One common manual testing method is called "script injection". This involves attempting to inject malicious scripts into various input fields, such as search bars or login forms, and observing the application's behavior. This can help identify vulnerabilities in the application's input validation and output encoding.
Another manual testing method is called "DOM-based injection". This involves manipulating the Document Object Model (DOM) of a web page through the injection of malicious scripts. This can be used to steal sensitive information or manipulate web page content.
Another popular tool for automated testing is OWASP ZAP. This is a security scanner that can be used to automatically test web applications
Example showing how you can block unwanted ad traffic in your Nightwatch JS tests....
Example showing how you can block unwanted ad traffic in your Cypress tests....
Outlining the three different ways to resize the browser in Nightwatch JS with examples....
As a test engineer it is crucial that both happy path and sad path use cases have been considered and fully tested...