Advantages of Jmeter




- Its pure Java tool, which allows to execute this tool in any platform (i.e. platform independent)

- Its have lot many configuration mechanism like Http Request, FTP Request, java request , SOAP Request

- This tool mainly used for performance testing (load, stress)

- GUI are very user friendly, which helps in executing and recording application sessions

- User can apply automation frame work (data driven, parameter)

- You can use bad boy to record both HTTP/HTTPS and save as Jmeter scripts.

- Open source license: JMeter is totally free,  allows developer use the source code for the development

- Friendly GUI: JMeter is extremely easy to use and doesn't take time to get familiar with it

- Platform independent: JMeter is 100% pure Java desktop application. So it can run on multiple platforms

- Full multi-threading framework. JMeter allows concurrent and simultaneous sampling of different functions by a separate thread group

- Visualize Test Result: Test result can be display in a different format such as chart, table, tree and log file

- Easy installation: You just copy and run the *.bat file to run JMeter. No installation needed.

- Highly Extensible: You can write your own tests. JMeter also supports visualization plugins allow you extend your testing

- Multiple testing strategy: JMeter supports many testing strategies such as Load Testing, Distributed Testing, and Functional Testing.

- Simulation: JMeter can simulate multiple users with concurrent threads, create a heavy load against web application under test

- Support multi-protocol: JMeter does not only support web application testing, but also evaluate database server performance. All basic protocols such as HTTP, JDBC, LDAP, SOAP, JMS, and FTP are supported by JMeter

- Record & Playback - Record the user activity on the browser and simulate them in  web application using JMeter

- Script Test: Jmeter can be integrated with Bean Shell & Selenium for automated testing.

Types of Performance Testing

Load Testing – checks the application’s ability to perform under anticipated user loads. The objective is to identify performance bottlenecks before the software application goes live.
Stress testing – involves testing an application under extreme workloads to see how it handles high traffic or data processing .The objective is to identify breaking point of an application.

Endurance Testing – is done to make sure the software can handle the expected load over a long period of time.

Spike Testing – tests the software’s reaction to sudden large spikes in the load generated by users.

Volume Testing – Under Volume Testing large no. of. Data is populated in database and the overall software system’s behavior is monitored. The objective is to check software application’s performance under varying database volumes.

Scalability Testing – The objective of scalability testing is to determine the software application’s effectiveness in “scaling up” to support an increase in user load. It helps plan capacity addition to your software system.

Why we do Performance Testing?

Performance testing is done to provide stakeholders with information about their application regarding speed, stability and scalability. More importantly, performance testing uncovers what needs to be improved before the product goes to market. Without performance testing, software is likely to suffer from issues such as: running slow while several users use it simultaneously, inconsistencies across different operating systems and poor usability.

Performance testing will determine whether or not their software meets speed, scalability and stability requirements under expected workload on system. Applications sent to market with poor performance metrics due to nonexistent or poor performance testing are likely to gain a bad reputation and fail to meet expected sales goals.Also, mission critical applications like space launch programs or life saving medical equipments should be performance tested to ensure that they run for a long period of time without deviations.

What is Performance Testing?

Performance testing is a means of quality assurance (QA). It involves testing software applications to ensure they will perform well under their expected workload.
Features and Functionality supported by a software system is not the only concern. A software application’s performance like its response time, do matter. The goal of performance testing is not to find bugs but to eliminate performance bottlenecks

The focus of Performance testing is checking a software program’s :

Speed – Determines whether the application responds quickly
Scalability – Determines maximum user load the software application can handle.
Stability – Determines if the application is stable under varying loads

Difference between close( ) and quit( ) Selenium WebDriver

close( ) WebDriver command closes the Browser window which is in focus.

If there are more than one Browser window opened by the Selenium Automation, then the close( ) command will only close the Browser window which is having focus at that time. It wont close the remaining Browser windows.

Where as quit( ) WebDriver command is generally used to shut down the WebDrivers instance. Hence it closes all the Browser windows that are opened by the Selenium Automation.

close( ) and quit( ) work in the similar way when Selenium Automation opens only single Browser window. They differ in their functionality when there are more than one Browser windows opened by the Selenium Automation.

Do we need Selenium Server for Selenium WebDriver?

Selenium Server need to be run as a prerequisite for running the Selenium RC Automation tests.

Why Selenium Server is required by Selenium RC ?

As Selenium RC doesn't make direct calls to browser. So it requires Selenium Server as a mediator between     Selenium RC tests and Browsers.

