Early on in the blog I used to post a lot of links, they were like tweets before twitter. Some are still valid and useful, but the posts are not so I'm collating the stuff I thought useful below:
- Free Software Magazine
- [In]Secure - security magazine
- Software Test & Performance
- Methods & Tools Newsletter
- xunit test patterns
- Peter Alfeld's handy summary of "How to solve it" by G. Polya
- The Portable Freeware Collection
- R, and a useful tutorial series on the IBM site Tools
- Kakeeware Application Monitor displays an application's API calls. freeware for non-commercial use only
- free grep and tail with easy to use GUI on windows, with no install routine they are perfect for your usb toolkit
- sysinternals tools
- evolt.org maintain an archive of installs for old browsers. Perfect for browser compatibility testing
- SoapUI is an open source web service testing tool which can use xpath for expected result checking. Useful for running scenarios through a webservice. Does not require a WSDL. Supports GUI and Command Line invocation and can be easily evaluated via webstart.
- Try exploratory testing of webservices with The Fiddler in reverse proxy mode. Set breakpoints and edit HTTP requests and responses on the fly.
- AutoIt (an opensource GUI scripting language) has an IDE based on Scite which makes it really easy to record, edit and run AutoIt scripts.
- RegularExpressions.info for a great reference site
- The very useful regular expression tester The Regulator
- RegexLib.com is a useful cookbook site for regex
- RegexAdvice.com for regex community assistance.
- Mastering Regular Expressions (amazon [.com] [.co.uk])
- Cross Site Scripting Reference,
- SQL Injection Walkthrough,
- SQL Injection Attacks by example,
- NGSS white papers (pdfs: advanced SQL injection, more advanced SQL injection)
- I'm a broken record. From 2004. Professional Tester magazine put a pdf of my article "Help Yourself" online in their article archive.