Automated Security Testing Using ZAP Python API
4 min readNov 19, 2019
This newsletter is kindly supported by the Ministry of Testing!
TestBash Brighton Super Early Bird Tickets
Join us for a special TestBash-by-the-sea! You could start with one of our 3 days courses on Automation in Testing, Agile Testing for the Whole Team or Testing Essentials Intensive. Then move on to our highly coveted workshop day and finish with the single-track conference day. Super Early Bird Tickets end on 30th November 2019!
Testing and the Community
- Automated Security Testing Using ZAP Python API — Amit Skulkarni helping you understand OWASP ZAP and how you can utilise it.
- Agile Testing for the Whole Team — Whether you’re new to testing or have been testing a while, join the legendary Janet Gregory on this course at TestBash Brighton, to help you add more value to your team and improve your product’s quality.
- Masterclass: [E] Building a World Class QA team with Chris Thacker — Our most recent Masterclass is now available for re-watching.
- On Reflection……. — Nice reminder about good communication.
- The art to be a great mentee — Are you looking for a mentor? This is some good information on starting and maintaining that relationship.
- Running my first Community of Practice kick-off workshop (Part 2) — Great insight to running a CoP.
- Exploratory Testing Debriefs — How do you do yours? — I would appreciate any feedback on what you do and things that work or don’t work. One question that has come up is who raises the bug tickets and is it during the debrief?
Upcoming MoT Events
- TestBash Brighton — 26th — 27th March 2020
- TestBash Detroit — 23rd — 24th April 2020
- TestBash Netherlands — 28th -29th May 2020
Accessibility
- The Accessibility Tree — The flow of page contents from browser to assistive technology isn’t often talked about, but it’s a vital aspect of enabling many disabled users’ access to the internet.
- Accessibility checklist — A list of accessibility recommendations, tips and resources.
- The True Cost of Website Inaccessibility — Over the past few years, several of the most well-known businesses have been working hard to make their physical operations more accessible, but not doing it online.
Automation
- SQL Query Secrets — What indexes are and the ways you can use them to optimize our queries.
- Using HashMaps in automated tests — HashMaps are not widely used, because they seem to be too complicated. However, they can be useful.
Business Posts
- Test Automation & BDD: How They Fit Together — Many development problems arise from miscommunication.
- Best Demo Websites for Practicing Different Types of Software Tests — Some useful websites to keep on hand.
- An Introduction to 508 Compliance Testing — Section 508 is a piece of US legislation that protects the right of people with disabilities to have equal access to electronic and information technology.
- Typical problems solved by service virtualization/mocking/stubbing — several of the more typical problems testers will experience and how service virtualization can help with solving them.
Podcasts
Check out our forever automagically updated list of software testing podcasts…
- Journey to a World-Class Test Automation Framework with Greg Paskal & Max VelDink — Find out what worked for them, along with tips to help you create the best automation framework possible.
- Episode 621 — BlueKeep Vulnerability Exploit In The Wild, Patch Now — BlueKeep was announced by Microsoft and a patch was made available shortly after.
- ABT 343 — Dave Westveld — Talking about accessibility, challenges in testing LMS software, and a lot of “modern” topics.
- Episode 623 — IoT Strikes Again: Ring Doorbell Exposes Your WiFi Password — Something to be more aware of.
- 154: A buttock of biometrics — Talking about the Labour Party cyber-attack claim, Apple’s credit card is accused of being sexist, and Project Nightingale.
Security
- Cybersecurity is heading into a recruitment crisis — Businesses need to think about security differently, from the kinds of people they hire and how they recruit them, to the role of the security team.
- Researchers hack Siri, Alexa, and Google Home by shining lasers at them — MEMS mics respond to light as if it were sound. No one knows precisely why.
- Mozilla Asks Congress to Investigate ISPs Data Collection Practices — Mozilla wrote to members of Congress to urge them to more closely scrutinize the data collection policies of internet service providers.
- This shady malware will infect your PC with dual Trojans — A new malware variant with a low detection rate able to deliver multiple Trojans to infected systems has been disclosed by researchers.
Jobs
- Quality Assurance Specialist — Rapperswil, St.Gallen. Switzerland
- Test Engineer — Leeds, UK
Meetups
- Web application hacking 101 with Jay Harris — Newcastle
- Event Storming with Greg Cupal — Detroit
- 4ta meetup TestingUy — Uruguay
- Organiser’s Meeting — Manchester
- Testing in Agile — Software Testing Clinic Belfast
- November #MidsTest with Violet Kovacheva — Address Matching: How hard can it be? — Midlands
- Risks & Questions Workshop with Simon Tomes & Rajit Singh — Brighton & Hove
- Automation — Software Testing Clinic Nottingham
- Ministry of Testing Accra Meetup — Accra
- Coaching your Team to Test, with Ali Hill + Lean Coffee — Glasgow