So in order to run any Selenium RC Automation tests, we've to run the Selenium Server first.

Is Selenium Server required by Selenium WebDriver ?

Selenium Server is not required by Selenium WebDriver when we run the Selenium Automation tests on the same machine. (i.e. Browsers and Automation tests are on the same machine).

Why Selenium Server is not required when the Test Browsers and Automation Tests are on the same machine ?

Selenium WebDriver makes direct calls to the browser using each browser's native support for Test Automation.

For example:

We use FireFox Browsers native support in our Selenium Automation code in order to run our tests on Firefox Browser.

In the similar manner we use Native support of Browsers to run our tests on respective browsers.

Hence Selenium Server is not required for running Selenium Web Driver Automation tests on the same machine.

But, you may require Selenium Server for running Selenium WebDriver Automation tests on different machines (i.e. when the Selenium tests and Test Browsers are on different machines). This case may be possible only when implementing Selenium Grid where you have to run automation tests simultaneously on different machines to reduce time). Suppose you have 5 tests and each test takes a day to run. Then you may implement Selenium Grid to use 5 machines each running a single automation tests. Hence you will reduce the time from 5 days to 1 day.

Hence, for Selenium RC we are not going to run Selenium Server as a pre-requisite when the Selenium Tests and Test Browsers are on the same machine.

Jmeter Keyboard Shortcuts

Copy : CTRL+C

Duplicate Node : CTRL+SHIFT+C

Debug Off (Toggle selected node Test Element log level to INFO): CTRL+D

Debug On (Toggle selected node Test Element log level to DEBUG): CTRL+SHIFT+D

Clear All (Clear run results): CTRL+E

Clear (Clear selected GUI run results): CTRL+SHIFT+E

Open Function Helper Dialog : CTRL+F

Make a screenshot of selected node GUI : CTRL+G

Make a screenshot of JMeter GUI : CTRL+SHIFT+G

Open Help Page : CTRL+H (Not working on Mac)

Close current Test Plan : CRTL+L

Select SSL Manager (will set "javax.net.ssl.keyStore" property) : CTRL+M

Open a file : CTRL+O

Exit : CTRL+Q

Start Test Plan : CTRL+R

Remote Start Test Plan : CTRL+SHIFT+R

Save : CTRL+S

Save All : CTRL+SHIFT+S

Toggle Element (Enable / Disable) : CTRL+T

Paste : CTRL+V

What class is the selected node (displays in console the class of GUI and Test Element) : CTRL+W

Cut : CTRL+X

Remote stop all : ALT+X

Remote shutdown all : ALT+Z

Remove node : Delete key

Stop Test : CTRL + "."

Shutdown Test : CTRL + "," (not working on Mac)

Collapse All : CTRL+"-" (not working on Mac)

Expand All : CTRL+SHIFT+"-" (not working on Mac)

Changes since 2.8:

Search : CTRL+F (currently used for Function Helper)

Open Function Helper Dialog : CTRL + F1

Proposed changes:

Open Help : CTRL+?

Close Test Plan : CTRL+W (currently used for "What's this node?")

What class : Remove shortcut or CTRL+I

Cross-Site Request Forgery (CSRF)

Cross-Site Request Forgery (CSRF) is an attack that tricks the victim into loading a page that contains a malicious request. It is malicious in the sense that it inherits the identity and privileges of the victim to perform an undesired function on the victim's behalf, like change the victim's e-mail address, home address, or password, or purchase something. CSRF attacks generally target functions that cause a state change on the server but can also be used to access sensitive data.

For most sites, browsers will automatically include with such requests any credentials associated with the site, such as the user's session cookie, basic auth credentials, IP address, Windows domain credentials, etc. Therefore, if the user is currently authenticated to the site, the site will have no way to distinguish this from a legitimate user request.

In this way, the attacker can make the victim perform actions that they didn't intend to, such as logout, purchase item, change account information, retrieve account information, or any other function provided by the vulnerable website.

Sometimes, it is possible to store the CSRF attack on the vulnerable site itself. Such vulnerabilities are called Stored CSRF flaws. This can be accomplished by simply storing an IMG or IFRAME tag in a field that accepts HTML, or by a more complex cross-site scripting attack. If the attack can store a CSRF attack in the site, the severity of the attack is amplified. In particular, the likelihood is increased because the victim is more likely to view the page containing the attack than some random page on the Internet. The likelihood is also increased because the victim is sure to be authenticated to the site already.

