A Monitoring and Testing Framework for Critical Off-the-Shelf Applications and Services

This chapter introduces a framework for testing and monitoring of critical Off-The- Shelf applications and services. It presents an implementation of the framework that allows applying, in a costeffective fashion, functional testing, robustness testing and penetration testing to web services. Obviously, the quality of the tests performed depends on the testing tools used, but this discussion is out of the scope of this work, as the merits of each tool were evaluated and discussed in different works by their authors. The tool instrumented in the testing framework implements a technique targeting the detection of SQL Injection vulnerabilities in web services. During test execution, the testing framework logs raw tests results and prints on the console information on the tests execution. The framework allows users to easily apply functional testing, stress testing, robustness testing and penetration testing to their web services.