Free open source testing tools have never been more popular, necessary or front of mind. Recent news coverage of the open source Kayenta suite of canary testing tools launched by Google and Netflix not only demonstrates that industry has an increasing appetite for automated testing, but also that the need for such tools is far more widely accepted.
There are a few major pitfalls for the unwary when choosing open source testing tools, perhaps the most important being to be clear about is the difference between ‘free’ tools and open source tools, a distinction that often gets muddied. Indeed, there are legions of ‘free’ tools that are not truly open source, which can be an unwelcome discovery – too late – if not checked carefully first.
Open source tools should have been peer reviewed, a process that will weed out key vulnerabilities and omissions, as well as highlighting any commercial bias in the results they generate. Without labouring the point, the quality of the tools will have a direct impact on the quality of their results, and thus the quality of the end product. This fact is undoubtedly one of the planks that spurred Microsoft to release a new IntelliCode feature just days ago, designed to help developers “code with confidence” by providing AI-assisted code development support.
Another essential element in choosing an open source tool is due diligence – the licensing, user reports and any previous bug fixes should be thoroughly checked before commiting time and effort to the tool. The community is also a great indicator – most good tools have a large and friendly open source community and their help can prove invaluable in the event of issues arising during use.
Here are just a few of the best open source testing tools that we would recommend:
- Selenium
Selenium is a suite of tools that allow you to automate the testing of web applications, and includes Selenium WebDriver, the most widely used test tool for browser test automation. It drives a browser as if it was a user and can be run locally on your desktop.
Selenium Grid allows you to run Selenium WebDriver testing on remote computers for parallel running on various PCs with different browsers installed.
One of the main advantages of using Selenium WebDriver over other UI automation tools is that you can write your automated tests in a variety of supported programming languages, such as Java, C#, Ruby, Python and PHP.
Visit the Selenium website http://www.seleniumhq.org/ for more details.
- SoapUI
SoapUI allows you to perform functional testing on web applications, and is mainly used to test SOAP and REST (JSON) Web services but can also be used to test messaging layers, databases and Rich Internet Applications.
It makes writing test cases simple and easy by using its drag and drop feature, and also allows you to run a test in multiple environment just by changing the test setup. Test execution and report analysis are all carried out inside the SoapUI GUI.
A particularly handy feature of SoapUI allows you to to create mock web services, ideal when creating tests for web services that are not yet live.
More information on SoapUI can be found at https://www.soapui.org/
- Katalon Studio
Katalon is a powerful testing tool that uses Selenium as a foundation and adds in even more flexibility and features. One key benefit is that the surface UI is intended to be friendly for non-technical users, but for real tech experts there is still the power of Selenium’s core engine under the surface.
Katalon Studio is built as a unified bundle which includes almost all necessary things like Java, Android SDK, Web drivers to drive browsers, and required dependencies, so there’s less downloading and setting up time required.
In addition, Katalon Studio can handle Windows controls such as Windows popups and embedded objects (Flash, Flex, Media) that can cause issues for other test platforms.
Go to https://www.katalon.com/katalon-studio/ for more information.
- VirtualBox
It is a fact of modern development that most applications will require testing across multiple browsers and operating systems. Instead of having the expense of building physical servers with different operating systems and browsers, VirtualBox allows you to create virtual machines (VMs) with different configurations in order to robustly test new applications.
VirtualBox can be run on any operating system to create VMs, that can then have different operating systems (and different versions of OS’s) and the whole gamut of browsers installed. The result is multiple VMs with different operating systems, on the same desktop, allowing you to test multiple browsers and operating systems quickly and inexpensively.
Virtual machines can then be stored and run as needed on the host PC at a later date. They can be reset to remove all changes made when used for previous testing ensuring a clean system when used later.
Further information can be found at https://www.virtualbox.org
- Google Test
Google Test is Google’s C++ test framework, a merging of GoogleTest and GoogleMock projects. The open source tool can perform a wide range of testing duties, including test discovery, fatal and non-fatal failures, value and type parameterized tests as well as generate XML test reports.
It has been used on a wide range of platforms including Linux, Windows, Mac OSX and Symbian.
More information on Google Test and Feedback can be found at https://github.com/google/googletest
Overall, while there are plenty of open source testing options out there, ensuring a good fit with your testing regime requires some time and effort. In addition, making sure your shortlist contains only well-supported and trusted options is essential. By conducting a due diligence programme and also interacting with the developer community around your chosen tool you’ll be much more likely to ensure your testing delivers full value.
[su_box title=”About Iain Finlayson” style=”noise” box_color=”#336588″][short_info id=’105570′ desc=”true” all=”false”][/su_box]
[su_box title=”About James McLean” style=”noise” box_color=”#336588″][short_info id=’105571′ desc=”true” all=”false”][/su_box]
The opinions expressed in this post belong to the individual contributors and do not necessarily reflect the views of Information Security Buzz.