└── README.md


/README.md:
--------------------------------------------------------------------------------
  1 | # API-testing-docs
  2 | List of resources to go through about API testing
  3 | 
  4 | 
  5 | ## Heuristics / Mnemonics:
  6 | VADER - @LindaSaraRoy - http://europeantestingconference.eu/slides18/Roy.pdf
  7 | 
  8 | POISED - @ambertests - https://www.dropbox.com/sh/58jetbs7plwh6s9/AACZq4vePkIfB1r8s5EgYIZha?dl=0&preview=Race--APITestingWithPostman.pptx
  9 | 
 10 | TATTA - @2bittester - Mark Winteringham: Say TaTTa to Your TuTTu: https://www.youtube.com/watch?v=8SOu3fQ0Dvs and/or https://www.youtube.com/watch?v=VGNxv9ilFbQ
 11 | 
 12 | 
 13 | LHTRAFFIC - @bvccaneer - https://szekar1.wordpress.com/2018/09/11/lhtraffic/
 14 | 
 15 | SPEEDLOADS - @Donbavand - https://danieldonbavand.com/testing-speedloads-api-mnemonic/
 16 | 
 17 | ICEOVERMAD - @northern_tester - http://testingisbelieving.blogspot.com/2013/11/johnny-mnemonic-iceovermad.html
 18 | 
 19 | PAPAS BE @ SFO - @testinggeek - http://www.qualityperspectives.ca/resources/#mnemonics
 20 | 
 21 | DEED HELP GC - @testinggeek - http://www.qualityperspectives.ca/resources/#mnemonics
 22 | 
 23 | DVLA PC - @testinggeek - http://www.qualityperspectives.ca/resources/#mnemonics
 24 | 
 25 | BINMEN (Boundary, Invalid Entries, Nulls, Method, Empty, Negatives) - @gwendiagram & @northern_tester at TestBash Brighton 2017 https://www.ministryoftesting.com/dojo/series/testbash-brighton-2017/lessons/how-to-turn-a-403-into-a-202-at-the-api-party-gwen-diagram-ash-winter
 26 | 
 27 | ## Blog posts / videos / presentations
 28 | 
 29 | **Maaret Pyhäjärvi** - @maaretp - https://dojo.ministryoftesting.com/dojo/lessons/exploratory-testing-an-api
 30 | 
 31 | 
 32 | **Aaron Evans** talk from **onlinetestconf** - https://www.slideshare.net/practitest/testing-web-apps-and-apis (YouTube included!)
 33 | 
 34 | 
 35 | Series of blog posts by **Kristin Jackvony**:
 36 | 
 37 | REST requests - http://fearlessautomation.blogspot.com/2018/02/introduction-to-rest-requests.html
 38 | 
 39 | GET requests - http://fearlessautomation.blogspot.com/2018/02/testing-get-requests.html
 40 | 
 41 | POST requests - http://fearlessautomation.blogspot.com/2018/03/testing-post-requests.html
 42 | 
 43 | PUT requests - http://fearlessautomation.blogspot.com/2018/03/testing-put-requests.html
 44 | 
 45 | PATCH requests - http://fearlessautomation.blogspot.com/2018/03/testing-patch-requests.html
 46 | 
 47 | 
 48 | **Danny Dainton**
 49 | 
 50 | https://dannydainton.com/
 51 | 
 52 | https://github.com/DannyDainton/All-Things-Postman
 53 | 
 54 | 
 55 | **Alan Richardson** - @eviltester:
 56 | 
 57 | Some API Testing Basic - http://blog.eviltester.com/2015/01/some-api-testing-basic-introductory.html
 58 | 
 59 | Automating and Testing a REST API - https://www.compendiumdev.co.uk/page.php?title=tracksrestapibook
 60 | 
 61 | multiple videos from - https://www.youtube.com/results?search_query=api+evil+tester
 62 | 
 63 | 
 64 | **Amber Race**:
 65 | 
 66 | https://www.joecolantonio.com/2016/09/29/api-testing-postman/
 67 | 
 68 | https://github.com/ambertests/explore-with-postman and https://www.dropbox.com/sh/58jetbs7plwh6s9/AACZq4vePkIfB1r8s5EgYIZha?dl=0
 69 | 
 70 | 
 71 | **Katrina Clokie** - @katrina_tester:
 72 | 
 73 | http://katrinatester.blogspot.com/2015/09/api-web-services-microservices-testing.html
 74 | 
 75 | **Mr.Slavchev** - @TheTestingTroll:
 76 | 
