Snipping tool windows and quickplayer in mac for screen recording
IDE - vs code, aqua
Postman, swagger - api testing and postbot -test scripting
Chrome dev tools for network calls
Git bash for git
Jenkins for ci/cd
Mailosaur for email testing
Excel for data driven testing
Jsondiff and jsonbeautifier for json
Browserstack and appium for mobile testing
Firebox, chrome, edge and safari for browser testing
Selenium grid for parallel testing
Jmeter and gtmetrix for performance testing
Vysor for screen sharing
Cyberduck for sftp
I’ve used probably about half of the above mentioned tools, but in terms of quantity it’s the hand-written options that far exceed the commercial or open source tools. I often don’t have time to find a tool to do a specific job, so I just use whatever programming language is available, and write it from scratch. Admittedly, they are usually one trick ponies, and a high proportion of them are disposed of afterwards.
For example, if I need to take a CSV file and generate 10,000 files from an equivalent table, it doesn’t take much VBA to do it. I can guarantee there will be a tool out there that can do it already, but it saves me time to just write exactly what I want/need.
Same here, I often use various bash tools to get what I want (whether filtering output or generating input), or write Python scripts if I think I’ll need to repeat the process at a later date.
Tools could also include the physical things on your desk - I have a soft button on my mouse bound to “launch snipping tool” so I don’t miss those “Quick! Take a screenshot!” moments, and I’m a big fan of multiple monitors so you can keep more of your work visible at once.
What do you mean by use?
I doubt you’d need some of those at the same time on a project.
Here’s a few questions that might reveal more tools being used to those answering in here:
do you intercept/simulate/mock data traffic? web or network, do you do something with it?
where do you learn anything from? do you have internal knowledge bases, business and technical experts around you, documentation, requirements and specifications, operating manuals, guides, industry standards and guidelines, …?
what do you test on? you must use some physical tools, like some workstations, multiple monitors to view stuff, embedded systems you configure or program, physical devices with software/firmware, mobile phones?
you might take notes and brainstorm so what about a pen and paper, or a whiteboard or a meeting room with a presentation/share monitor?
we need to communicate as testers, how do you do that? chat systems, boards/ticketing systems, emails, post-its, daily standups, face-to-face?
are there systems in the company where your testing reaches? administration, configuration consoles, tools, systems, interfaces that might be used?
what’s on the systems you use? do you use one or more OS you’re good at, are you able to configure their internals? terminals/shells must be used for some tasks as well, virtual machines, docker/kubernetes clusters reached?
do you code in multiple places, several programming languages and platforms?
do you generate test data? build programs that help test your programs?
what sort of layers is your testing at? do you read/edit/manage code, handle data in the database systems, plug into servers to change configs, manage test environments spinning, do you interact with stakeholders/management often, are you more on the client side regularly checking with them and advocating for them, do you access/test production, are you accessing logs…
I’m surprised that the list of tools is so short yeah, it’s useful to have a list of (not the most popular) tools grouped by purpose/category. I see just 2 tools in the security section, while there are dozens of even popular ones missing.
In most cases, you don’t need tools - you need to understand the basics. Write your own tools, for example, for data generation. I’m using Terraform, PyCharm + Python, a bunch of libs, and Linux commands now - so are they worth mentioning? Understanding the problems and tasks matters more, finding a tool isn’t a big deal.
I just don’t get it when people focus too much on tooling, like, if you need to test an API, you must use Postman or Swagger, or for pentesting, you must use BurpSuite. Sure, Burp is a powerful and popular tool, but you can use lots of other tools or test for SQLi, code injections, or XSS manually.
Share your experience solving problems, improving efficiency using some tools - not just sharing a list of random tools
Thank you Rahul for sharing. I know most of the tool you’ve shared, but some are new to me and will have a look.
On our side, like some other comments we create our own tool, mainly to create simulators (load, customers, failovers…) and help in deployment of test environment / configuration using our Application SDK and/or Powershell.
In security testing, beside BurpSuite, we also use Black Duck. This is integrated in all our pipelines.
Most of our test management is done through TFS, but migrating to Azure DevOps.
API testing, yes Swagger although we are looking for alternative (swagger-typescript-api).
For API testing, we are using Postman, but now looking (switching to) Bruno . API contract test we impleted PactFlow but managed internaly (PactBroker). Smartbear bought PactFlow and now have integrated in a new tool API Hub, but very expensive. We will probly stick with our PactBroker instalment.
GUI we use Playwright (was not impress with Cypress of Katalon) and recently started using Test Complete that can mix Desktop and Web.
For end-to-end we often use NetLimiter to simulate Network conditions.
Component testing mocking with FakeItEasy
Some of our Dev are using xunit to help with Unit Testing in .NET
download and compare data from database to test the change from Oracle to PostgerSql. Highly customizable for different level of depths.
organized download and extraction of our rich client from our CI server for different branches
get data from the database and add it to the Excel specification file for comparison (with some automated checks)
We have automated checks and actions which work via yaml configuration files (being basically API automation). Typically all cases are executed one after another. I created a tool to changes this configuration files so that I can run a subset of them and to some degree in parallel. I often use the to prepare my test server.
And yes, I do typical automation for API and GUI.
But I can do so much more by the development skills I learned by that.
LinkMiner takes broken link checking to the next level. You can now find out more about the links you’re checking so you can make smarter decisions, quicker. Get link & social data on any link on a page, be able to export all links from a page, and even display link data next to each link on the page.
You can also utilize LinkMiner to find out how many total or external links are on the page you’re viewing.
yeah, it’s useful to have a list of (not the most popular) tools grouped by purpose/category. I see just 2 tools in the security section, while there are dozens of even popular ones missing.