Software Quality Assurance Tools and Techniques We Use at Mobindustry
Manual testing is a complex process that requires both the experience of a quality assurance specialist and mobile app testing tools. Learn how to effectively test your software based on our insights
When it comes to manual testing, most people imagine a quality assurance (QA) specialist who clicks the buttons in an application and documents everything that happens, checking all the functions one by one. This isn’t far from the truth, as the most advanced tools of a QA specialist are their brain, analytical skills, and experience.
During manual testing, a specialist needs to execute different techniques to make sure users get exactly what they expect from a software product and don’t encounter errors or app crashes if they express unusual behavior — for example, if they enter invalid data during registration.
Best practice of quality assurance is to combine manual testing with software testing tools
Manual testing is a complex process, especially when a piece of software is large and there are tons of repeating tasks a tester needs to perform manually. In this case, tools can help to accelerate the quality assurance process.
Each QA specialist has their own set of tools. However, all the tools that will be used for a particular project are agreed on with the client. In this article, we’ll be talking about the best QA practices and tools we use at Mobindustry.
API testing: principles and tools
We’ll start with API testing, as an API is one of the most fundamental parts of any software: all elements of a user interface communicate with the back end through an API.
An API, or application programming interface, facilitates the interactions between software components and defines the calls and requests between different forms, web pages, and so on. API testing is important, as it makes sure all requests are correct and lead to the expected results. With an API testing kit, specialists test technologies such as JMS HTTP, databases, and web services.
Here’s how an API works:
- A client makes a request to a certain resource.
- The request is sent to the server that’s able to fulfill it.
- The server finds the requested resource and returns it to the client.
Best API testing tools
Now let’s see what tools a QA specialist can use to make sure all requests in an application are processed correctly, and how to do API testing with these tools.
Postman is the perfect option for fast API testing. It can:
- make and send requests
- save requests in folders and collections for convenient management and analysis
- add parameters to requests
- add milestones to API requests
- send the same requests within different environments
- run request collections via the Collection Runner and use them as automated tests.
The best thing about Postman is that it has a set of tools to enable API sharing and collaboration. With Postman, you can manage users, set up teams, leave comments, and get an advanced version control tool for managing the creation of and testing APIs.
Initially, JMeter was a tool for load testing. However, many QA specialists use it for functional API testing. It features everything for this (and even more) to make the quality assurance process easy and fast.
So, how to perform API testing using JMeter? JMeter is able to automatically work with CSV files, allowing specialists to quickly create unique parameters for tests. JMeter also integrates with Jenkins, which allows you to include API testing into continuous integration processes.
Apart from API quality assurance, JMeter offers:
- fast scope tests
- load testing
- stress testing
- test data generation
- lots of plugins and extensions
- multi-platform support
Fiddler allows you to track, change, and reuse HTTP requests. With Fiddler, you can debug websites. The best part of Fiddler is its variety of plugins and add-ons that allow you to expand its capabilities.
One such add-on, APITest, significantly increases the ability of Fiddler to test behavior of web APIs.
If you need even more than that, you can use the FiddlerCore .NET class library. It allows for more complex testing and can help you create a whole infrastructure for your API testing processes.
Fiddler is a great choice for teams that use .NET languages, as you can use any .NET language to write your tests.
SoapUI is one of the most popular API testing tools in the world, and we use it at Mobindustry as well.
SoapUI allows QA specialists to perform:
- functional API testing
- API mocking
- API performance testing
- security testing
- test reporting.
SoapUI is a convenient console tool that you can use as a SOAP, web services and REST API testing tool. With SoapUI, you can easily open a source document and use the necessary set of functions:
- Fast code generation with the help of Groovy technology
- Fast test creation with a drag-and-drop interface
- Powerful API testing that allows you to upload data from Excel, databases, and files (SoapUI allows you to realistically simulate different types of interactions between a user and an API.)
- Asynchronous testing with an ability to launch complex scenarios
- Security scanning and reuse of tests in just a couple of clicks
Charles is an HTTP/HTTPS traffic monitoring tool that works as a proxy server between a mobile application and its server. Charles records and saves all the requests that run through a connected device and allows testers to edit them.
Charles also has functionality for load testing, allowing you to record and save sessions.
These are the main software testing tools we use for API quality assurance. Next, we’ll review load testing tools.
Load testing is an important part of quality assurance for any digital product. Load testing allows you to see how robust your system is and how it will handle an influx of users. As your user base grows, you’ll need to make sure your app is able to work properly with large numbers of people simultaneously using your software. You can do this using load and performance testing tools.
Load testing analyzes how fast a system responds to an external request. The main principles of load testing are:
1. unique requests. As a quality assurance specialist creates a scenario for load testing, they should pay attention to real-world statistical data, requirements, and expected system behavior. Requests should imitate real situations.
2. response time. Response time is determined as the interval between a request and a response.
3. distribution. A system’s response time depends on its distribution. The number of nodes influences the system’s response time. Each node increases the delay of scan requests. You need to take this into consideration when creating requirements for product performance.
Best load testing tools
We’ve already mentioned JMeter as a tool for API quality assurance; however, initially it was one of the most popular open source load testing tools.
