Software Testing Glossary

Compiler is a program that converts source code into object code. Compiler translates from the high level language to the low one and the program that translates low language to the higher one is a decompiler. Compiler performs such functions as: lexical analysis, preprocessing, parsing, semantic analysis, code generation, and code optimization.

The main component in Bug tracking System is a database; in database the records and facts about bug are kept.

Component Testing is a kind of testing in which every component of the software application is tested separately. It can also be called module testing. It can be done in isolation from the rest of the system.

Condition is an act, event or detail which determines the interest, liability, obligation, etc.

Measures whether each decision point was completed and tested. It’s very close to Brach Coverage as describes the same level of coverage. It’s one of the models of structural testing.

Configuration testing is a testing process that examines and estimates the software performance in the case of various software and hardware configurations. This testing type defines the most effective equipment configuration that provides desired performance parameters.

The predictive value of session identifier allows intercepting the session of other users. Such attacks are performed in the way of prediction and guessing the unique identifier of the user session.

Cross Site Request (XSRF) is a way of attacking website visitors, using lacks of HTTP protocol. When visiting a website created by a hacker, from a user’s face a request is secretly sent on another server (for example, on a payment system server) which is carrying out certain maleficent operation (for example, money transfer on a hacker’s account). To implement this attack, a user-victim must be authorized on that server on which a request is sent, and this request shouldn’t be confirmed by a user and this request cannot be ignored or tampered with the attacking script.

Cross Site Scripting (XSS) – is a type of vulnerability of interactive information systems in the web. XSS appears when user scripts fell into pages generated by the server.  The peculiarity of such attacks is that instead of a direct attack on the server, the hackers use a vulnerable server.

At the moment, XSS makes up about 15% all the detected vulnerabilities. Programmers didn’t pay attention to them for a long time, considering them not dangerous. However, this opinion is false: the data located in the pages or in HTTP- Cookie can be very vulnerable.The mechanism of XSS attack performance can be divided into active and passive.

Passive XSS is understood that the script is not stored on the server of the vulnerable website, or it just can’t be automatically performed in the victim’s browser. In the active XSS, the malicious script is stored on the server and fires in the victim’s browser while opening any page of the infected website.

CVS (Concurrent Versions System) is a software product that belongs to the version control system category. This system keeps the change history of the set of files, as a rule, software source code and makes the team work easier. CVS is popular in the world of open software.