How to advertise

Web Site Test Tools and Site Management Tools

More than 530 tools listed in 15 categories

Organization of Web Test Tools Listing - this tools listing has been loosely organized into the following categories:

Load and Performance Test Tools
Page Speed Testing Tools
Mobile Web/App Testing Tools
Visual Regression Testing Tools
Link Checkers
HTML Validators
Web Accessibility Testing Tools
Web Services Test Tools
Cross-Browser Testing Tools/Services
Web Functional/Regression Test Tools
BDD Test Tools
Web Site Security Test Tools
External Site Monitoring Services
Web Site Management Tools
Other Web Test Tools

Note: Categories are not well-defined and some tools could have been listed in several categories; the 'Web Site Management Tools' category includes products that contain: site version control tools, combined utilities/tools, server management and optimization tools, and authoring/publishing/deployment tools that include significant site management or testing capabilities. Suggestions for category improvement are welcome; see bottom of this page to send suggestions.

Check listed tool/vendor sites for latest product capabilities, supported platforms/servers/clients, etc; new listings are periodically added to the top of each category section; date of latest update is shown at bottom of this page.

Also see Web Site Testing FAQ in the FAQ Part 2 for a discussion of web site testing considerations; also see What's the best way to choose a test automation tool? in the LFAQ section; there are also articles about web site testing and management in the 'Resources' section.

Load and Performance Test Tools

GoReplay - Performance testing tool that listens for traffic on production servers and feeds it to test and dev environments. Traffic can be saved and loaded from files. Requires installing daemon on your server(s). Free open source version supports the HTTP protocol, the $pro version supports binary protocols. Pro version supports replaying and keep-alive sessions to ensure that you get the exact same number of connections every time.

OctoPerf - Commercial Saas online platform load testing service for web and mobile applications. Key features include: Record Virtual User, design realistic virtual users, run scenario from multiple locations (Europe, USA and more), analyze bench reports to find performance bottlenecks. Supports Apache JMeter™ - import any JMX project. Customizable and exportable analysis reports.

Apica Loadtest - Offers flexible self service and full service load testing able to test 2MM + concurrent users, through a network of 50+ locations around the world. Test on demand or automate testing throughout development lifecycles. Easily integrated into existing Dev stacks using partnership integrations and REST API. Advanced Features include: AJAX/WebServices, XML/JSON Data Viewer, API data/execution.

Taurus - Open source automation framework in Python for running various open source load testing tools and functional testing tools; hides the complexity of performance and functional tests with an automation-friendly convenience wrapper. Taurus relies on JMeter, Gatling,, Grinder and Selenium WebDriver as its underlying tools.

Locust - Scalable user load testing tool written in Python. Locust is completely event-based, and therefore it's possible to support thousands of concurrent users on a single machine. In contrast to many other event-based apps it doesn't use callbacks, instead using light-weight processes, through gevent. This allows you to write very expressive scenarios in Python without complicating your code with callbacks.

LoadView - Cloud-based, fully-managed performance testing tool from Dotcom-Monitor. Enables users to stress test websites, web apps, and APIs using real browsers—not headless browsers or other emulators. Simulate globally-distributed traffic or local traffic from a single geographic location. Build and deploy test scripts in minutes with on-demand, pay-as-you-go pricing.

Agileload - Load test tool from Agile Load SA for testing all types of web and mobile applications. Features include automatic recording of test scenarios, distributed load injectors, topological and threshold analysis of anomalies, infrastructure monitoring, creation of custom test reports for each user profile. A script storyboard provides a graphical view of test scenarios; the scripting interface enables script customization. Load injectors can be installed on your own network or on the cloud. Report designer tool enables design/configuration of customized load testing reports.

Gatling - Open source stress-testing tool developed in Scala. Focus on support of the HTTP protocol that makes it a tool of choice for load testing any HTTP server. Core engine is protocol agnostic enabling support for other protocols - currently also ships JMS support. Based on an expressive DSL, the scenarios are self explanatory. They are easy to maintain and can be kept in a version control system.

LoadGen - An open source load testing tool by Stanly Thomas and Mythili Vutukuru, developed as a web app. Developed based on fiber, a user-level thread implementation in Java. The tool is useful in scenarios where the requests have high response times. Many existing tools are developed for scenarios with high request rate and quick response times, and fail to keep up with load generation when server response times are high, as the number of outstanding requests becomes very large . Features include regular expression extractor, delay timer which helps in running complex test scenarios. Requires Apache Tomcat, Apache Maven, Java jdk 1.8 or above. Platform independent.

Tsung - Free open-source multi-protocol distributed load testing tool supported by Process-One. Can be used to stress HTTP, WebDAV, SOAP, PostgreSQL, MySQL, LDAP and Jabber/XMPP servers. SSL is also supported. OS monitoring (CPU, memory and network traffic) using SNMP, Munin or Erlang agents on remote servers. XML configuration system; several sessions can be used to simulate different type of users. Dynamic sessions can be described in XML. User think-times and the arrival rate can be randomized using a probability distribution. HTML reports can be generated during the load to view response times measurement, server CPU, etc. Developed in Erlang.

Loadster - Load testing tool from Brickyard Technologies, Inc. oriented to testing websites, web applications, and HTTP web services; includes graphical script editor, live reporting, and unlimited virtual users. Execute multiple scripts simultaneously, with multiple virtual user populations, ramp user load up and down with almost infinite possibilities, simulate network bandwidth for virtual users, adjust or randomize wait times, and add thresholds to fine-tune test inputs. Generate load from your own hardware, or on-demand cloud engines running on 5 continents. Free and $ versions available.

Load Complete - Load, performance, stress, and scalability test tool for mobile, websites, and web apps from SmartBear Software. Capabilities include ability select browser type and connection speed; distribute tests between on-premise, virtual machines, or the cloud; server and browser side reporting; record/playback with ability to replace input parameters with variable values. Can customize different properties for the load test via the tool's UI. Requires Win and IE.

Sandstorm - Load testing tool from Impetus Technologies Inc., supports Web, J2EE, .Net, Android, iOS, BlackBerry, SOA, RIA, NoSQL, Messaging, E-mail. Cloud-based or on-prem. Capabilities include: record/playback with rich and extensible framework for modifications; user interface for dynamic parameter handling; automated cookie handling; Jenkins plug-in. Integrated resource monitoring for most of the popular web, app and db servers.

Load2Test - Performance/load/stress/high availability testing tool from Enteros Inc. Can capture real production workload for playback simulating thousands of users for top down testing or back-end testing at the component layer. Also available in the Amazon EC2, RackSpace or PlatForm Labs cloud environments. Integrated performance management and root cause analysis system automatically collects performance metrics across load test infrastructure and applies cross-component correlation to identify performance degradations and bottlenecks. Targeted platforms/OS's: Load2Test Controller and Test nodes: Win, Linux.

Xceptance LoadTest - Load testing and regression tool from Xceptance Software Technologies, Inc for web and Java and other app load testing. Includes recording capabilities. XLT Cloud Service available. Develope scripts with the Script Developer IDE or code all your tests in Java using WebDriver. Includes Chrome and Firefox plugins that collect client performance data right in the browser. Free; paid support and training is offered.

