Moolya Software Testing Capabilities

The visibility part

Test reporting that clearly communicates the impact of the bug, and how to quickly reproduce it. Your test reports should influence people to take the right decisions.

Test Value

There are three important stakeholders for Testers. The Business, The Product Team (PO and BA), and The Tech (CTO, VP, Dev)

Our goal as Moolya is to be able to cater to all these stakeholders by structuring our test coverage to capture value for all these stakeholders. A bug we find may not be of interest to the tech team but we ferry it across to Product Teams to decide if it needs to be fixed.

To do that, we need to be able to understand their context really well, build strong relationships with them, and influence them with the right information helping the product and the people working on it, succeed.

To do that,

We ask the right questions at the right time, politely and fearlessly
We are tied to the purpose
We do this not sporadically but in a disciplined manner
We communicate really well
We are focused on test coverage
We are mission-focused
We say “I don’t know” when we have to
We care
We don’t do things to please people

The above forms a fundamental to test value from Moolya to stakeholders who hire us.

Also in some contexts, we need to provide more PO value and in others more tech value.

Product value: Feedback to BA and PO on the requirements and usefulness to the business.
Tech value: Feedback to developers on how they can prevent these issues and reporting bugs and observations by deeper technical investigation than surface-level issues.
Test value: Implementing different coverage models.
Customer's customer value: Putting yourselves in the shoes of the users and finding things that the users want and articulating the feedback in a credible way.

Test Coverage

“Cover” means “Enclosing a certain area”
Software, no matter how small - is always complex to test.
Complete testing is impossible for any software.
We can’t cover everything.
Testing is sampling.
Good testing =Right sampling.
Right or wrong is determined by the context.
Test techniques, Heuristics and oracles. = Ways of sampling.
Modelling= Representing complexity in a simpler form.
Tests = Experiments
Test Coverage =
- Skills leading to
- Understanding the context, leading to
- Modelling, leading to
- Techniques, leading to
- Setup, leading to
- Testing, leading to
- Observations, leading to
- Interpretation of results, leading to
- Reports, influencing people

4.1 Effort Web application

Item Effort (Man Hours)

1 Information Gathering 1.1 Determine highly problematic areas of the application

1.2 Construct business logic and data flow

1.2.1 Integrity of the workflow

1.2.2 Users can’t bypass or skip steps

1.2.3 Users can’t perform privileged activities without authorization

2 Checking for Login page 2.1 Session management

2.2 Brute forcing

2.3 Privilege escalation

2.4 Password complexity

3 Perform automated and manual crawling 4 Conduct tests and discover vulnerabilities 4.1 Test for business logic

4.2 Check for version-specific attacks

4.3Form validation Testing

4.4 Security Vulnerability Testing

4.5 HTTP Method(s) Testing

4.6 User Session Testing

4.7 Directory Browsing

4.8 Authentication Testing

4.9 Configuration Management Testing

4.10 Data Validation Testing (All Injections)

4.11 Client-side testing

5 Backend Services Testing 5.1 Broken Object Level Authorization

5.2 Broken User Authentication

5.3 Excessive Data Exposure

5.4 Broken Function Level Authorization

5.5 Injection

6 Report Total (Hours) —

4.2 Effort Mobile application

Item Effort (Man Hours)

1 Information Gathering 1.1 Determine highly problematic areas of the application

1.2 Construct business logic and data flow

1.2.1 Integrity of the workflow

1.2.2 Users can’t bypass or skip steps

2 Assessment/Analysis 2.1 Local File Analysis

2.2 Static Analysis

2.3 Dynamic Analysis

3 Inter-Process Communication 3.1 Endpoint Analysis

3.2 Content Providers Intents

3.3 Broadcast Receivers

3.4 Activities

3.5 Services

4 Exploitation 4.1 Test for business logic

4.2 Check for version-specific attacks

4.3 Security Vulnerability Testing

4.4 User Session Testing

4.5 Authentication Testing

4.6 Configuration Management Testing

5 Backend Services Testing 5.1 Broken Object Level Authorization

5.2 Broken User Authentication

5.3 Excessive Data Exposure

5.4 Broken Function Level Authorization

5.5 Injection

6 Report Total (Hours)

Total (Hours) —-

4.3 Effort Server

Item Effort (Man Hours)

