Bug Magnet 3.0 now available

Exploratory testing assistant for Chrome and Firefox. Adds common problematic values and edge cases to the context menu (right-click) for editable elements, so you can keep them handy and access them easily during exploratory testing sessions.

December 5, 2017: Bug Magnet 3.0 is now available, bringing a major update that makes the extension significantly more useful, secure and easier to extend. Here are the major changes:

Use the extension easier

Lots of new edge cases: BugMagnet now comes with a ton of new edge cases:

payment card information for most major providers, including Stripe, Paypal, Authorize.net and Braintree
Unicode exploits, such as right-to-left overrides, incomplete joining sequences, case folding
Many more personal names
Most interesting edge cases from Humans vs Computers

No more page reloads: The new version is active immediately after installation on pages that are already open in the browser. The previous version only applied to newly opened pages, which created a bit of confusion for new users. Also, configuration changes apply immediately to all pages, so no need to reload pages after customising the menus.

Simulate different user workflows easily: You can now simulate end-user workflows better by simulating cliboard copy/paste. You can choose whether Bug Magnet directly injects a value using JavaScript, pastes it into a field (in order to trigger additional events) or just copies it into your clipboard so you can decide what to do with a value. This is also useful if you want to use Bug Magnet edge cases in some other apps. For more information, check out Operational Modes.

Better docs: Completely updated and rewritten, we now have better documentation:

Use the extension in more places

Firefox support: The FireFox extension is now fully rewritten from scratch to bring it up to speed with the Chrome extension, and it’s now using the same code base, so the features are the same. The extension works with the latest FireFox 57 (Quantum).

Clipboard integration: You can make Bug Magnet just copy values to your clipboard, to easily try out the edge cases in apps outside the browser, or on web sites that use custom components so direct value injection would not work.

Customise menus more

Deploy common configuration easier: The old extension allowed users to select a local file with custom menu options. That was tedious if you want to deploy it to a whole team, as people had to copy files to individual machines. The new extension has two more ways of adding configuration – from a remote URL and directly pasting in a JSON file.

Remove standard stuff: For users that would like to completely use their own menu structure, you can remove standard options. Click the Customise menus option in the Bug Magnet Menu, then tick the Hide standard menus box.

Pack your own version easily: Bug Magnet now uses webpack to link everything together, moving away from custom packaging scripts, so it is much easier to pack your own version and deploy to the whole organisation. Check out the Developer Guide for more information.

Use it more securely

No more scary permissions: Bug Magnet no longer needs full access to full content on all pages, so no more horrible warnings at the start. The extension also no longer stays running in the background, but instead connects/disconnects from your page after every click.

When you switch the operational mode to simulating copy/paste, Bug Magnet will ask for temporary clipboard access. Switch back to inject values using JavaScript and the permissions will be revoked.

Existing users can uninstall the previous version before re-installing the upgrade to make sure any previous full-access permissions are revoked.

Contribute easily

Set up a local environment easily: The old version used a mix of custom scripts and packaging tools that were popular in 2015. The JavaScript development ecosystem changed significantly over the last three years, so this update required a complete overhaul of packaging and tooling. We now use NPM for easy setup of local development environments (just run npm i).

Develop and test easily: The code is updated to ES6, using Webpack and ESLint that should make it easy for new people to contribute and build their own versions. We use Testem and Jasmine to run tests in Firefox and Chrome directly. The Developer Guide is updated to list how to achieve all common development tasks, such as running tests, troubleshooting test failures. Check out the Github Repository for more information.