Blazemeter - Self-service, on-demand, cloud-based load testing. Simulate any user scenario for webapps, websites, mobile apps or web services. Launch a single dedicated server or a cluster of 100. Apache JMeter compatible - pre-configured JMeter environments with up to 144 CPU cores and 500 GB of memory. Set geo locations from among choices worldwde. Set up tests, access test results, view test reports, compare past test reports and more, all on a unitary console. Generate traffic using public cloud providers or install the on-premise load generator software on your own machines and test behind the firewall on your internal network. Free and $paid levels of service. Also has free tools and resources for tips and tricks to optimize website and app performance.

LoadStorm - A web-based load testing tool/service from CustomerCentrix, LLC, as a distributed application that leverages Amazon Web Services to scale on demand with processing power and bandwidth as needed. Tests for web and mobile can be built using the tool in such a way as to simulate a large number of different users with unique logins and different tasks.

Neustar Web Performance - On-demand, self-service, pay-as-you-go service from Neustar enables simulation of large volumes of real browsers hitting a website. Utilizes Selenium. Uses cloud-based real or emulated browsers, AJAX and Flash support. Browser screen shots of errors included in reports.

Load Impact - Cloud-based online load testing service for Web app and API testing from Load Impact AB. Access to distributed network of load generator nodes; can generate load from up to 10 different locations simultaneously. Record user scenarios using Chrome extension or proxy recorder. Script user scenarios in Lua, using Load Impact's IDE with code completion, JSON and XML parsing, data parameterization and more. Can collect backend information such as CPU usage, Memory usage, Disk I/O, Network I/O, plus desired custom metrics available via Nagios plugins, using Load Impact's Server Metric Agents installed on your servers. Free and $ options; free low level load tests for 1-50 simulated users.

Multi-Mechanize - Web performance and load testing framework in python; open source by Corey Goldberg. Requires: Python 2.6 or 2.7.

AppLoader - Load testing app from NRG Global for web and other applications accessible from a Windows desktop; generates load from the end user's perspective. Protocol independent and supports a wide variety of enterprise class applications. Integrates with their Chroniker monitoring suite so results of load testing can be correlated with system behavior as load is increased. Runs from Win platforms.

fwptt - Open source tool by Bogdan Damian for load testing web applications. Import recorded browsing sessions made with Fiddler, which are then used to generate a C# class that can be used directly for tests or modified as needed. Capabilities include handling of Ajax. For Windows platforms.

Curl-Loader - Open-source tool written in 'C', simulating application load and behavior of tens of thousand HTTP/HTTPS and FTP/FTPS clients, each with its own source IP-address. In contrast to other tools curl-loader is using real C-written client protocol stacks, namely, HTTP and FTP stacks of libcurl and TLS/SSL of openssl. Activities of each virtual client are logged and collected statistics include information about: resolving, connection establishment, sending of requests, receiving responses, headers and data received/sent, errors from network, TLS/SSL and application (HTTP, FTP) level events and errors.

StressTester - Enterprise load and performance testing tool for web applications from Reflective Solutions Ltd. Advanced user journey modeling, scalable load, system resources monitors and results analysis. No scripting required. Suitable for any Web, JMS, IP or SQL Application. OS independent.

The Grinder - A Java-based load-testing framework freely available under a BSD-style open-source license. Orchestrate activities of a test script in many processes across many machines, using a graphical console application. Test scripts make use of client code embodied in Java plug-ins. Most users do not write plug-ins themselves, instead using one of the supplied plug-ins. Comes with a mature plug-in for testing HTTP services, as well as a tool which allows HTTP scripts to be automatically recorded.

nGrinder - An open source application for running test scripts written in jython(python running on JVM) across a number of machines. It's internal engine is based on Grinder. nGrinder wraps Grinder's console and agent with a controller and agent, respectively, and extends several features to enable multiple concurrent tests. Consists of a) a Controller that provides a web interface for performance testing, coordinates test processes, collates and displays test statistics, lets user create and modify scripts and b) an Agent that runs processes and threads that put loads on target machines when running in agent mode, monitors target system performance when running in monitor mode.

Avalanche - Load-testing appliance from Spirent Communications, designed to stress-test security, network, and Web application infrastructures by generating large quantities of user and network traffic. Simulates as many as two million concurrently-connected users with unique IP addresses, emulates multiple Web browsers, supports Web Services testing Supports HTTP 1.0/1.1, SSL, FTP, RTSP/ RTP, MS Win Media, SMTP, POP3, DNS, Telnet, and Video on Demand over Multicast protocols.

NeoLoad - Load testing tool from Neotys for web and mobile apps, with clear and intuitive graphical interface, no scripting/fast learning curve (Javascript for most advanced cases). Can design complex scenarios to handle real world applications. Clear and comprehensive reports and test results. Supports latest technologies, including AJAX, FLEX, GWT, Java Serialization, and more. Load test from private lab and from the cloud. Compatibility with mobile applications. Multi-platform. Free edition available also.

QTest - Web and mobile app load testing tool from Quotium Technologies SA. Capabilities include: cookies managed natively, making the script modelling phase shorter; HTML and XML parser, allowing display and retrieval of any element from a HTML page or an XML flux in test scripts; option of developing custom monitors using supplied APIs; more.

httperf - Open source web server performance/benchmarking tool. Provides a flexible facility for generating various HTTP workloads and measuring server performance. Focus is not on implementing one particular benchmark but on providing a robust, high-performance, extensible tool. Source code in C.

WAPT - Load and stress testing tool from SoftLogica LLC, for web, mobile, APIs, etc. Handles dynamic content and HTTPS/SSL; easy to use; support for redirects and all types of proxies; clear reports and graphs. Create tests using a browser or a mobile application; remote, distributed and cloud-based testing; flexible error handling and adjustable pass/fail criteria

Visual Studio Test Professional - A suite of testing tools for Web applications and services that are integrated into the Microsoft Visual Studio environment. These enable testers to author, execute, and manage tests and related work items all from within Visual Studio. Includes Load and Web Performance Testing capabilities.

OpenLoad Tester - Web-based load testing tool from OpenDemand; knowledge of scripting languages not required - web-based recorder can capture and translate any user action from any website or web application.

Apache JMeter - Java desktop application from the Apache Software Foundation designed to load test functional behavior and measure performance. Originally designed for testing Web Applications but has since expanded to other test functions; may be used to test performance both on static and dynamic resources (files, Servlets, Perl scripts, Java Objects, Data Bases and Queries, FTP Servers and more). Can be used to simulate a heavy load on a server, network or object to test its strength or to analyze overall performance under different load types; can make a graphical analysis of performance or test server/script/object behavior under heavy concurrent load.

Siege - Open source stress/regression test and benchmark utility; supports basic authentication, cookies, HTTP and HTTPS protocols. Enables testing a web server with a configurable number of concurrent simulated users. Stress a single URL with a specified number of simulated users or stress multiple URL's simultaneously. Reports total number of transactions, elapsed time, bytes transferred, response time, transaction rate, concurrency, and server response. Developed by Jeffrey Fulmer, modeled in part after Lincoln Stein's, but allows stressing many URLs simultaneously. Distributed under terms of the GPL; written in C; for UNIX and related platforms.

