Using Bug Magnet to test APIs
I get extremely irritated when people ask me the toolset I use to test without trying to understand/learn what I am testing and how I intend to use a specific tool. My choice of tool and how I use it very much depends on the testing objective and the context. Below is one such example when I used Bug Magnet , a chrome/firefox extension to test APIs. Test objective/mission: Explore the email field added to the JSON payload. I started off the test session with a 5 min brainstorming. I mostly use mind map for this. what regex is used in the code? what inputs can break it? what inputs are business critical? response code when it fails? 400? error message returned on failure? min/max length? multiple email addresses? duplicates? does it matter? do we care if it is a *valid/fake email address? what about domains such as mailinator? (Context:) Given we are not going gung-ho on validation. What could be useful at this moment? From the brainstorming sess...