 77 | Hindsight lessons about API testing - https://mrslavchev.com/2018/08/06/hindsight-lessons-about-api-testing/
 78 | 
 79 | 
 80 | **Matthew Bretten**
 81 | 
 82 | http://bestofthetest.blogspot.com/2017/11/so-you-can-test-api-what-next.html
 83 | 
 84 | 
 85 | **Bas Dijkstra** - @_basdijkstra: 
 86 | 
 87 | https://techbeacon.com/how-perform-api-testing-rest-assured
 88 | 
 89 | 
 90 | **Lisa Crispin and JoEllen Carter** - @lisacrispin and @testacious:
 91 | 
 92 | https://www.slideshare.net/JoEllenCarter/api-fundamentals-mha2017
 93 | 
 94 | 
 95 | **Mark Winteringham** - https://restful-booker.herokuapp.com/
 96 | 
 97 | 
 98 | ** Matthew Reinbold *** - REST API Notes - https://tinyletter.com/RESTAPINotes/archive
 99 | 
100 | 
101 | Weekend Testing reports on API testing:
102 | 
103 | WTA-70: Exploring REST and API’s with ARC - http://weekendtesting.com/?p=4275
104 | 
105 | WTEU-56 – Security testing for APIs - http://weekendtesting.com/?p=4033
106 | 
107 | WTEU-53 – An Introduction to API Testing - http://weekendtesting.com/?p=3898
108 | 
109 | 
110 | **Other links**:
111 | 
112 | All API blog posts that appeared on 5blogs - https://5blogs.wordpress.com/category/api/
113 | 
114 | API Testing Glossary - https://offbeattesting.com/2018/10/16/api-testing-glossary
115 | 
116 | HTTP API Development Tools - https://github.com/yosriady/api-development-tools/blob/master/README.md
117 | 
118 | API-Security-Checklist - https://github.com/shieldfy/API-Security-Checklist/blob/master/README.md
119 | 
120 | The-Ultimate-Checklist-for-REST-APIs - https://www.kennethlange.com/posts/The-Ultimate-Checklist-for-REST-APIs.html
121 | 
122 | Working with Web APIs - https://launchschool.com/books/working_with_apis
123 | 
124 | Introduction to HTTP - https://launchschool.com/books/http
125 | 
126 | Your API is bad - https://leanpub.com/yourapiisbad
127 | 
128 | Learn REST: A RESTful Tutorial - https://www.restapitutorial.com/
129 | 
130 | REST API description - https://restfulapi.net/
131 | 
132 | API hierarchy of needs - http://apiux.com/2013/05/29/api-hierarchy-needs/
133 | 
134 | How to Build a RESTful API with Authentication in 5 minutes - https://medium.freecodecamp.org/build-restful-api-with-authentication-under-5-minutes-using-loopback-by-expressjs-no-programming-31231b8472ca
135 | 
136 | Abour Accept-Encoding header - https://szekar1.wordpress.com/2020/07/16/mobile-app-testing-maninthemiddle-can-fool-you/
137 | 
138 | List of Open Source tools - https://www.joecolantonio.com/2017/05/16/12-open-source-api-testing-tools-rest-soap-services
139 | 
140 | https://www.inflectra.com/rapise/highlights/api-testing.aspx
141 | 
142 | https://www.loadview-testing.com/blog/what-is-api-testing/
143 | 
144 | https://smartbear.com/learn/api-testing/what-is-api-testing/
145 | 
146 | https://blog.udemy.com/api-testing/
147 | 
148 | https://dzone.com/articles/7-rules-for-rest-api-uri-design-1
149 | 
150 | Microsoft REST API Guidelines - https://github.com/Microsoft/api-guidelines/blob/vNext/Guidelines.md
151 | 
152 | ## API Security
153 | 
154 | https://apisecurity.io/ - learn from other incidents - API Security Newsletter
155 | 
156 | [PL] https://app.getpocket.com/read/3119547314 - testing API security - list of tricks and tips in polish
157 | 
158 | OWASP API Security Top 10 2019 - https://github.com/OWASP/API-Security/blob/master/2019/en/dist/owasp-api-security-top-10.pdf
159 | 
160 | 


--------------------------------------------------------------------------------