Web Polygraph - Freely available benchmarking tool for caching proxies, origin server accelerators, L4/7 switches, and other Web intermediaries. Other features: for high-performance HTTP clients and servers, realistic traffic generation and content simulation, ready-to-use standard workloads, powerful domain-specific configuration language, and portable open-source implementation. C++ source available. Continuously improved/maaintained since 1998 up to the present.

OpenSTA - 'Open System Testing Architecture' is a free, open source web load/stress testing application, licensed under the Gnu GPL. Utilizes a distributed software architecture based on CORBA. OpenSTA binaries available for Windows.

PureLoad - Java-based multi-platform performance testing and analysis tool from PureLoad Software. Includes 'Comparer' and 'Recorder' capabilities, dynamic input data, scenario editor/debugger, load generation for single or distributed sources.

Load Tester by Web Performance - Load test tool emphasizing ease-of-use, from Web Performance Inc. Supports all browsers and web servers, mobile, AJAX, JSON, web services, XML. Records and allows viewing of exact bytes flowing between browser and server; no scripting required. Can automatically handle variations in session-specific items such as cookies, usernames, passwords, IP addresses, and any other parameter to simulate multiple virtual users. Generate loads locally or in the cloud. Also available is Legion, a free open source load testing tool based on Selenium and javascript.

http-Load - Free load test application from ACME Labs to generate web server loads, from ACME Software. Handles HTTP and HTTPS; for Unix.

IBM Rational Performance Tester - Cloud-based web performance testing from IBM/Rational; has optional extensions for SOA/web services, for Seibel applications, SAP Solutions. Includes tools for root cause analysis and real-time reporting.

Radview's WebLoad - Load testing tool from Radview Software. Test scripting via visual tool or Javascript with enhanced load testing objects and methods. IDE offers correlation, parameterization, response validation, messaging, native JavaScripting and debugging. Built-in support for Web Services/REST: SOAP, Rest, XML, JSON, WebDAV. Handles mobile load testing including ability to record native or browser-based apps directly from the mobile handset. Can integrate with selenium. Correlation engine handles both server-side (such as session id) and client-side (such as time, date) dynamic values - replaced automatically to create unique values for each script run. Run load generators in the cloud - no special licenses needed. More than 80 customizable out-of-the-box reports/graphs with drill-down capabilities

SilkPerformer - Enterprise-class load-testing tool from Microfocus (formerly from Borland, formerly from Segue). Can simulate thousands of users working with multiple protocols and computing environments. Allows prediction of behavior of e-business environment before it is deployed, regardless of size and complexity.

Loadrunner - Load/stress testing tool from Microfocus (formerly HP, formerly Mercury) for web and other applications; supports a wide variety of application environments, platforms, and databases. Large suite of network/app/server monitors to enable performance measurement of each tier/server/component and tracing of bottlenecks.

Return to top of web tools listing

Page Speed Testing Tools

(This section is oriented to tools that focus on client-side performance of web pages; sometimes this is referred to as 'page performance testing' or 'front end performance testing'.)

Google Page Speed Insights - Free online tool from Google for page speed analysis - fetches a url twice, once with a mobile user-agent, and once with a desktop-user agent, and measures how the page can improve its performance for 1) above-the-fold load: elapsed time from the moment a user requests a new page and to the moment the above-the-fold content is rendered by the browser and 2) full page load: elapsed time to the moment the page is fully rendered by the browser. Since the performance of a network connection varies considerably, only the network-independent aspects of page performance are considered: server configuration, HTML structure of a page, and its use of external resources such as images, JavaScript, and CSS. Suggestions for improvement are then provided, in priority order.

ShowSlow - An open source tool that helps monitor various website performance metrics over time by collecting web performance data and showing it in aggregated form for better business understanding. Captures the results of YSlow, Page Speed, WebPageTest and dynaTrace AJAX rankings and graphs them, to aid in understanding how various changes to your site affect its performance. Downloadable version and on-the-web versions available.

Dotcom-Monitor - Web site page performance and monitoring services utilize multiple worldwide locations. using real desktop or mobile browsers. Collects analytics re page speed and performance. When an issue is detected, a traceroute is performed and a screen capture and code snippet are saved for your review. Also provides longer term trend analysis. For IE, Chrome, Firefox, Safari mobile, Android Chrome. Free basic 'Dotcom-Monitor Website Speed Test' available. - Open source website speed and performance tool by Peter Hedenskog collects data from multiple pages on your website; rules-based analysis; results to HTML or Graphite. Timings based on your local machine browser(s); supports Chrome & Firefox. Built on top of YSlow, PhantomJS, Bootstrap.

Webpagetest - An online page performance analysis/testing tool that was orginially developed by AOL for use internally and was open-sourced in 2008, now being developed and supported by Patrick Meenan. The online version is an industry collaboration with various companies providing the testing infrastructure for testing a site from across the globe. Highly configurable. Provides web page content analysis, performance analysis, various performance scores. API's available for scripting.

GTMetrix - Online web page speed analyzer, from Gossamer Threads, Inc. Includes test results from other tools such as Google Page Speed and Yahoo! YSlow, checks one page at a time and provides page preformance analysis report and suggestions for improvement. Capabilities include saving of results over time and trend graphs/reports, automated periodic monitoring/alerting of one or more URL's, monitoring from multiple locations worldwide, etc. Free and $ versions available.

PageSpeed Tools - A family of tools from Google, designed to help optimize website performance. PageSpeed Analysis tools enable web-based analysis of a page and provides feedback to help identify performance suggestions and best practices that can be applied to a site, and PageSpeed Optimization tools can help automate the process.

YSlow - Open source page speed analysis tool originally from Yahoo analyzes web pages and explains why they're slow based on rules for high performance web sites. Available as extension for Firefox, Chrome, Safari, Opera; as bookmarklet on mobile; nodejs: Command line for HAR files powered by Node.JS and NPM; phantomjs; Command line with headless WebKit powered by PhantomJS; nodeserver: Node.JS Server powered by Express. Includes a Performance report card, HTTP/HTML summary, list of components in page and related info, tools including JSLint. Generates a grade for each rule and an overall grade, lists suggested specific changes to improve performance, calculates total size of page for empty and primed cache scenarios, cookie info. Can also view HTTP response headers for any component.

AppViewWeb - Cloud-based page performance analysis/testing tool from AppNeta that provides visibility into the network performance of web applications. Script user actions up to 20 steps with easy to use recorder. Monitor any application, immediately, from multiple global monitors. Store high-detail 5-minute checks for 30 days, and trending performance data for up to a year.

