Skip to content
/ Software-Testing--Black-Box--Facebook.com Public

Black box testing using different tools for the Facebook website to find bugs and make test cases.

License

MIT license
1 star 1 fork Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

akshatvg/Software-Testing--Black-Box--Facebook.com

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

4 Commits
dirsearch
dirsearch
 
 
ffuf
ffuf
 
 
unimap
unimap
 
 
.gitignore
.gitignore
 
 
Bug Bounty.pdf
Bug Bounty.pdf
 
 
LICENSE
LICENSE
 
 
Lighthouse Processing.jpeg
Lighthouse Processing.jpeg
 
 
Lighthouse.pdf
Lighthouse.pdf
 
 
Nessus_Advanced-Scan.pdf
Nessus_Advanced-Scan.pdf
 
 
Nessus_Advanced-Web-Scan.pdf
Nessus_Advanced-Web-Scan.pdf
 
 
README.md
README.md
 
 
Recon, tool used- findomain.txt
Recon, tool used- findomain.txt
 
 
ST- Project Review.pdf
ST- Project Review.pdf
 
 
Usability Testing.pdf
Usability Testing.pdf
 
 
Zap_Automated1.png
Zap_Automated1.png
 
 
Zap_Automated2.png
Zap_Automated2.png
 
 
Zap_Automated3.png
Zap_Automated3.png
 
 
Zap_Automated4.png
Zap_Automated4.png
 
 
Zap_Automated5.png
Zap_Automated5.png
 
 
Zap_Automated6.png
Zap_Automated6.png
 
 
dirsearch.txt
dirsearch.txt
 
 
doing-dirsearch.png
doing-dirsearch.png
 
 
doing-ffuf.png
doing-ffuf.png
 
 
doing-findomain.png
doing-findomain.png
 
 
ffuf_response.txt
ffuf_response.txt
 
 
ffuf_response_400.txt
ffuf_response_400.txt
 
 
findomain-few.txt
findomain-few.txt
 
 
findomain.txt
findomain.txt
 
 
unimap-step1.png
unimap-step1.png
 
 
unimap-step2.png
unimap-step2.png
 
 

Repository files navigation

Software Testing (Black Box) for Facebook.com

Black box testing using different tools for the Facebook website to find bugs and make test cases.

White box testing techniques analyse the internal structures the used data structures, internal design, code structure and the working of the software rather than just the functionality as in black box testing. It is also called glass box testing or clear box testing or structural testing.

Since we do not have access to the code of Facebook, we are only conducting black box (functionality) testing.

Dirsearch

git clone https://github.com/maurosoria/dirsearch.git
cd dirsearch 
python3 dirsearch.py -u https://facebook.com -e js,html

OUTPUT: Output File: /Users/akshatvg/Desktop/ST/dirsearch/reports/facebook.com/_21-12-03_01-27-15.txt

Findomain

brew install findomain
findomain -qt facebook.com > findomain.txt

Unimap

git clone https://github.com/Edu4rdSHL/unimap && cd unimap
cargo build --release
cd target/release
sudo unimap --fast-scan -f ../../../findomain.txt

NOTE: It will take a lot of time for this because number of subdomains that we got are in lakhs.

ffug- parameter fuzzing using brute force

git clone https://github.com/ffuf/ffuf && cd ffuf && go get && go build
ffuf -w ../findomain.txt -u https://facebook.com/ -H "Host: FUZZ" -mc 200 > ffuf_response.txt
ffuf -w ../findomain.txt -u https://facebook.com/ -H "Host: FUZZ" -mc 400 > ffuf_response_400.txt

Future Scope

  • Rate limiting: Vegeta to send 100 requests for login to test if the APIs rate limit a user.
  • Stress testing: K6 to check with thousands of users. The servers should auto-scale.

About

Black box testing using different tools for the Facebook website to find bugs and make test cases.

Topics

testing black-box facebook quality-assurance software-testing black-box-testing

Resources

Readme

License

MIT license
Activity

Stars

1 star

Watchers

2 watching

Forks

1 fork
Report repository

Releases

No releases published

Packages

No packages published