OTP#9: The Big List of Naughty String and Interesting Reads

Outside The Parameters (OTP) is a human-authored micro-correspondence focused on sharing Software Testing stuff, every other day..

​_Reading Time: 3 minutes_

​

​Hello Friends,

It's been a long time since you heard from OTP.

A lot of things happened in the background. The previous sequence of 'every other day' was quite tasking to maintain and we lost track of time. OTP is back now, although with a much more loose frequency.

​Let's dive in.

​
📇 The Big List of Naughty String (aka BLNS)

If you have been testing APIs, you must have inputted weird strings into your requests to see what happens when endpoints respond. If you are new to API testing or have never done it - you are in good company.

The Big List of Naughty Strings (BLNS) is an evolving list of strings highly likely to cause unexpected outcomes when used as input data.

Collated and published by Max Woolf in 2015 , the BLNS is a list of 500 strings that can be used to test for server code injection, SQL injection, several forms of script injection, and how systems interpret special characters, emojis, and Unicode.

​Max's list has not been updated in a long time. Also, it contains some dangerous strings that can cause real problems when used.

​You can use a newer list curated by Daniel Miessler via this GitHub repo .

---

​🗃️ More Websites for Testing (Pt. 2)

• ​For Security Testing: Gin and Juice Shop

• ​For Mobile Testing: Sauce Labs Sample Apps

• ​For Web Testing: Test Pages by Evil Tester

• ​For Performance Testing: Simple Travel Agency

• ​For Test Automation: QA Playground

• ​For API Testing - Go REST (https://gorest.co.in/ )

---

​📚 Interesting Reads

• ​Different Approaches to Test Cases by Wayne Roseberry

• ​Explaining Exploratory Testing by Maaret Pyhäjärvi

• ​An Introduction to Contract Testing - Part 1 (Meet the Players) by Bas Dijkstra

• ​Running Playwright tests with Docker on GitLab by Onur Denizhan

---

​🕵 Some Jobs

• ​QA Tester - (Remote) - Softrams (via TestDevJobs )

• ​Senior Quality Assurance Engineer - (Remote) - Ditto (via Otta )

• ​Senior Quality Assurance Automation Engineer - (Remote) - Suvoda (via Joberty )

---

​🧰 For Your Tool Box

​We wrote about the Cypress Dialog Boxes Plugin in our first issue . Well, Ademola Bhadmus , has created a second Cypress plugin. More details about the plugin can be found on the Node Package Manager's website .

---

​🗣️Quotes

​_Testing never ends, it just stops_ - Michael Hunter

---

​📅Events

1. ​Test Fest 2024 : The second edition of TestFest is packed with more activities like an API hackathon.

2. ​'The ABC of Software Testing' Book Launch : A book launch and an owanbe (party) fused in one. The latest Software Testing book is set to be launched with pomp and pageantry.

---

Please help share OTP with your friends, co-workers and ex-colleagues.

Click to share via Twitter , LinkedIn , or Facebook , or use the Share function in the Comments area.

​If visited this post or website directly, you can get your OTP your sub here .