Return to top of web tools listing

Mobile Web/App Testing Tools

Hive CI - Open source tool from BBC to enable connecting your physical devices to a hive and running tests on the same platforms as your users. Hive CI is a CI system built around devices, developed at the BBC from a desire to have a CI system that could understand and manage devices, run tests without manual intervention, and collate and interpret results without having to resort to spreadsheets. Associated tools include HiveMind - a device monitoring and inventory application for Hive-CI; Testmine for Test Result Analytics; and 'Test Tools' - a collection of Ruby gems to help with testing on devices.

SIGOS App Experience - Cloud-based real mobile handset/tablet testing platform from SIGOS enables development, deployment, and testing of content/apps on hundreds of real handset devices in live networks around the world. For manual or automated testing. The mobile handset bank includes devices stationed in the US and many other countries and the agnostic platform hosts a diverse portfolio of worldwide carriers and manufacturers. Any action that can be performed on a mobile device in-hand can be replicated on devices in the cloud. Switch between real global carrier networks and Wifi; capture test results, videos, and screenshots. Automation capabilities provide flexible scripting that enables building of test scripts that work across multiple devices for faster test automation. Quickly develop scripts using GUI-based commands, Java API, other test frameworks including UFT, Appium, IBM Rational, Selenium, AppDome, and others. Public cloud, private cloud, or on-premise. Device planner tool to help prioritize device choices. .

EarlGrey - Open source native iOS white box UI automation test framework that enables you to write clear, concise tests. Access enhanced synchronization features to help to ensure that the UI is in a steady state before actions are performed; automatically synchronizes with the UI, network requests, and various queues; but still allows you to manually implement customized timings, if needed. Provides APIs that allow searching for elements in scrollable containers, regardless of the amount of scrolling required. Works in conjunction with the XCTest framework and integrates with Xcode’s Test Navigator so you can run tests directly from Xcode or the command line.

OpenSTF - STF (or Smartphone Test Farm) is an open source web application for controlling, managing, and debugging smartphones, smartwatches and other gadgets remotely, from the comfort of your browser. Remote control of any device in realtime, using your mouse and keyboard, or even via smartphone. Capabilities also include ability to monitor which devices are connected, who is using which device, and search devices by any specification. Do realtime testing on more than one device, just from your browser. STF was originally developed at CyberAgent Inc. to control a growing collection of more than 160 devices.

Appdiff - Web-based automated regression testing service for mobile apps from Appdif Inc. Requires uploading your app. Appdif bots walk through each new build, checking that signin, menus, buttons, text boxes, all work the same as previous builds. Automatically analyzes every transition in your app's user experience for performance issues and provides pictures and timing information for all areas of app.

Genymotion - Android emulation from Genymobile SAS. Simulate 3000+ virtual device configurations and wide variety of scenarios - more than 40 Android devices; access to all Android version; unlimited app installations. Enables use of app via any device – mobile or desktop. Develop test cases with Java API and automate them with Command line tool or with our Gradle plugin. Other capabilities include: Battery -test your app with various charge levels; GPS - use the GPS widget to easily develop and test your geolocation-based apps; Network emulation, cloning and reset functions, control of your virtual device's Android ID/IMEI/MEID values on the fly, SMS and Call emulation; more. Displays your app on your computer pixel for pixel so that there’s no need to worry about scaling your work from emulator to device.

Kobiton - Mobile cloud platform that enables users to perform manual or automated testing on cloud-based physical iOS and Android devices. Web, app, or hybrid testing. You can install your app and it will be automatically uninstalled after the test session but the test history (session name, description, screenshots, log) will be retained, or can be deleted.

UI Automator - An UI testing framework for Android UI testing across system and installed apps. Provides a set of APIs to build UI tests that perform interactions on user apps and system apps. The APIs enable operations such as opening the Settings menu or the app launcher in a test device. Oriented to writing black box-style automated tests, where the test code does not rely on internal implementation details of the target app. Key features include: a viewer to inspect layout hierarchy; an API to retrieve state information and perform operations on the target device; APIs that support cross-app UI testing; can run UI Automator tests from Android Studio IDE or from the command-line.

Firebase Test Lab for Android - Free service from Google to test your mobile app on a wide variety of devices and device configurations hosted in a Google data center. Uses real production devices that are flashed with updated Android API levels or locale settings that you specify. Captures logs, creates an "activity map" that shows a related set of annotated screenshots, and creates a video from a sequence of screenshots to show you the simulated user operations that it performed. Even if you haven't written any test code for your app, Test Lab can exercise your app automatically, looking for crashes. Robo test analyzes the structure of your app's user interface and then explores it, automatically simulating user activities. If you have written instrumentation tests for your app, Test Lab can also run those tests. Integrated with Android Studio, the Firebase console, and the gcloud command line. You can also use Test Lab with Continuous Integration (CI) systems.

AWS Device Farm - App testing service from Amazon Web Services that lets you test and interact with Android, iOS, and web apps on many physical devices at once, or reproduce issues on a device in real time. View video, screenshots, logs, and performance data. Gesture, swipe, and interact with devices in real time, directly from your web browser. Run the AWS built-in test suite (no scripting required) or customize your tests by selecting from open-source test frameworks like Appium, Calabash, Espresso, etc. Manual testing also.

Firebase Performance Monitoring - Tool from Google that helps you to gain insight into the performance characteristics of iOS and Android apps. You use the Performance Monitoring SDK to collect performance data from your app, and then review and analyze that data in the Firebase console. Performance Monitoring is available for iOS and Android apps that include the Performance Monitoring SDK. You don't need to write any code before your app starts monitoring several critical aspects of app performance: startup time, activity while in the foreground, activity while in the background, and HTTP/S network requests. Performance metrics broken down by country, device, app version, and OS level.

Silk Mobile - Functional mobile test tool from Microfocis that supports all the major mobile platforms, including iOS and Android. Using the innovative recorder, tests can be created in minutes. Tests are represented visually so no coding skills are required, or as actual Java/.NET scripts to enable developer-powered functions such as debugging or refactoring. The Silk Mobile bundle solution includes Silk Test for functional and reliable test automation across platforms and devices; Silk Performer for performance and load testing and Silk Central, a unified platform to design, plan, execute, and track all functional and performance testing practices across devices and platforms.

Automate-On - Automate functional, visual and performance testing of web, mobile applications in multiple Browsers, Devices, OS and Screen Resolutions. Executes test scripts on cloud machines, mobile devices and removes the need for customers to procure, maintain computer systems and mobile devices for testing. Provides comprehensive reporting; Targeted Platforms/OS: Windows, Mac OS, IOS, and Android.

Selendroid - Open source test automation framework for native or hybrid Android apps and the mobile web. Tests are written using the Selenium 2 client API. Can be used on emulators and real devices and can be integrated as a node into the Selenium Grid for scaling and parallel testing. Gestures are supported via the Advanced User Interactions API. Includes a built in Inspector to simplify test case development.

ios-driver - Open source tool for testing IOS native, hybrid, or mobile web apps using the Selenium/Webdriver API. Includes ios-driver Inspector to examine native app elements, similar to Firebug. Can be used as a Selenium grid node - run tests in parallel on the same architecture as for the web.

