Over the years, I’ve really developed a love for breaking stuff…
Whether it’s a code review or blackbox testing of a third-party application, I go into it expecting there to be problems… I might not always know where they are, but I am confident they exist.
In the world of infosec, the mantra is “assume breach”. Well, I apply a similar mindset to testing — “assume bug”.
If all of the tests are pretty green “PASS” messages, I assume it’s only because the tests aren’t extensive enough or missed some edge-case scenario.
I’ll do some more posts in the future about it, but I’m going to start playing with some different testing harnesses and frameworks in the upcoming months and try to see how much I can get out of them. Until then, though, I guess I’ll just stick with my manual testing.