Here are the main advantages of JMeter:
- Absolutely free for all users
- It’s a Java product, so it launches on any system
- Easy to install and launch
- Interface is user-friendly and simple to understand
- All results are visualized
- Can create your own test cases
- Supports HTTP, SOAP, LDAP, JDBC, JMS, and FTP
- Can record all browser sessions
Fiddler is another tool you can use for performance and load testing. It measures the size of a request and a web page, analyzes cached data, and helps to compress it. Fiddler is able to compose web pages and imitate both fast and slow connections.
Cross-browser and cross-platform testing is a part of the quality assurance process that ensures software works correctly in different browsers, on different mobile devices like phones and tablets, and on screens of different sizes.
Cross-browser testing is important for both mobile and desktop apps, and even more so on mobile devices. Because there are so many different devices with different screen sizes and operating system versions, it’s vital to test your app on a variety of devices.
For web applications, it’s important to test in different browsers. The most popular browsers nowadays are:
- Mozilla Firefox
However, when choosing browsers to test on, don’t rely on their popularity alone. It’s vital to learn about your target audience and find out what browsers they use. The same goes for mobile devices: make sure you consider what devices your users have.
Cross-browser testing is a constant process, as new operating system versions come out each year, so you’ll need to constantly adapt your software to them if you want it to stay popular and usable.
It’s not easy to collect all the necessary devices, so at the initial stage of a project, specialists often use different software quality assurance tools. Let’s review the best tools for cross-browser testing.
Best cross-browser testing tools
Browsershots is a cross-browser testing tool that allows you to check how your website looks in different browsers running on these operating systems:
Browsera is one of my favorite tools for testing browser compatibility. It offers limitless possibilities for checking how your product works within the most popular browsers. Browsera stores all scenario errors, allows you to view several browser versions simultaneously, and compares your website mockups on different screens and resolutions.
In Browsera, you can also test dynamic pages. It will even automatically log in to your website before running tests.
Also, BrowserStack allows you to get screenshots of your website on different resolutions: from 800×600 to 2048×1536.
With BrowserStack, you can also test mobile applications in near real-world conditions thanks to the emulation of mobile device features like GPS and network connectivity.
Local debugging tools are quality assurance tools developers usually make themselves. In many mobile development companies, programmers create debuggers for test builds that help them check requests and responses without having to use third-party tools. At Mobindustry, we create local debuggers for some projects.
Android Debug Bridge (ADB) is a console application for computers that helps to debug Android devices and emulators. It’s based on a client–server principle.
ADB can be used by regular users, but more often it’s used by quality assurance specialists to test mobile apps and games. ADB has lots of capabilities, but these are the ones testers use in their work:
- View all devices that are connected to the computer and ready to work with ADB
- Install and uninstall apps from a device
- View device logs
- Transfer files from and to a device
- Format the data folder
- Report errors
- Manage device access rights
This isn’t a complete list of ADB functionality. Though the tool itself is rather simple, it’s useful in mobile device testing.
The main goal of security testing is to find any potential inconsistencies in the system that can become entry points for hackers and cause breaches. Security testing separately checks these parts of software:
- System software
- Client-side application
- Server-side application
There are several types of security checks, including penetration tests. During penetration tests, a quality assurance specialist imitates what hackers would do to infiltrate the system. If you want to learn more about security and penetration testing, read this article.
Here are several tools we use for testing the security of our web and mobile apps.
Security testing tools
Key features of Acunetix:
- Checks WordPress and its plugins for vulnerabilities
- Integrates with WAPs (Wireless Application Protocols) and issue trackers
- Integrates with Jira, Jenkins, GitLab, GitHub, TeamCity, Azure DevOps, and Slack
- Detects SQL injections, XSS attacks, and over 4500 other vulnerabilities
- Available as a cloud solution
- Very low false positive rate
- Detects over 6500 web vulnerabilities
Acunetix offers a different set of tools for small, medium, and large businesses. It has different levels of access so you can securely build your own QA team according to roles.
ImmuniWeb is a great tool for web applications; however, it’s also used by mobile quality assurance specialists. This tool helps to test backend and mobile applications and covers the top 10 OWASP Mobile security risks.
ImmuniWeb checks mobile apps for:
- improper platform usage
- insecure data storage
- insecure communication
- insufficient cryptography
- poor code quality.
ImmuniWeb offers penetration testing with these characteristics:
- SLA of zero false positives
- AI automation
- Enhancements to manual quality assurance
- Patch verification scans
- WAF testing
ImmuniWeb offers a free mobile app scanner that allows developers to:
- verify permissions
- run DAST/SAST testing
- detect privacy issues.
In this article, I shared the most popular web and mobile app testing tools we use at Mobindustry for:
- checking API compatibility
- testing how a mobile or web app will look in different browsers and on different devices
- scanning a web or mobile application for security breaches, network vulnerabilities, and potential points of entry in various plugins and third-party applications.
This isn’t a complete list, as each quality assurance specialist has their own set of favorite tools they use in their work. And of course, use of any tool is agreed on with the client.
Tools allow QA specialists to accelerate their work and automate repetitive tasks. But software must go hand in hand with manual testing for the best results, so make sure your methodology doesn’t rely on tools only.
If you have any questions on how we ensure the quality of our applications at Mobindustry, and how to choose best mobile app testing tools for your project, feel free to contact us.