Interview Questions on Security Testing

 1. What is Authorization?

•  Authorization means checking permission.
•  Authorization is the process of verifying that a user has the necessary permissions to access a particular resource. 
•  It is typically done by comparing the user's credentials against an access control list to determine if the user is allowed to perform a particular action. 
•  Authorization is an important part of the security of any system, as it ensures that only authorized users can access sensitive data.

2. What is Authentication?

•  Authentication means checking credentials.
•  Authentication is the process of verifying that a person, device, or other entity is who it claims to be.
•  It is usually accomplished through the use of credentials such as a username/password combination, security tokens, biometric data, or a combination of factors. 
•  Authentication is an important component of data security, as it helps to ensure that only authorized users can access sensitive information.

3. Why do we do security testing?

•  To remove vulnerabilities.
•  Security testing is important because it helps ensure that applications, networks, and systems are protected against potential threats and vulnerabilities.
•  Security testing helps ensure that data is secure and protected from unauthorized access, manipulation, and theft.
•  Security testing also helps protect applications, networks, and systems against malicious attacks, and can help detect and identify weaknesses in applications and systems before they can be exploited.

4. Which methods/techniques are used for security testing?

•  XSS and SQL injection.

5. What is “Vulnerability”?

•  Weakness in the web application.

6. Security Tests are created on the basis of:

•  Roles

7. Security Testing is a type of:

•  Review Testing.
•  It involves testing the system to identify any security vulnerabilities that could be exploited and gain unauthorized access to the system. 
•  Security testing is typically done at the end of the software development life cycle.

8. Which symbol is used to test SQL injection?

•  The most commonly used symbol to test SQL injection is the single quotation mark (').

9. What is the full form of XSS?

•  Cross-Site Scripting.
•  Cross-site scripting (XSS) is a type of computer security vulnerability typically found in web applications. 
•  XSS enables attackers to inject client-side scripts into web pages viewed by other users. 
•  A cross-site scripting vulnerability may be used by attackers to bypass access controls such as the same origin policy.

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

How to Extract Text from PDFs with Python Pypdf2?

import encodings
from PyPDF2 import PdfFileReader
from pathlib import Path
import glob
import json
import re
import pymysql

for pdfFile in Path("pdfs").glob("*.pdf"):

# Create pdf file reader object
  pdf = PdfFileReader(pdfFile)

# Grab the page(s)
  page_1_object = pdf.getPage(0)

# Extract text
  page_1_text = page_1_object.extractText()

# Combine the text from all the pages and save as txt file
with open("txts/{}.txt".format(pdfFile.stem), mode='w', encoding="utf-8") as file:
        for page in pdf.pages:
            text = ''
            text += page.extractText()
            file.write(text)
            file.close

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

Retrieve Image as a BLOB from MySQL Table using Python

 # Import the required modules
import mysql.connector
import base64
from PIL import Image
import io

# For security reasons, never expose your password
#password = open('password','r').readline()

# Create a connection
mydb = mysql.connector.connect(
host="host",
user="suriyaparithy",
password="suriyaparithy",
database="database" # Name of the database
)

# Create a cursor object
cursor = mydb.cursor()

# Prepare the query
query = 'SELECT PICTURE FROM PROFILE WHERE ID=100'

# Execute the query to get the file
cursor.execute(query)
data = cursor.fetchall()

# The returned data will be a list of list
image = data[0][0]

# Decode the string
binary_data = base64.b64decode(image)

# Convert the bytes into a PIL image
image = Image.open(io.BytesIO(binary_data))

# Display the image
image.show()

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

Image File stored as a BLOB in MySQL Table using Python

 # Import the required modules
import mysql.connector
import base64
from PIL import Image
import io

# Create a connection
mydb = mysql.connector.connect(
host="localhost",
user="suriyaparithy",
password="suriyaparithy",
database="database" # Name of the database
)

# Create a cursor object
cursor = mydb.cursor()

# Open a file in binary mode
file = open('chemical.PNG','rb').read()

# We must encode the file to get base64 string
file = base64.b64encode(file)

# Sample data to be inserted
args = ('100', 'Sample Name', file)

# Prepare a query
query = 'INSERT INTO PROFILE VALUES(%s, %s, %s)'

# Execute the query and commit the database.
cursor.execute(query,args)
mydb.commit()

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.

Extract text from a single image using Python

#Extract text from a single image using Python
from PIL import Image
from pytesseract import pytesseract

#Define path to tessaract.exe
path_to_tesseract = r'C:\Program Files\Tesseract-OCR\tesseract.exe'

#Define path to image
path_to_image = 'chemical.PNG'

#Point tessaract_cmd to tessaract.exe
pytesseract.tesseract_cmd = path_to_tesseract

#Open image with PIL
img = Image.open(path_to_image)

#Extract text from image
text = pytesseract.image_to_string(img)
print(text)

👋 Hi, I'm Suriya — QA Engineer with 4+ years of experience in manual, API & automation testing.

📬 Contact Me | LinkedIn | GitHub

📌 Follow for: Real-Time Test Cases, Bug Reports, Selenium Frameworks.