project for testing API's with selenium.
Can anyone guide me why basically we use rest-assured dependency in API testing ? (Tried finding the answer from my seniors who developed our project framework and online, i couldnt get any answer why are we using this, it would help me if anyone guides me with the reason ?)
And what are the other ways to do API automation using selenium ?
why should we use them ? (in comparison with rest-assured ?)
Thank you.
Selenium is not typically used for REST API testing. Selenium is a tool that can control web browser. Despite a web browser is a sort of HTTP client, it is very specific client that is intended for browsing web and maintain high level of user security. The above puts certain degree of restriction of what you can and cannot do with the browser. For example:
You can only fire GET request from the address bar
You can do POST request using HTML form but you have to have an HTML page with the form and fixed set of parameters
You can overcome the above if have the page with any javascript client so that you can configure different requests configurations
Points 2 and 3 basically mean you have another level of communication in your framework and that level has to be properly maintained. That's because Web Browser is not naturally intended for interacting with API. But only with very narrow part of what HTTP can offer (again we can overcome that restriction by javascript code executed within the browser but that would be another level of complexity).
RestAssured is pure HTTP client with some handy and neat functionality allowing to easily manipulate with requests and responses. So it allows to fire any type of requests supported by HTTP protocol, parse responses responses and verify them (often all in a single statement).
The latter is naturally designed for interacting with REST API, does not introduce extra levels to your tests, does not have limitation like the browsers have.
Recap
The below schema demonstrates the difference of having your API tests implemented in both approaches:
Selenium case:
Selenium binding lib -> Web Driver -> Browser -> API GET (rarely others - need to maintain special file for that)
Rest-Assured case:
Rest-Assured lib -> API ANY SORT OF REQUESTS
P.S. - In the same way as RestAssured handles API case much effectively than Selenium, Selenium handles Web Testing in much more effective way than RestAssured since the latter cannot neither control browsers nor even execute JAvaScript code. That is why we have two such a powerful and great tools each of which perfectly serves the needs it naturally designed for.
Just because Rest-Assured (RA) is a code-based tool to test API. It supports:
make HTTP(s) request
extract value from response
assert response
Selenium is tool to control web browser, it CANNOT do API testing.
I don't know why you compare Selenium to Rest-Assured. They are 2 different tools that serves 2 different purposes.

Libraries for building web app in python that scrapes data from web in the background

Basically I want to build a web app that can login into 3rd party sites in the background and scrape some data from them.
For building the web app I'm considering using Flask, whereas for the scraping part I was thinking about using Selenium - but I'm not sure if I host the web app Selenium would work properly. Would Scrapy be better suited for such a purpose?
Should I be considering something else altogether?
If its Flask use beautifulsoup(to load the webpage); Selenium(webbrowser) and scrapy(to scrape the data use Selector function in Scrapy its more effective and it will speed your process)

Automate flutter web application using selenium webdriver

I am new to flutter. So, I want to know whether I can use selenium webdriver/java to automate a flutter web application.
I have used java / cucumber to automate web applications and used page object pattern. so, can I do the same technologies to automate a flutter web application ?.
Yes you can, because the automation code is going run on top of the application. So there is no restriction. There is a package available in flutter WebDriver maybe you can try this out . And here is the API documentation.

How to e2e test websites with disabled JavaScript and noscript tags?

I want to e2e test a website like when a user visits it with disabled javascript and/or some scripts blocked.
cypress.io does not (officially) support testing websites with disabled JS so therefore one can not e2e test what users would see in case they are securely visiting the website without JS enabled.
Nightmare JS seems to support it via browser options to disable JS for each Nightmare instance but I haven't tried its performance yet.
Any suggestions for a 2e2 testing tool that allows my scenario to be tested?
Some testing frameworks do not support this scenario when JavaScript is disabled because they inject their scripts in the tested pages and run them during the test execution. For instance, TestCafe requires JavaScript to inject its scripts.

Automation in Go Lang - How to use browser automation like Selenium?

I am new to Golang. And I am looking for automating signup, login processes in a web app. Please suggest a good tool like Selenium and how can I implement it in the go language.
I want to do the following process automatically using Golang:
Start a browser. Currently, I'm using https://github.com/skratchdot/open-golang
Auto entry on the signup page and auto-submit a form.
Login check for the registered user. Everything needs to be done automatically for more users.
You can also use Playwright for Go, which is a wrapper for the Playwright project. Playwright provides a single API to automate Chromium, Firefox, and WebKit to automate browsers which was created by Microsoft. With it you interact with the sites, record videos, make screenshots, and emulate other browser specific behaviour.
If you are going to use GO for web automation testing - Selenium is a good option. Still it's nothing more than a library that allows you to interact with browsers. So you are going to need to develop your own framework or reuse someone already implemented.
My advice is to consider Agouti, since it supports Ginkgo BDD and xUnit Gomega. Everything else is pretty much the same from architectural perspective. You can design it like any other language binding. There are common patterns that appear over and over again in browser automation frameworks, like
PageObjects: A simple abstraction of the UI of your web app.
LoadableComponent: Modeling PageObjects as components.
BotStyleTests: command-based approach
Another good resource for building your Test framework is the xunitpatterns guide. It gives a great content overview of the patterns, smells and refactoring strategies you can use. Also look at this test frameworks tutorial. It'll help you choose the most proper solution for your case.
My guess is that you are going to need some CI server support for
everything needs to be done auto for more users.
Here is a good article how-to achieve this with TravisCI.
update:
you can use Selenium for Golang