Hey @Jainsoumya
ok - I've watched the video - it's a quick presentation to give you the general principles of the vulnerability testing youre able to do in ReadyAPI.
Are you just trying to learn more about this sort of vulnerability testing or do you have specific questions?
Unless you actually put it into practice it wont mean much to you - do you actually need to do some vulnerability testing or are you just trying to learn for when you might have to?
If I wanted to learn this stuff from ReadyAPIs perspective I think the first thing I would do is to have a look at all the different scan types available - e.g. fuzzy matching, cross site scripting, SQL/JavaScript injection, etc., etc. and learn what each of these scans are actually checking for and why. Once you actually know what each of them do - you can then consider your testcases/teststeps in your functional tests and decide which scan types are appropriate to your tests. i.e. as the video indicates - ReadyAPI reuses the functional tests as the basis for the content of vulnerability scans - so say you have json payloads in your functional tests then you wouldnt have any malformed XML scans in your vulnerability tests.
So - you need to know what each of the scans do to determine if theyre going to be required.
Does that help at all?
cheers,
Rich
if this helped answer the post, could you please mark it as 'solved'? Also if you consider whether the title of your post is relevant? Perhaps if the post is solved, it might make sense to update the Subject header field of the post to something more descriptive? This will help people when searching for problems. Ta