Synonyms: CSRF attacks are also known by a number of other names, including XSRF, "Sea Surf", Session Riding, Cross-Site Reference Forgery, Hostile Linking. Microsoft refers to this type of attack as a One-Click attack in their threat modeling process and many places in their online documentation.

Reference : OWASP


Difference between Regression and Retesting

Difference between Regression and Retesting is most haunting software testing question asked in any interview by Interview and we normally get confuse between Regression testing and Re-testing.

We as tester do Retesting and Regression testing all our life, Whether we reach on the top of ladder of this profession or has just started the profession.

Software testing is a kind of fun and if you are not enjoying the software testing, It means you are not following the right method of testing.

Since we people are linked with the testing of software, we all would be pretty familiar with the word Regression and Retesting. Since both sound similar and comes in to action just after a bug-fix, so most of the time we people get stuck to the fundamental difference between Retesting and Regression.

Difference between Regression and Retesting

1. Retesting is done to make sure that bug is fixed and failed functionality is working fine or not, This is kind of verification method followed in testing field for the fixed bugs. Whereas, Regression is re-execution of the test cases for unchanged part to see that unchanged functionality is working fine are not.

2.  Retesting is a planned testing while Regression is know as the generic testing.

3. Retesting is only done for failed Test cases while Regression is done for passed test cases.

4. We should always keep this in mind, Re-testing has higher priority than the regression testing. But in bigger projects Retesting and Regression is done in parallel effort.But never forget importance of both in the success of the project.

Giving Your Software Testing Practice an Automation Advantage

We see a lot many IT services being provided in a conventional manner, software testing being one of them. This is happening due to lack of exposure to the latest technologies, new methods and benefits attached with them.

In software testing space, there is a buzz about test automation everywhere. However, several companies being new to this are interrogating its capabilities to cater to complete requirements for delivering right software testing services to clients. Some expectations of companies in terms of software testing :


  • Provide a parallel testing environment to keep pace with the rapid application development framework
  • Short software release lifecycles and timely sign-offs
  • Test & Regress as much as possible
  • Ability to test on multiple environments such as QA, staging and production
  • Up-to-date availability of documents for every process, defect or activity

Test Automation has an ability to cater to all these aspects over and above overcoming the drawbacks of manual testing such as time consuming workflows, tedious testing cycle, heavy investments in human resources, etc. Since automation testing is all about executing test cases using automation tool without human intervention, it is faster and error-free. It also ensures consistency, provides re-usability of test cases and gives reliable results. Companies still deliberating for adopting automation testing can count on the following grounds :

  • Time saver – Automation testing is surely a time saver since it can run a number of test cases simultaneously
  • Easy Learning Curve – One can learn to perform automated testing in no time. Testers who are reluctant to invest time in learning before they get labeled as a productive test engineer can certainly opt for automation testing
  • Zero Coding – Automation testing requires no programming skills or code development experience
  • Scalable – Test automation provides highly re-usable script architecture with simple editing capability
  • Efficiency – Provides increased efficiency by reducing human errors
  • Economical – Concluding factor as the initial cost of ownership and further infrastructure requirements always counted

What is Apache HTTP Server ?

Apache is the most popular Web server software. It enables a computer to host one or more websites that can be accessed over the Internet using a Web browser. The first version of Apache was released in 1995 by the Apache Group. In 1999, the Apache Group became the Apache Software Foundation, a non-profit organization that currently maintains the development of the Apache Web server software.

It is an open source Web server creation, deployment and management software. Initially developed by a group of software programmers, it is now maintained by the Apache Software Foundation.

Apache's popularity in the Web hosting market is largely because it is open source and free to use. Therefore, Web hosting companies can offer Apache-based Web hosting solutions at minimal costs. Other server software, such as Windows Server, requires a commercial license. Apache also supports multiple platforms, including Linux, Windows, and Macintosh operating systems. Since many Linux distributions are also open-source, the Linux/Apache combination has become the most popular Web hosting configuration.

Apache can host static websites, as well as dynamic websites that use server-side scripting languages, such as PHP, Python, or Perl. Support for these and other languages is implemented through modules, or installation packages that are added to the standard Apache installation. Apache also supports other modules, which offer advanced security options, file management tools, and other features. Most Apache installations include a URL rewriting module called "mod_rewrite," which has become a common way for webmasters to create custom URLs.

While the Apache Web server software is commonly referred to as just "Apache," it is technically called "Apache HTTP Server," since the software serves webpages over the HTTP protocol. When Apache is running, its process name is "httpd," which is short for "HTTP daemon."