1. What is packet capture?
Packet capture is to intercept, resend, edit, and transfer data packets sent and received by network transmission, and it is also used to check network security. Packet capture is also often used for data interception and so on.
2. What to do with packet capture?
No matter what you do, you must first have a clear purpose, then you must clear the scope of your ability, and finally you must have a clear idea. Raw data - filtering - analysis, the basic routine of data processing at this time, the purpose of packet capture is to obtain the desired raw data, after getting the data, we can do the following things:
Analyze data transfer protocols.
Locate network protocol issues.
Get the desired information from the packet.
Modify, forge, and resend the intercepted data packets.
3. Why capture packets?
1. From the perspective of functional testing, view hidden fields by capturing packets
There are many hidden fields in web forms, and these hidden fields have some special purposes, such as collecting user data, preventing CRSF attacks, preventing web crawlers, and some other purposes. These hidden fields cannot be seen on the interface. If you want to detect these fields, you must use a packet capture tool.
2. Understand the content of the protocol through the packet capture tool, which is convenient for interface and performance testing
In terms of performance testing, performance testing is actually a large number of simulated user requests, so we must know the content and characteristics of the protocol in the request in order to better simulate user requests. To analyze the protocol, a packet capture tool is required;
In terms of interface testing, although we try our best to require complete interface documents during interface testing. However, in many cases, the interface documents cannot cover all situations, or because the documents are lagging behind, in the process of interface testing, we still need to use packet capture tools to assist us in interface testing.
3. You need to use the packet capture tool to check the data encryption
In terms of security testing, we need to check whether sensitive data is encrypted during transmission, and we also need to use packet capture tools to check.
4. Handle the dispute over front-end and back-end bug ownership
When we submit bugs, there are often disputes between the front-end (client display) and the back-end (server logic), so we can use the packet capture tool to determine whether it is a data transmission problem or a front-end display problem. If the captured data is If there is a problem, it is generally a back-end problem; if the captured data is correct, it can basically be judged to be a front-end problem.
4. How to capture packets?
Through packet capture analysis, you can better understand the entire system.
Frequent use of packet capture tools to assist testing can give a good understanding of the entire system, such as the relationship between the front and back ends of the data transmission process, and the structure of the entire system. Especially for products with the current microservice architecture, packet capture can better sort out and grasp the relationship between various services in the entire system, greatly increasing the coverage of tests. In addition, it can also improve the understanding of code and HTTP protocol knowledge.
5. Commonly used packet capture tools
1、httpwatch
Httpwatch is integrated with IE and Firefox browsers, but does not support chrome; the Httpwatch interface is clear and intuitive, and you can quickly and easily view cookies, headers, Query Strings and data after sending a request, and can handle multi-page scenarios through page grouping.
2、Fiddler
Fiddler is an independent application that can debug communication between PC, Mac, Linux, and mobile devices. It supports most frameworks, such as Java, .net, and Ruby, and requires proxy settings.
3、wireshark
Wireshark is a professional network monitoring and network protocol analysis tool by capturing network data packets, which can monitor network transmission data in real time and comprehensively see the dynamic information of the entire network.
4、firebug
Firebug is an extension under Firefox. In addition to network analysis, it can also debug all website languages, such as js, HTML, css, etc., and supports various browsers such as IE, Firefox, opera, and safari.
Finally, I would like to share with you some of my learning materials:
the above content should be the most comprehensive and complete preparation warehouse for software testing friends. In order to better organize each module, I also refer to many high-quality blog posts on the Internet. And projects, try not to miss every knowledge point. Many friends rely on these contents to review and get offers from big companies such as BATJ. This warehouse has also helped many learners of software testing, and I hope it can help you .
Follow my WeChat public account below to get it for free! ↓ ↓ ↓ ↓ ↓