Bugged_But_Haapy

Security Testing Basics: Think Like a Hacker, Test Like a QA Security Testing Basics: Think Like a Hacker, Test Like a QA Part of the “10 Days of QA — From Beginner to Expert” Intro — You can build the fastest, most stable application in the world, but if someone can access another user’s data or bypass login with a simple trick — it’s game over. Security testing isn’t about paranoia; it’s about protecting trust. As a QA, you don’t have to be a hacker — but you must think like one. 1️⃣ The Mindset: QA vs Hacker Hackers are curious by nature. They don’t just click buttons — they ask, “What happens if I don’t follow the rules?” A QA should ask the same. When a login says, “Enter your email,” a hacker wonders, “What if I inject something else?” That curiosity — controlled, ethical, and purposeful — is what makes you a better QA engineer. ⚡ QA Tip: The best security testers are those who care about user safety as much as user experience. 2️⃣...

Performance Testing Basics: Speed Matters More Than You Think Performance Testing Basics: Speed Matters More Than You Think Intro — We live in a world where even a two-second delay can make a user close your app and never return. Performance isn’t a luxury; it’s a promise. In this post, we’ll break down performance testing in the most human way possible — through stories, tools, and practical testing techniques you can apply tomorrow morning at work. 1️⃣ What Is Performance Testing? Performance testing checks how your system behaves under different levels of load — whether it’s 10 users or 10,000. It answers one simple question: “Can our app handle real-world usage without slowing down, crashing, or corrupting data?” In short: Load testing: How your system performs under expected user load. Stress testing: What happens when you push it beyond capacity. Spike testing: Sudden traffic surges — like a viral sale. ...

API Testing with Postman & Newman: Beyond Clicks and Collections API Testing with Postman & Newman: Beyond Clicks and Collections Part of the “10 Days of QA — From Beginner to Expert” Intro — You’ve clicked “Send” in Postman hundreds of times — but real API testing is more than watching a 200 OK appear. It’s about trusting data integrity, contracts, and behavior under edge cases. Today we go beyond clicks — into automation, validation and continuous confidence. 1️⃣ What is API Testing Really About? API testing is validating the communication between services. Instead of a UI, you test requests and responses directly — faster, more reliable, and perfect for early feedback. Typical objectives: Confirm status codes and headers Validate response data structure and types Check business rules and edge cases Measure response times and error handling Think of API testing as the X-ray of your application — you se...

Building a Scalable Automation Framework: From Scripts to Systems Building a Scalable Automation Framework: From Scripts to Systems Part of the “10 Days of QA — From Beginner to Expert” 1️⃣ Why a framework, not just scripts? Ask yourself: will the next person who joins the team be able to run and add tests without asking you ten questions? If the answer is no, you don't have a framework — you have a personal script collection. A good framework provides: Consistency — naming, structure, and patterns Reusability — helpers, page objects, fixtures Configurability — run in different environments without code changes Observability — logs, reports, traces Integrability — easy CI/CD and artifact publishing Mentor tip: A framework is as much about developer experience...

Getting Started with Automation: When, Why & How Getting Started with Automation: When, Why & How Part of the “10 Days of QA — From Beginner to Expert” Automation is one of those topics everyone talks about — and few start correctly. In this post I’ll walk you through: deciding what to automate, what to avoid, selecting tools, building a simple test, and how to integrate automation into CI. I’ll show runnable examples in both Python (Playwright + pytest) and JavaScript (Playwright + Cypress) so you can pick what fits your stack. Why automation — the real business case Automation isn’t about being fancy or saving a few clicks. You automate to: Increase confidence — run the same checks consistently on every build Save time — free human testers to do higher-value exploratory work R...

The Art of Bug Reporting & Defect Lifecycle The Art of Bug Reporting & Defect Lifecycle Part of the “10 Days of QA — From Beginner to Expert” If you want your bugs fixed fast, call them by the right name, tell a clear story, and make it easy for the developer to reproduce and resolve the issue. Today we’ll master how to write bug reports that lead to fast fixes, how to triage defects, and how to understand the defect lifecycle so your team spends time solving problems — not arguing about priorities. Why bug reports matter (more than you think) Good bug reports are the communication bridge between QA and engineering. They do three things: Explain what happened and why it's a problem Show how to reproduce the problem reliably Provide context (environment, logs, screenshots) so eng...

Manual Testing Techniques Every QA Must Master Manual Testing Techniques Every QA Must Master Part of the “10 Days of QA — From Beginner to Expert” Manual testing is where many QA careers begin — and where the foundational instincts of a great tester are formed. In this post I'm going to walk you through the techniques I teach new testers: not as abstract theory, but as concrete actions you can apply the next time you test a feature. Expect real examples, checklists, and mini-exercises you can finish in under 30 minutes. Why manual testing still matters Automation is powerful — and we’ll cover it later in the series — but manual testing remains critical for three reasons: Human judgment: Only people notice confusing UX, awkward copy, or unexpected workflows. Early discovery: Exploratory manual tests of...