TesterHQ - The Evil Tester Blog Aggregator

Aug 15, 2018 - 2 minute read - Evil Tester Exploratory Testing

Exploratory Testing Clean Recon Live Example

Original Blog Posting on [blog.eviltester.com]

TLDR: clean recon - using the app to provide knowledge about the app

Using The Pulper v 1.2 I recorded a live recon session to try and create an example of note taking, model building, risk identification and next action identification.

You can repeat the exercise for yourself and see how you get on.

Using The Pulper v 1.2 I performed a live recon session.

github.com/eviltester/TestingApp/releases

Video:

Reconnaissance Session

I described it as a ‘Clean’ recon. By which I mean:

  • little, to no, prior planning
  • based purely on information provided by the app
  • no tool support
  • unstructured text file for note taking

Other recon types include:

  • Mental
  • Biased/Prompted (Mnemonic, Template, Goal, etc.)
  • Tool Assisted

Note Taking

The note taking makes a difference.

Plain Text allows me to write in any order, with no structure.

Mindmap enforces some structure and can lead to a physical structural model of the app. Mind-map is often good for Prompted recons.

I do other types of recons to build a rich model of the application. I do not rely on a single recon.

I tend to start with a ‘clean’ recon.

Lessons Learned and Actions Identified

I learned:

  • Even a ‘read only app’ has complexity
  • Particularly around data oracles
  • Even in a recon we can spot bugs.

I need to identify:

  • how to compare pages of data in the app
  • how to compare data on different pages within the app

I identified classes of tools I can use to support my testing:

  • link checkers
  • html validators

But I recognise that these test the ‘syntax’ or ‘structure’ but not the semantics of the app e.g. data is rendered correctly, but is the correct data rendered?

I used version 1.2 of The Pulper from https://github.com/eviltester/TestingApp/releases

Exercise

I recommend this, as an exercise for you. Or pick any app you are working on.

You can perform a ‘clean’ recon, even on apps you know well. I programmed The Pulper, I was still able to take a fresh look at it in the recon and I gained valued by doing so.

  • Download version 1.2 of The Pulper from https://github.com/eviltester/TestingApp/releases
  • Perform a clean recon
  • Reflect on your notes
    • What did you find?
    • What did you learn?
    • What risks did you identify?
    • Did you spot any bugs?
    • What will you do next?
    • What tools do you have to research?