My relationship with add-on(s)
Web browser add-on(s) have been very helpful in my testing activity. When I explored and landed on http://addons.mozilla.org/ I was blessed to be there. I downloaded very few add-on(s) first and then I continued my journey of exploring web browser add-on(s). With the journey, I could see that my web browser was now equipped with handful of web browser add-on(s) and every add-on helped in one or the other way in my testing activity of web application. After few days, I was using Google Chrome more compared to Mozilla Firefox and then thought that, how cool that would be if I had extensions or add-on(s) even for Google Chrome web browser. OMG, yes, I had it even there at http://chrome.google.com/webstore/ Surprising moment for me was, there were almost all the add-on(s) which existed on Mozilla Firefox however, I am more considerate of using Mozilla Firefox because it has more and more powerful ones based on the context of test mission. Then, I created a mind-map of add-on(s), both for Mozilla Firefox and Google Chrome and made it public on Moolya Blog for FREE under GPL (License). You can go to http://moolya.com/blog/2011/03/04/addon-mindmap-for-testers-from-mo... and download the images to your local machine however, I request you to retain the credits and copyright text in the 2 images that you download / share.
Where do I see most / some testers failing?
I have introduced these add-on(s) to many testers so far and very few have been using it consistently and even those are not exploring more apart from what I had said to them. Now, I do not know if they lack passion or interest or time or they do not feel like using them or any other reason they might have. Even I pushed many to use them but, finally I understood that, it has to come from within an individual and cannot be enforced always. When I say this statement, it is based on experience that I had with few testers. Perspectives might change with different individuals.
Software bugs would be very happy to see such testers who are not using add-on(s) and they celebrate. Weapons are there and you are in a war but, soldiers (testers) are not picking up the weapons.
How about picking those weapons and screaming loud against those software bugs – “Bugs, we are coming for you!”
I am still not sure, even after reading this; not many testers would utilize the power.
All this is okay but, enlighten us about the value
There is a great value addition to the project. I can summarize them like below,
Developing your own add-on(s)
I have seen some of the testers asking, “I want to achieve this task, is there any add-on?” and sometimes my answer has been “Nope”. In that case they replied, “Oh (Sad expression)”. I asked them, what are you going to do now and they said, we will not use any add-on and achieve the same but, it might take more time. I said, how about developing one for yourself or your team or to the whole community out there? Till date, not even one has said; yes, I will develop it. I have seen testers having a plan which is not executed at all till date. However, I have chosen to develop an add-on which would do the below,
Here is what I want to achieve through this add-on,
When a URL is provided, that specific web-page source code needs to be crawled and extract all the comments from it and show me in a separate window or tab.
How will this help testers?
With respect to security testing, there shouldn’t be any comments which need to carry any confidential / sensitive information in the web-page which hackers could use.
Now, that’s the first level. Here is much more exciting thing that I want to do, once all the comments are extracted which could be HTML / CSS / JS comments (Make sure you make your code scalable to new commenting styles by making minimal changes to the code instead of making a huge change in the design of your add-on code file), I would have keywords database which would include keywords like,
usrname, username, password, passwd, author, e-mail, admin, administrator, login, adminlogin, moderator, accountlogin and much more keywords which might be sensitive information >>
Above keywords will be again generated by available software(s) in the web. You might want to check out http://packetstormsecurity.com/ for utilities which could help in generating the data (keywords).
Where do I start from?
For developing Mozilla Firefox web browser add-on(s), you can start from –
For developing Google Chrome web-browser extensions, you can start from –
For any questions or clarifications that you might require, please private message me or I would insist on leaving the comment which could be helpful for other STC readers as well.
Have a great add-on'ing.
Add a Comment