This blog post is continuation of knowledge hub on mobile apps testing and QA team has prepared some of the highlights during the security app testing.
Android
Lucky Patcher is a great Android tool to remove ads, modify apps permissions, backup and restore apps, bypass premium applications license verification, and more.
LogCat - Dalvik Debug Monitor Server (DDMS)
LogCat is integrated into DDMS, and outputs the messages that you print out using the Log class along with other system messages such as stack traces when exceptions are followed
Console - Xcode
Main key benefits:
- View log output in Console
- View log output in Xcode
- View log output on a connected device
- View crash logs on a device
Common (Android/iOS/Window Phone/WEB)
During app testing we use Charles proxy server which allows to monitor http requests/responses, http headers (which contain cookies and caching information) and allows us to emulate our own test requests/responses to/from server, so additional rare cases could be emulated.
Key Benefits:
- SSL Proxying – view SSL requests and responses
- Monitor http/https requests/responses (Android/iOS/Windows Phone/PC/Mac)
Summary:
DDMS, Xcode Console and Charles tools allow to reveal logs/requests/pesponses which might contain security data (logins and passwords). Using them while testing Android/iOS will enable access to app security status. Lucky Patcher is a tool for Android apps and allows us to modify apps permissions, backups and restore them etc.
SEE ALSO:
- How Deep Is Your Testing? The Truth About Apps Impact On File System
- No Shake: Screen Stabilization in Android