KIF - KIF (Keep It Functional) is an open source iOS integration test framework. Enables automation by leveraging the iOS accessibility attributes. Builds and performs the tests using a standard XCTest testing target. Like some other iOS test tools, it uses undocumented Apple APIs, thus is appropriate for testing but not prod code. Integrates directly into your Xcode project; tests for KIF are written in Objective C.

Mobile-Friendly Test - Free online test tool from Google analyzes a URL and reports if the page has a mobile-friendly/responsive design. Reports on issues found and suggest mitigation approaches. Extensive mobile/responsive advice and documentation is available via the site.

Remote TestKit - Real device test cloud from NTT Resonant Inc. Enables manual and automated testing on hundreds of different models of real iOS and Android smartphones and tablets. Supports Xcode, Eclipse, HP UFT/QTP, MS Visual Studio, Xamarin, Android Studio, and other developer tools; and M-eux Test, Selenium, Appium, Calabash, Espresso, Robotium, and other test automation tools. After each test run all apps and data are wiped from devices and they are automatically re-initialized. Supports Selenium Webdriver, Jenkins. Many other capabilities include screen/image and video capture, dummy GPS settings, change languages, remote control/device mirroring, more.

TestObject - Real device test cloud from SauceLabs/TestObject GmbH, with hundreds of different real iOS and Android device models, for manual and automated testing for native, web, and hybrid apps. Other capabilities include screenshots, switching system language to test internationalization, support for testing frameworks including Robotium, Espresso and Appium; REST API, Ant and Gradle plugins. Reports include device specifications, logs and screenshots.

Frank - Open source framework for writing structured text iOS app tests (using Cucumber) and have them execute against your iOS application; from Thoughtworks. 'Selenium for native iOS apps' (not for pure web apps). Requires installion of a ruby gem, and compiling/linking the Frank server into the app being tested. Includes a powerful “app inspector” (called Symbiote) that can be used to get detailed information on the running app. Run tests on both the Simulator and Device.

UI/App Exerciser Monkey - Free command-line tool from Google that runs on your emulator or device and generates pseudo-random streams of user events such as clicks, touches, or gestures, as well as a number of system-level events. Enables stress-testing of apps that you are developing, in a random yet repeatable manner. If the app crashes or receives any sort of unhandled exception, or if it generates an application not responding error, the Monkey will stop and report the error.

MonkeyRunner - Free tool from Google provides a python API for writing programs that control an Android device or emulator from outside of Android code. Can write a Python program that installs an Android application or test package, runs it, sends keystrokes and touch events to it, takes screenshots of its user interface, and stores screenshots on the workstation. Oriented to testing of apps and devices at the functional/framework level and for running unit test suites. Can apply one or more test suites across multiple devices or emulators. You can physically attach all the devices or start up all the emulators (or both) at once. Can be extended with plugins.

Android Lint - Free downloadable static code analysis tool from Google that checks your Android project source files for potential bugs and optimization improvements for correctness, security, performance, usability, accessibility, and internationalization. Runs from command line or Android Studio.

Calabash - Free open source framework enables writing and executing automated acceptance tests of mobile apps using Cucumber and Ruby; from Xamarin Inc. Cross-platform, supporting Android and iOS native apps. consists of libraries that enable test code to interact programmatically with native and hybrid apps. Actions can be gestures, assertions, screen shots.

Xamarin Test Cloud - Provides a locally executed, object-based scripting environment for imitating and automating actions a real user would take through a mobile app on iOS or Android, using a test device cloud with over 2,000 real devices to test on. Test scripts can run in parallel on hundreds of devices at a time. Test Scripts can be built in Calabash (Ruby) and C# using Xamarin Studio or Visual Studio. Share code for cross-platform tests between iOS and Android. Screenshots and video playback for every step of every test; performance data (memory, CPU, duration, etc.). Integrates with any CI system.

Crashlytics - Free set of tools from Google/Fabric/Twitter, implemented by instrumenting your iOS or Android app, enables reporting of aggregated as well as detailed information on app crashes in the field during beta testing etc. Includes details about the devices that your apps run on including information such as whether a crash only happens on a specific model or generation of a device, if app only crashes in landscape mode, whether the proximity sensor is always on, is it a memory issue, an issue with specific versions, etc. as well as reports on deep analysis of stack traces. Tool set includes 'Beta by Crashlytics' for managing and distributing beta apps via a single, cross-platform toolset for iOS and Android, including tracking testers progress and issues. Also includes 'Answers' kit which provides critical performance metrics on your app, detailed growth and engagement indicators, etc based on the set of core events and actions of most interest. Included as part of the 'Fabric' toolset; as of 2018 being integrated with Firebase, Google's mobile development platform.

UberTesters - Set of tools from UberTesters Inc. for managing/reporting of iOS/Android app crowdsourced/beta testing. Requires the Ubertesters SDK which can be integrated with many frameworks used for cross-platform development. Once the app is built with the integrated UberTester SDK, distribute your builds/revisions to specified testers using the Ubertesters app that is installed already on the tester's device. Capabilities include in-app bug editing, marking, reporting and user feedback; trcking of all testing sessions in real-time sorted by devices or testers; real time reporting of status of a device and whether it is active, closed or suspended, along with additional device-specific session information and logs; configurable as to which data is captured and conditional logic for filtering. Can integrate with many 3rd party bug tracking systems or use the included bug tracker.

Test Fairy - Mobile beta testing management platform from TestFairy Ltd. for Android & iOS. Multiple channels to send apps to testers - testers can get The TestFairy app and use it to download and install all the apps they were invited to test; web app for those who want to use an app without installing one on their device; can set your project to work in 'strict mode' that will require testers to login before they download your app; or manage via enterprise suite that can be installed on a private cloud on many AWS locations; or where enhanced corporate security is needed, can be fully installed in your lab. Catches any crash and posts it directly to your bug system together with a video that shows what happened prior to crash including CPU metrics, memory, GPS, device info, logs, and crash reports. Testers can submit feedback/bug reports via various means including from within the app by shaking their phone, by using the TestFairy native Testers App.

HockeyApp - Set of tools from Microsoft for managing/reporting of app crowdsourced/beta testing. For mobile and desktop apps; Android, iOS, Mac OS X, Win, Cordova, React Native, Unity, Xamarin. Requires integrating the open source HockeyApp SDK then uploading your app build to HockeyApp. Testers can then download and install the app and then create support requests, file bugs, or post feedback right from within your app. Can send crash reports automatically or with user interaction or add custom metadata and log files. Reports include metrics showing which devices were tested, which testers used the app for how long, which language was tested, etc. Data export API for connecting to your own or third-party services.

TestDroid - Suite of mobile application testing tools/services for test automation and manual testing, from Bitbar Technologies. Mobile device testing cloud for unlimited device concurrency with thousands of real Android and iOS device models. Support for open source frameworks including Appium, XCUITest, XCTest, Espresso, Calabash and more. Container-based infrastructure enables scaling local tests with your own frameworks in the TestDroid device cloud. Enables optimization of DevOps toolchains with out-of-the-box integrations or use TestDroid's APIs to connect your own services for alerting, bug tracking, continuous integration and delivery. Available via public cloud, private cloud, or on-premise.

eggPlant Mobile - An image-based, low-overhead, non-invasive black-box test automation tool for mobile. From TestPlant Inc. Based on a combination of eggPlant Functional and TestPlant's mobile VNC servers that enables testing on mobile apps on iOS, Android, and other real devices. The image-based UI testing approach can reduce the effort of cross-device and cross-platform mobile software testing.

