User Profile

jweiler

Regular Visitor

Joined 7 years ago

5 Posts

View All Badges

User Widgets

Contributions

Re: Groovy script library
The link http://www.soapui.org/apidocs/overview-summary returns a 404.
6 years ago Place ReadyAPI Questions
3.2KViews
0likes
1Comment
Re: Secure Pro: Add HTTP Request and Response messages to report for failed tests
Absolutely. The actual HTTP error, headers etc. can be essential to the dev team to debug the error. The transaction log export does not have this info either.
7 years ago Place ReadyAPI Feature Requests
815Views
0likes
0Comments
Re: Retain Transaction Log details between sessions
Absolutely!
7 years ago Place ReadyAPI Feature Requests
1.1KViews
0likes
0Comments
Secure reports should have a table of scan type and types of error found for each scan
Generally, once you find SQL Injection or Cross Site Scripting for a parameter, you don't need to know the hundreds of other exploit strings that also worked. The important information for the developers is that parameter x has Cross Site Scripting vulnerabilities or stack trace errors. So a table with 2 columns (scan type, issue type) that had a row for every distinct combination of scan type (e.g. SQL injection) and issue type 'sensitive data returned' or 'stack trace' would be very useful. If some requests worked and some failed the developers can always look at the report for the specific strings, but generally if you are not validating or escaping input, the specific strings that caused the issue don't matter.
7 years ago Place ReadyAPI Feature Requests
Reporting
Secure
797Views
0likes
0Comments
table of content links in Secure Test reports
The Secure test reports can be hunderds of pages. It would be useful to have a table of contents with clickable links to useful sections, like the start of the issues for each scan type.
7 years ago Place ReadyAPI Feature Requests
Reporting
Secure
781Views
0likes
0Comments