Skip to content

Programming jSQL

Jump to bottom
ron190 edited this page Jul 17, 2024 · 84 revisions

Note

jSQL is opened to programmers, contact me directly or open a PR on GitHub.

Review a list of features to implement on Projects page and on Roadmap.

💉jSQL runs on 28k lines of code that can break anytime when code is added therefore it requires tests to prevent regressions.

  1. Unit tests run and process stops if any failure is detected
  2. Then integration tests run, and process also stops if any test fails
  3. Finally a new version is released if all tests pass

Unit tests

Unit testing ensures that lines of code produce the expected result, it warns you when you break something while adding new code.

You run unit tests without any external resource, no database, no API, and you can inspect the lines of code that have been triggered during the tests by using the code coverage reports.

Untriggered code means either it's useless or it does not run as expected.

Integration tests

Integration testing checks that the components interact properly and validate that they access the expected external resources.

The following components must properly communicate during the integration tests on :octocat:GitHub Actions:

  • the View displays the GUI, interacts with Model and runs on VNC screen
  • the injection Model runs with JUnit testing framework and calls Spring APIs
  • the Spring Web server and vulnerable APIs and pages are connected to the databases
  • the databases are in-memory and on 🐳Docker, all available for injection

Release

New releases are automatically uploaded to GitHub when all tests pass and when an administrator approves the release.

The new version is then available to download, also 3rd party platforms like Kali Linux and Packetstorm are pulling the release to share the info on their site.

Generated documentation — Maven site

Every time the code changes and the tests run fine then the Maven docs and metrics are auto-generated and published on GitHub:

  • Javadoc describing classes and methods
  • Surefire and Failsafe reports to review unit tests and integration tests with execution time
  • dependency report listing available version updates, and much more

Note

Open Maven site for detailed metrics describing the internal modules Model and View.

3rd party documentation

External platforms are also triggered on commit and produce additional reports:

Architecture

The following diagram shows the global 💉jSQL architecture, it describes the components that run on GitHub Actions during the CI/CD process:

graph
junit(JUnit Tests)
subgraph "jSQL Injection"
    gui(GUI)
    model("💉Model")
end
subgraph Spring
    apis([/api])
    admin([/admin-page])
end
subgraph Memory
    memory-other[("
        Derby Mckoi
        SQLite H2
        HSQLDB
    ")]   
end
subgraph Docker
    subgraph Apache + PHP
        direction LR
        mysql[(MySQL)]
        shell(["/shell.php"])
        passwd(["/etc/passwd"])   
    end   
end
subgraph Docker2 [Docker]
    docker-other[("
        Cubrid
        Vertica
        Informix Sybase
        SqlServer Db2
        Postgres Mimer
        Firebird Neo4j
    ")]   
end
gui -. "call" .-> shell
mysql -. create .-> shell
mysql -. read .-> passwd
junit -.-> gui
junit --> model
model & gui -.-> admin
model --> apis
apis --> Docker & Docker2 & Memory
Loading
Previous topic: Databases, Next topic: Test scripts
  1. Home
  2. TL;DR
  3. General
  4. Strategy
  5. Insight
  6. Exploit
  7. Window
  8. SQL Engine
  9. Parameter
  10. Preference
  11. Database
  12. Programming jSQL
  13. Test script
  14. Roadmap
  15. Changelog
Clone this wiki locally