Monkop - A cloud-based automated iOS and Android testing service using real devices, provides insights about performance, security, usability, and functionality over a large device lab containing representative brands, OS versions, screen sizes, and configurations. Requires only an upload of your app .apk/.ipa. Utilizes automatic learning, monkey testing and application disassembly techniques in order to run different levels of tests on different devices. Reports include response time and resource consumption (cpu, memory, data transfer, battery, etc.), security scan results and suggestions, results of exerciing app looking for crashes, compatibility and layout issues. Can also run your own automation scripts for each device. Has APIs to integrate with CI.

Maveryx - Test automation tool for Android and Java, C/C++, .NET, VB, Web apps from Maveryx srl. Utilizes runtime GUI Inspection & Objects Recognition capabilities. The object search engine supports exact and fuzzy matching algorithms to identify test objects in the UI, even in case of partial or approximate matching, misspellings and synonyms or if the objects have changed since test creation. Supports data-driven tests via Excel, CSV and XML files and data retrieval from any database and from INI, TXT, HTML files and others. Support for keyword-driven testing through Excel spreadsheets and XML files; offers a rich set of built-in keywords to rapidly develop robust test scripts. Supports JUnit assertion-based verification points, distributed testing, plugin for Eclipse, creation of custom extensions/plugins. Open source version written in java from 2011 is available on Sourceforge.

Clang Static Analyzer - Open-source source code analysis tool that finds bugs in C, C++, and Objective-C programs. Can be run either as a standalone tool or within Xcode; intended to be run in tandem with a build of a codebase. Implemented as a C++ library that can be used by other tools and applications.

Roboelectric - An open source Android unit test framework that modifies Android SDK classes so you can test your Android app inside the JVM on your workstation in seconds, without the overhead of an emulator.

TestArchitect - Test automation tool from LogiGear for native/hybrid apps on Android/iOS, and Web, Windows and Java applications. Tests can be executed on multiple local devices via USB and Wi-Fi, or on devices hosted by cloud-based mobile testing partners. Multi-touch gestures, access to the physical device buttons, and command-line execution are fully supported. Image recognition allows for testing of standard apps as well as games with fast, 3D, interactive graphics. A small footprint communication client is placed on the mobile device. Create objective-driven test flows by utilizing either the action recorder, by action drag & drop from the built-in library, or by simply typing in actions into the easy-to-use spreadsheet-like test editor. Connect to, and interact with databases of SQL-conversant DBMS systems as well as static data files such as Excel, XML, JSON and PDF. Supports Android/iOS, IE, Firefox, Chrome, Safari, WebView, HTML5. Custom actions can be created using C#, C++, JAVA, or Python.

Appium - An open source test automation framework for driving native, mobile web and hybrid apps on iOS mobile, Android mobile, and Windows desktop platforms using the WebDriver JSON wire protocol. Supports a sub-set of the Selenium WebDriver JSON Wire Protocol. Appium is a server written in Node.js. Client libraries include Ruby, Python, Java, PHP, JavaScript, C#(.NET). Appium can be installed via NPM or by downloading Appium Desktop

SeeTestMobile - Mobile application test tool from Experitest Ltd., for iOS and Android. Can be used on both emulators as well as real devices and covers visual testing, functionality testing and speed performance. Digital Assurance Lab enables web and mobile app testing with access to a centralized hub of desktop browsers, real iOS and Android devices, and simulators; available as Software-as-a-Service (SaaS) or as an on-premise deployment. Tests can run singlyu or in parallel. SeeTestMobile incorporates image recognition and self-learning algorithms. Test recording can take place utilizing real devices - plug real device in to desktop via USB. Utilizes self-learning diagnostic and matching algorithms and a modular self-enhancing image recognition technology. Editable scripts using included IDE. Free and paid versions available.

Ranorex Studio - A Windows GUI-based test automation framework from Ranorex GmbH for testing many different application types including mobile test automation. Supports a wide variety of technologies, platforms, integrations, and browsers. Directly record tests on your device. Utilize the Ranorex API and create robust test automation projects entirely in C# or VB.NET. The IDE includes test project management, integration of all Ranorex tools (Recorder, Repository, Spy), intuitive code editor, code completion, debugging, and watch monitor. Endpoint panel UI provides a central command center to set-up and manage endpoints as well as configure their environments. Utilize Ranorex Agents on remote machines to deploy multiple Ranorex tests for remote execution in different environments, using different system configurations and operating systems.

M-eux - Mobile apps test automation software from Jamo Solutions; recognizes the GUI elements of the mobile device resulting in test cases that are device model independent and re-useable across different versions of the service/application under test. Integrates with existing environments such as Eclipse, QuickTest Professional and Visual Studio.

KIF iOS Integration Testing Framework - Open source iOS integration test framework enables automation of iOS apps by leveraging accessibility attributes that the OS makes available for those with visual disabilities; uses undocumented Apple APIs (like many iOS testing frameworks). Tests are written in Objective C, allowing for maximum integration with code while minimizing layers to build. Integrates directly into iOS app, so no need to run additional web server or install additional packages. Automation done using tap events where possible.

UI Automation - iOS Developer Library - An Apple JavaScript library to write test scripts that exercise an iOS app’s UI elements while the app runs on a connected device. Write tests in JavaScript, calling the UI Automation API to simulate user interaction; returns log information to host computer. Also see the UI Automation Javascript Reference.

GSAutomation - An open source Javascript extension/wrapper on iOS UIAutomation to make test scripts more robust and easier to write and maintain; contributed by Hulu. Can define test tasks in simple javascript arrays, and have them execute with helper methods.

Instruments for Xcode 4 - Part of Apple's XCode developer toolkit for building Mac iOS (and OS X) applications. Many testing, profiling, and analysis capabilities include enabling easy creation of ad-hoc test harness by recording and playback of user interactions, OpenGL ES for tracking iPhone graphics performance, memory allocation monitoring, Time Profiler on iOS for collecting samples with very low overhead, complete System Trace for insight into how all system processes interact, more. Also in XCode is iOS Simulator, which enables running an app similar to the way it would run in an actual iOS device; can check that network calls are correct, and that views change as expected when phone rotates; can simulate touch gestures by using the mouse.

CQ Lab - The Continuous Quality Lab (CQ Lab) from Perfecto Mobile is a cloud-based web and mobile app testing platform made up of solutions that enhance building, testing, and optimizing monitor app usability and performance. Perform side by side functional and real-user condition testing across thousands of devices. Leverage the automation frameworks and IDEs you already use, including Selenium, Appium, UFT, Eclipse, and Visual Studio.