1 Information Gathering

2 Vulnerability Scanning

3 Exploitation

4 Gaining access & privilege evaluation

5 Manual pen-testing

6 Automated tool based pen-testing

7 Privilege Escalations

8 Post exploitation reconnaissance

9 Pivoting threats

10 Compromise Remote users

11 Auditing

12 Report Total (Hours) —

It Involves

1. a.Understanding the metrics
2. b.Identifying right tool for measurement
3. c.Outlining test profiles & designing the tests
4. d.Analyzing test results
5. e.Providing recommendations for improvements
6. f.In case of using a monitoring tool
  1. i.Scheduling tests
  2. ii.Understanding test agents
  3. iii.Monitoring setup
  4. iv.Test run verifications
7. g.Reporting

Accessibility - Compliance Levels

20 Checks	14 Checks
Level A	Level AA	Level AAA
Minimum	General Standard	Stringent
Not great of convenience	Balance between development	People with disabilities
with people with disabilities	and ease of use for people	can easily navigate
	with disabilities	through

- Finding a balance of using components during the development cycle

- Accessibility enabling with inbuilt components of Mobile apps (Android & iOS)

- Understanding accessibility over time and review design components to make the app accessibility friendly

Sample Projects Data > Case studies and documents

Fintech Domain

Ecommerce Domain

Healthcare Domain

Banking/Digital Wallet

Personalized learning ML,AI

Customer Onboarding Workflow

Product Updates At Moolya

At Bugasura, We look at user feedback and reviews to provide pure value and serve them the best we can.

We found out that our users were having trouble with Jira sync. And last week's sprint was all about it.

We got this Big Big Jira Update for you !

Bugasura and Jira are now in complete sync

Mapping Fields: Map both the system and custom fields between Bugasura and Jira.
Auto push: Sync all issues in one click
Pull feature: Changes made to issue details inside Jira, will also reflect in Bugasura.
Auto-sync: Issue details, comments, and attachments are all synced automatically when an already synced issue is changed.

A HOME TO THE CREATIVE TESTER Promoting Passion for Testing.

At Moolya, you don’t ever ask for permission to do something good. We are building a culture where testers support each other to grow while having fun mastering their craft.

We promote original - lateral thinking and inspire our people to be leaders in the testing space, not just leads by designations. These brews innovation in our labs where our testers come together to build a suite of utilities to give shape to their craft and perform tasks that guarantees value in the projects they contribute

Case Studies

With NFTs buzzing around the markets like busy honey bees, Lysto offered Moolya a great opportunity to work for KGFVerse. It is India's first ever metaverse project conceived and launched by Hombale Films Productions as a promotional event for the release of the film: K.G.F Chapter 2 in association with BookMyShow.

Learn More →

Each team and every business we work with comes with their own challenges, and their own story. One such story in the making as we post this is our journey with Collibra. Collibra is a data intelligence and data governance company based in New York, USA. They aim to “make data meaningful” and ease out complex data management.

Learn More →

LIFE AT MOOLYA

A culture built on empowering people.
In Moolya, teams are encouraged to take calls and deliver in an autonomous manner. We concentrate on providing people with the tools they need to deliver and then let them take it from there. Moolya is a place where you can look forward to being free, to being responsible for your actions.

Our Talk Series

Continuous Trust by forward-thinking teams around the world

Mootalk with Guardianlink ft. Jump.Trade
With the IPL scene heating up the Cricket NFTs

With the IPL scene heating up the Cricket NFTs are dropping like Sixes and Fours. But do you know what NFTs are? Catch Mootalks as we discuss the basics of NFTs and why we all should be the part of this dazzling future.

Mootalk with Guardianlink ft. Jump.Trade

The Second Episode of Mootalks discussing how essential it is to build a sense of Community amongst NFT enthusiasts and what can you do after acquiring a digital asset in this enthralling conversation between Abilash and Neha from Jump.Trade

Get in Touch

Website | Phone

Moolya has 200+ stories to share of how it supported hungry
enterprises and start-ups to scale fast with their tech and product.