API 測試基礎

API 測試

API 的需求層級

  • Usability(可用性):
  • Functionality(功能性):API 的使用方式要跟 API 文件一致
  • Reliability(可靠性):正常的運行時間,速率限制
  • Proficiency(能力): Swagger

  • Creativity(創造力):

常見的工具

  • supertest / superagent
  • Postman (GUI)
  • JMeter
  • SoapUI(有提供安全測試的功能)
SQL Injection : tries to exploit bad database integration coding
XPath Injection : tries to exploit bad XML processing inside your target service
Boundary Scan : tries to exploit bad handling of values that are outside of defined ranges
Invalid Types : tries to exploit handling of invalid input data
Malformed XML : tries to exploit bad handling of invalid XML on your server or in your service
XML Bomb : tries to exploit bad handling of malicious XML request (be careful)
Malicious Attachment : tries to exploit bad handling of attached files
Cross Site Scripting : tries to find cross-site scripting vulnerabilities
Custom Script : allows you to use a script for generating custom parameter fuzzing values

延伸閱讀

results for ""

    No results matching ""