Digital Test Coverage Optimizer - Tool from Perfecto Mobile to help select devices to test your app(s) against - generate a prioritized list of the mobile devices you should test against. Select your target location(s), device type(s) and OSs, and the Optimizer will do the rest. The test coverage grader helps build a custom mobile app test strategy.

Robotium - Open source Android test automation framework with full support for native and hybrid applications, from Renas Reda/Hugo Josefson/Jayway; available as java source or jar file. Can integrate with Maven, Gradle or Ant to run tests as part of continuous integration.

Intent Fuzzer - Free Android testing tool from NCC Group (formerly Isec Partners); often finds bugs that cause the system to crash or performance issues on the device. The tool can either fuzz a single component or all components. It works well on Broadcast receivers, and average on Services. For Activities, only single Activities can be fuzzed, not all them. Instrumentations can also be started using this interface, and content providers are listed, but are not an Intent based IPC mechanism.

Dynatrace Real User Monitoring for Mobile & Web Apps - An on-demand mobile monitoring solution from Dynatrace (formerly Compuware and Gomez), to accelerate identification, diagnosis and resolution of mobile Web, SMS and application performance and availability problems. Provides a unified view of mobile and Web performance and availability. Utilizes thousands of different 'mobile devices': tests are performed by the Dynatrace testing agents deployed on mobile nodes. Mobile nodes are a globally distributed set of computers connected to wireless carrier networks via attached wireless modems and provide a realistic measure of the mobile Web experience. Supports all major phone platforms.

Return to top of web tools listing

Visual Regression Testing Tools

BackstopJS - Open source tool automates visual regression testing of your responsive web UI by comparing DOM screenshots over time. Render with Chrome Headless, Phantom and Slimer. Simulate user interactions with ChromyJS and CasperJS scripts. Fast inline-CLI reports; CI Integration with JUnit reports; detailed in-browser reports; test html5 elements like webfonts and flexbox. Use as a standalone global app, a standalone local npm script or import into your node app.

Depicted—dpxdt - Open source tool for comparing before and after webpage screenshots for each release. Depicted shows when any visual, perceptual differences are found. Includes a local command-line tool for doing perceptual diff testing; an API server and workflow for capturing webpage screenshots and automatically generating visual perceptual difference images; a workflow for teams to coordinate new releases using pdiffs; a client library for integrating the server with existing continuous integration. Built for portability; server runs with SQLite, MySQL, behind the firewall, etc.

FBSnapshotTestCase - An open source visual testing tool; a "snapshot test case" takes a configured UIView or CALayer and uses the renderInContext: method to get an image snapshot of its contents. It compares this snapshot to a "reference image" stored in your source code repo and fails the test if the two images don't match. From Facebook. For iOS and OSX.

Gemini - Open source utility for regression testing the visual appearance of web pages. Can test separate sections of a web page; can include the box-shadow and outline properties when calculating element position and size; can ignore some special case differences between images (rendering artifacts, text caret, etc.); gathers CSS test coverage statistics. Works with multiple browser types. Requires a webdriver server implementation and C++ compiler.

Kantu Web Automation - Test automation tool from a9t9 Software GmbH; enables automation of any website by taking screenshots. Includes a command-line interface and API to automate more complicated tasks and integrate with other programs or scripts. For Win, Mac, Linux.

CSSCritic - A lightweight open source tool for regression testing of Cascading Style Sheets. Checks your current layout constantly against a reference image you have provided in the past. If your layout breaks (or simply changes - CSS Critic can't tell) your tests fail. For Firefox and Chrome only. By Christoph Burgmer/Thoughtworks

Phantom.css - Open source screenshot comparison library. Takes screenshots captured by CasperJS and compares them to baseline images using Resemble.js to test for rgb pixel differences. PhantomCSS then generates image diffs to help you find the cause. By James Cryer and Huddle development team.

Resemble.js - Open source tool for analyzing and comparing images with Javascript and HTML5. by James Cryer and Huddle development team.

Applitools Eyes - Automated cross-browser visual web and mobile testing tool from Applitools with an advanced image-matching engine. Verify that the GUI appears correctly across all devices & browsers. Easily integrated with existing frameworks such as Selenium, Appium, IBM Rational Quality Manager, and cloud testing environments. Visual self-explanatory logs; visual test playback.

Wraith - Open source screenshot comparison tool, created by developers at BBC News, for regression testing of web page appearance/layout. Uses a headless browser to create screenshots of webpages on different environments (or at different moments in time) and then creates a diff of the two images; the affected areas are highlighted in blue. Requires ImageMagick and a headless browser. Takes screenshots of your webpages, runs a comparison task across them, outputs a diff PNG file comparing the two images and a data.txt file which contains the percentage of pixels that have changed, and packages all into a gallery.html, ready for review. If any screenshot's diff is above the threshold specified in your configuration file, the task exits with a system error code (useful for CI). The failed screenshot will also be highlighted in the gallery.

SikuliX - This is the currently-maintainted version of the original Sikuli, an open source visual technology to automate and test GUI's. Initially developed at the User Interface Design Group, MIT Computer Science and Artificial Intelligence Laboratory (CSAIL); more recent development by Raimund Hocke and open source community. Sikuli Script automates anything you see on the screen without internal API's support; and includes Sikuli IDE, an integrated development environment for writing visual scripts with screenshots easily. You can programmatically control a web page, a desktop application, or even an iPhone or Android app running in a simulator or via VNC. Though not available for mobile devices, it can be used with the respective emulators on a desktop or based on VNC solutions. Can script with Python 2.7 (internally used interpreter Jython 2.7), Ruby 1.9 (internally JRuby 1.7.x ) or Java programming and programming/scripting with any Java aware programming/scripting language (Jython, JRuby, Scala, Clojure, …). Requires a valid JRE or JDK Java. For Windows, Mac, and some Linux/Unix.

eggPlant Functional - An image-based, low-overhead, non-invasive black-box test automation tool. Does not reside on the system-under-test and is technology agnostic, so it can test in many situations that other tools cannot by using image capture and advanced search techniques. Does not interact with the underlying code, and can test any application including those that can cause problems for other tools such as Flash, Silverlight, etc. Test many languages including Chinese, Russian, and Japanese with full OCR capabilities. For Win, Mac OSX, or Linux.

Ghost Inspector - Web visual testing and monitoring tool. Tests are easy to create with a Chrome extension recorder, which records clicks, form submissions and more, for which you can then set assertions that must be made for your test to pass. Or you can create tests via a clean and simple UI. Tests can run continuously from the cloud and alert you if anything breaks. Log in to evaluate results and watch full video of the test, check console output from the browser, screenshots, and even a visual comparison of any changes that have occurred since the last test run. You can set a threshold anywhere from 1% to 90% for screenshot comparisons, and if the screenshot has changed by that amount, it is flagged as a failure and you're notified; provision is provided for ignoring expected changes.

Screenster - Image-based functional and regression test automation service for web apps using screenshots on each step comparing them to baseline, allowing verification of changes or lack of changes to UI. Differences are detected between a baseline and regression run screenshots, and are visually highlighted on screen. Tester can approve the difference as expected change, ignore it from future comparison for dynamic parts of the UI, or designate as a failed test. Full access to Selenium API when needed.

