UsefulLinks
Computer Science
Cybersecurity
Python Testing
1. Fundamentals of Software Testing
2. Python Testing Environment Setup
3. The unittest Framework
4. The pytest Framework
5. Test Design and Best Practices
6. Mocking, Patching, and Test Doubles
7. Advanced Testing Techniques
8. Testing Specific Application Types
9. Test Automation and Continuous Integration
10. Code Coverage
11. Security-Oriented Testing
12. Test Data Management
13. Debugging and Troubleshooting Tests
14. Performance and Optimization
11.
Security-Oriented Testing
11.1.
The Role of Testing in Application Security
11.1.1.
Identifying Security Flaws Early
11.1.2.
Supporting Secure Development Practices
11.1.3.
Security Testing Integration
11.2.
Testing for Common Vulnerabilities
11.2.1.
Input Validation Testing
11.2.1.1.
Testing for Injection Points
11.2.1.2.
Validating User Input
11.2.1.3.
Boundary Value Testing
11.2.2.
Authentication and Authorization Testing
11.2.2.1.
Access Control Testing
11.2.2.2.
Session Management
11.2.2.3.
Privilege Escalation
11.2.3.
Error Handling Testing
11.2.3.1.
Testing Error Messages
11.2.3.2.
Preventing Information Disclosure
11.2.3.3.
Exception Security
11.2.4.
Injection Attack Testing
11.2.4.1.
SQL Injection
11.2.4.2.
Command Injection
11.2.4.3.
Code Injection
11.3.
Fuzz Testing
11.3.1.
Concept and Application
11.3.1.1.
Generating Random Inputs
11.3.1.2.
Detecting Crashes and Failures
11.3.1.3.
Mutation-Based Fuzzing
11.3.2.
Tools for Fuzzing Python Code
11.3.2.1.
Using Atheris
11.3.2.2.
Integrating with CI
11.3.2.3.
Custom Fuzzing Harnesses
11.4.
Static Application Security Testing
11.4.1.
Linting for Security Issues
11.4.1.1.
Identifying Insecure Patterns
11.4.1.2.
Code Quality Security
11.4.2.
Using Tools like bandit
11.4.2.1.
Running Security Scans
11.4.2.2.
Interpreting Results
11.4.2.3.
Custom Security Rules
11.4.3.
Dependency Vulnerability Scanning
11.4.3.1.
Known Vulnerability Detection
11.4.3.2.
Dependency Updates
11.5.
Dynamic Application Security Testing
11.5.1.
Principles of DAST
11.5.1.1.
Testing Running Applications
11.5.1.2.
Simulating Attacks
11.5.1.3.
Runtime Security Testing
11.5.2.
Integrating DAST tools in the testing phase
11.5.2.1.
Automating DAST in CI/CD
11.5.2.2.
Reviewing DAST Reports
11.5.2.3.
Security Test Automation
Previous
10. Code Coverage
Go to top
Next
12. Test Data Management