{"id":16489,"date":"2020-05-29T20:20:43","date_gmt":"2020-05-29T13:20:43","guid":{"rendered":"https:\/\/amonous.com\/?p=16489"},"modified":"2020-05-29T20:20:43","modified_gmt":"2020-05-29T13:20:43","slug":"cac-buoc-kiem-thu-web-application","status":"publish","type":"post","link":"https:\/\/amonous.com\/cac-buoc-kiem-thu-web-application\/","title":{"rendered":"C\u00e1c b\u01b0\u1edbc ki\u1ec3m th\u1eed Web Application"},"content":{"rendered":"
Trong th\u1eddi \u0111\u1ea1i c\u00f4ng ngh\u1ec7 s\u1ed1, th\u01b0\u01a1ng m\u1ea1i \u0111i\u1ec7n t\u1eed ng\u00e0y c\u00e0ng ph\u00e1t tri\u1ec3n d\u1eabn \u0111\u1ebfn c\u00e1c Web Application ( \u1ee9ng d\u1ee5ng Web) c\u00e0ng ng\u00e0y c\u00e0ng tr\u1edf n\u00ean ph\u1ed5 bi\u1ebfn nh\u1eb1m \u0111\u00e1p \u1ee9ng nhu c\u1ea7u c\u1ee7a ng\u01b0\u1eddi s\u1eed d\u1ee5ng. V\u1eady \u0111\u1ec3 c\u00e1c \u1ee9ng d\u1ee5ng Web \u0111\u01b0\u1ee3c ng\u01b0\u1eddi s\u1eed d\u1ee5ng tin d\u00f9ng v\u00e0 \u0111\u00e1nh gi\u00e1 cao th\u00ec ph\u1ea3i qua vi\u1ec7c ki\u1ec3m th\u1eed<\/strong>. Sau \u0111\u00e2y s\u1ebd gi\u1edbi thi\u1ec7u c\u00e1c b\u01b0\u1edbc ki\u1ec3m th\u1eed \u1ee9ng d\u1ee5ng Web<\/em><\/p>\n \u00a0V\u1ec1 m\u1eb7t b\u1ea3n ch\u1ea5t, c\u00e1c \u1ee9ng d\u1ee5ng web c\u0169ng l\u00e0 ph\u1ea7n m\u1ec1m, n\u00ean c\u00e1c lo\u1ea1i ki\u1ec3m th\u1eed \u00e1p d\u1ee5ng cho ph\u1ea7n m\u1ec1m c\u0169ng \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng khi ki\u1ec3m th\u1eed \u1ee9ng d\u1ee5ng web.<\/p>\n Ki\u1ec3m th\u1eed \u1ee9ng d\u1ee5ng Web<\/i><\/b>\u00a0 l\u00e0 m\u1ed9t ph\u01b0\u01a1ng ph\u00e1p \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 x\u00e1c \u0111\u1ecbnh, ph\u00e2n t\u00edch v\u00e0 b\u00e1o c\u00e1o nh\u1eefng l\u1ed7 h\u1ed5ng \u0111\u00e3 t\u1ed3n t\u1ea1i tr\u00ean \u1ee9ng d\u1ee5ng Web. Ch\u1eb3ng h\u1ea1n c\u00e1c l\u1ed7 h\u1ed5ng nh\u01b0 l\u1ed7i tr\u00e0n b\u1ed9 \u0111\u1ec7m, l\u1ed7i \u0111\u1ea7u v\u00e0o, x\u00e1c th\u1ef1c Bypass, SQL Injection, CSRF, XSS. Qu\u00e1 tr\u00ecnh v\u00e0 quy tr\u00ecnh ki\u1ec3m th\u1eed cho m\u1ed9t \u1ee9ng d\u1ee5ng Web s\u1ebd \u0111\u01b0\u1ee3c l\u1eb7p \u0111i l\u1eb7p l\u1ea1i th\u01b0\u1eddng xuy\u00ean nh\u1eb1m \u0111\u1ea3m b\u1ea3o ng\u0103n ch\u1eb7n m\u1ecdi l\u1ed7 h\u1ed5ng v\u00e0 nh\u1eefng nguy c\u01a1 t\u1ea5n c\u00f4ng c\u00f3 th\u1ec3 x\u1ea3y ra.<\/p>\n Ki\u1ec3m th\u1eed ch\u1ee9c n\u0103ng \u0111\u01b0\u1ee3c d\u00f9ng \u0111\u1ec3 ki\u1ec3m tra xem s\u1ea3n ph\u1ea9m c\u1ee7a b\u1ea1n c\u00f3 \u0111\u00fang nh\u01b0 nh\u1eefng g\u00ec b\u1ea1n mu\u1ed1n \u1edf trong \u0111\u1eb7c t\u1ea3 y\u00eau c\u1ea7u kh\u00f4ng, xem c\u00e1c y\u00eau c\u1ea7u v\u1ec1 t\u00ednh n\u0103ng c\u00f3 \u0111\u00fang nh\u01b0 nh\u1eefng g\u00ec b\u1ea1n \u0111\u00e3 ch\u1ec9 ra trong c\u00e1c t\u00e0i li\u1ec7u ph\u00e1t tri\u1ec3n. C\u00e1c ho\u1ea1t \u0111\u1ed9ng ki\u1ec3m th\u1eed bao g\u1ed3m:\u00a0Test all links:<\/em>\u00a0Ki\u1ec3m tra t\u1ea5t c\u1ea3 c\u00e1c link trong trang web c\u00f3 \u0111ang l\u00e0m vi\u1ec7c ch\u00ednh x\u00e1c kh\u00f4ng v\u00e0 \u0111\u1ea3m b\u1ea3o r\u1eb1ng kh\u00f4ng c\u00f3 link n\u00e0o b\u1ecb h\u1ecfng. Ngo\u00e0i ra c\u00f2n c\u00f3 k\u1ebft n\u1ed1i c\u01a1 s\u1edf d\u1eef li\u1ec7u, ki\u1ec3m tra cookies v\u00e0 x\u00e1c minh HTML\/CSS.<\/p>\n T\u00ednh kh\u1ea3 d\u1ee5ng c\u1ee7a trang web \u0111\u01b0\u1ee3c \u0111\u1ecbnh ngh\u0129a l\u00e0 trang web d\u1ec5 s\u1eed d\u1ee5ng, c\u00f3 h\u01b0\u1edbng d\u1eabn s\u1eed d\u1ee5ng r\u00f5 r\u00e0ng, r\u00e0nh m\u1ea1ch, m\u1ed7i trang \u0111\u1ec1u c\u00f3 menu ch\u00ednh v\u00e0 menu n\u00e0y ph\u1ea3i nh\u1ea5t qu\u00e1n. Ki\u1ec3m th\u1eed t\u00ednh kh\u1ea3 d\u1ee5ng, tester c\u00f2n c\u1ea7n th\u1ef1c hi\u1ec7n ki\u1ec3m th\u1eed c\u00e1c \u0111i\u1ec1u khi\u1ec3n chuy\u1ec3n h\u01b0\u1edbng (nh\u01b0 button, text box, text link, bread crum\u2026), n\u1ed9i dung c\u1ee7a trang web ph\u1ea3i d\u1ec5 hi\u1ec3u v\u00e0 th\u00e2n thi\u1ec7n v\u1edbi ng\u01b0\u1eddi s\u1eed d\u1ee5ng.<\/p>\n Ki\u1ec3m th\u1eed b\u1ea3o m\u1eadt cho \u1ee9ng d\u1ee5ng web c\u1ee7a b\u1ea1n r\u1ea5t quan tr\u1ecdng n\u1ebfu d\u1eef li\u1ec7u b\u1ecb r\u00f2 r\u1ec9 ho\u1eb7c s\u1eeda \u0111\u1ed5i s\u1ebd \u0111\u1ebfn l\u1ea1i h\u1eadu qu\u1ea3 v\u00f4 c\u00f9ng nghi\u00eam tr\u1ecdng . V\u00ec th\u1ebf, \u0111\u1ed1i v\u1edbi c\u00e1c \u1ee9ng d\u1ee5ng th\u01b0\u01a1ng m\u1ea1i \u0111i\u1ec7n t\u1eed, li\u00ean quan \u0111\u1ebfn c\u00e1c giao d\u1ecbch ng\u00e2n h\u00e0ng, ki\u1ec3m th\u1eed b\u1ea3o m\u1eadt l\u1ea1i c\u00e0ng quan tr\u1ecdng. Ki\u1ec3m th\u1eed n\u00e0y ph\u1ea3i \u0111\u1ea3m b\u1ea3o r\u1eb1ng c\u00e1c c\u01a1 ch\u1ebf x\u00e1c th\u1ef1c v\u00e0 \u1ee7y quy\u1ec1n \u0111\u1ea7y \u0111\u1ee7 \u0111\u00e3 \u0111\u01b0\u1ee3c \u00e1p d\u1ee5ng.<\/p>\n M\u1ed9t s\u1ed1 test case b\u1ea3o m\u1eadt nh\u01b0 sau:<\/p>\n Tester- Ngh\u1ec1 Hot cho sinh vi\u00ean c\u00f4ng ngh\u1ec7 th\u00f4ng tin<\/a><\/p>\n <\/p>\n \n\n 1. Ki\u1ec3m th\u1eed Web Application<\/span><\/h2>\n
2. C\u00e1c b\u01b0\u1edbc ki\u1ec3m th\u1eed Web Application<\/span><\/h2>\n
Ki\u1ec3m th\u1eed ch\u1ee9c n\u0103ng<\/span><\/em><\/h3>\n
Ki\u1ec3m th\u1eed kh\u1ea3 n\u0103ng t\u01b0\u01a1ng th\u00edch<\/em><\/span><\/h3>\n
\n
Ki\u1ec3m th\u1eed t\u00ednh kh\u1ea3 d\u1ee5ng<\/span><\/em><\/h3>\n
Ki\u1ec3m th\u1eed giao di\u1ec7n<\/span><\/em><\/h3>\n
\n
Ki\u1ec3m th\u1eed hi\u1ec7u n\u0103ng<\/em><\/span><\/h3>\n
\n
Ki\u1ec3m th\u1eed b\u1ea3o m\u1eadt<\/strong><\/span><\/em><\/h3>\n
\n
Xem th\u00eam<\/span><\/h2>\n
\n