Browsera - Cloud-based automated browser compatibility testing - automatically checks and reports cross-browser layout differences and javascript errors. Can automatically crawl site to test entire site; can handle sites requiring login. Reports detail which pages have potential problems - quickly see the problems indicated as each screenshot is highlighted in the problematic areas.

Browsershots - Free online cross browser/OS comparison testing. Choose browser OS, browser, and versions of interest and submit URL and site responds with a collection of screen shots.

Return to top of web tools listing

Link Checking Tools

LinkChecker - Free tool that runs on Python 2 systems; recursive and multithreaded checking and site crawling output in colored or normal text, HTML, SQL, CSV, XML or a sitemap graph in different formats HTTP/1.1, HTTPS, FTP, mailto:, news:, nntp:, Telnet and local file links support restriction of link checking with regular expression filters for URLs. Also handles Username/password authorization for HTTP and FTP and Telnet; honors robots.txt exclusion protocol; Cookie support; HTML5 support.

Dead Link Checker - Online link checker can crawl and scan entire site or single pages. Free version available; also paid auto-checker versions available that can be scheduled daily, weekly, or monthly.

Dr. Link Check - Free online checker from Wulfsoft. Crawls site and checks links; the link check is currently limited to a maximum of 1,000 found and checked links. When this limit is reached, the check stops automatically.

Online Broken Link Checker - Free online link checker; shows the location of problematic links in your HTML; reports error codes (404 etc) for all bad URLs; free version has a 3000-page limit, $paid version has no limit; free version has no limits on number of hyperlinks within webpages.

Broken Links at a Glance - Free online broken link checker for small web sites (up to 1000 pages), by Hans van der Graaf.

Checkerr - Simple website tester/link checker from GardeMatic Ltd. Start from a dashboard and drill down to any errors. Every error is represented as an error card, with help inline; includes broken link highlighter. Free and $$ plans available; Free plan includes up to 20,000 URLs, delayed manual tests, email alerts upon test finish.

Check My Links - A Chrome extension Link Checker from Paul Livingstone. It highlights in browser window which links are valid and which are broken. HTTP response codes and URLs of broken links are published in the Console log. (Found in: 'Chrome > Tools > Javascript Console' or Ctrl+Shift+J).

SpringTrax - Link checking tool from SpringTrax, Inc.; JavaScript tracker code to monitor every visitor. Runs constantly; every 404 error is immediately analyzed and prioritized; email notifications.

LinkTiger - Hosted link checker; free and $pro versions. Capabilities include e-mail alerts, dashboard, reporting; canned reports or create rich custom reports. Scans PDF, CSS, Flash and MS Office files, flash-animation.

Link Checker Pro - Downloadable link check tool from KyoSoft; can also produce a graphical site map of entire web site. Handles HTTP, HTTPS, and FTP protocols; several report formats available. For Win platforms.

Web Link Validator - Downloadable link checker from REL Software checks links for accuracy and availability, finds broken links or paths and links with syntactic errors. Export to text, HTML, CSV, RTF, Excel. Freeware 'REL Link Checker Lite' version available for small sites. For Windows.

Site Audit - Low-cost on-the-web link-checking service from Blossom Software.

Xenu's Link Sleuth - Downloadable freeware link checker by Tilman Hausherr; supports SSL websites; detects and reports redirected URL; Site Map; for Windows.

Linkalarm - Low cost on-the-web link checker from Link Alarm Inc.; free trial period available. Automatically-scheduled reporting by e-mail.

Alert Linkrunner - Downloadable link check tool from Viable Software Alternatives; evaluation version available. For Windows.

W3C Link Checker - Link checking service run by the WWW Consortium (the folks who set web standards); configurable. Handles one URL at a time. PERL source also available for download.

Big Brother - Open source command-line link checker for Unix, Windows, by Francois Pottier. Available as source code; binary available for Linux.

LinkLint - Open source Perl program checks local/remote HTML links. Includes cross referenced and hyperlinked output reports, ability to check password-protected areas, support for all standard server-side image maps, reports of orphan files and files with mismatching case, reports URLs changed since last checked, support of proxy servers for remote URL checking. Distributed under Gnu General Public License. Has not been updated for many years.

(Note: Many of the products listed in the Web Site Management Tools section include link checking capabilities.)

Return to top of web tools listing

HTML Validators

Total Validator - Downloadable Java-based desktop tool validates HTML / XHTML / WCAG / Section 508 / Links / Spelling; for Win/MAc/Linux. HTML validation against the W3C Specifications; accessibility validation against the WCAG (1.0 and 2.0) and US Section 508 standard; checks each page for broken links; spell checks (English, French, Italian, Spanish, German). 1-click validation if using the Firefox or Chrome extension. Free and pro versions.

Site Check - Free online tool from Jens Meiert; type in one URL and automatically run HTML and stylesheet validators,accessibility assessment, link check, load time check, and more. Organizes access to a collection of free online web test tools. Also lists a wide variety of free online web analysis/development/test tools.

Rocket Validator - Service that automatically validates HTML, CSS and Accessibility on any size site. Only need a starting URL; a summary and detailed report is produced. Deploy hooks compatible with Heroku, Netlify, Github Pages, Engine Yard, Cloud66, and other hosting platforms. Can schedule for periodic automated validations. Can validate large sites and can submit an XML sitemap to specify a subset of pages to validate.

RealValidator - Downloadable shareware HTML validator based on SGML parser by Liam Quinn. Unicode-enabled, supports documents in virtually any language; supports XHTML 1.0, HTML 4.01, HTML 4.0, HTML 3.2, HTML 3.0, and HTML 2.0 ; extensible - add proprietary HTML DTDs or change the existing ones; fetches external DTDs by HTTP and caches them for faster validation; For Windows.

HTML Validator - Firefox add-on, open source by Marc Gueury. The validation is done on your local machine inside Firefox and Mozilla. Error count of an HTML page is seen as an icon in the status bar when browsing. Can validate the HTML sent by the server or the HTML in the memory (after Ajax execution). Error details available when viewing the HTML source of the page. Based on Tidy and OpenSP (SGML Parser). Available in 17 languages and for Windows and other platforms.

CSE 3310 HTML Validator - HTML/XHTML/CSS syntax checker for Windows from AI Internet Solutions. Supports wide variety of standards; accessibility (508) checking; uppercase/lowercase converter, link checking, spell checking. Free 'lite' version. For Windows.

Web Page 'Purifier' - Free on-the-web HTML checker by DJ Delorie allows viewing a page 'purified' to HTML 2.0, HTML 3.2, HTML 4.0, or WebTV 1.1. standards.

W3C HTML Validation Service - HTML validation site run by the WWW Consortium (the folks who set web standards); handles one URL at a time; Can choose from among 30 character encoding types, and multiple HTML and XHTML document types/versions.

W3C CSS Validation Service - CSS validation site run by the WWW Consortium (the folks who set web standards); handles one URI at a time; or upload file or validate by direct input.

Web Page Backward Compatibility Viewer - On-the-web HTML checker by DJ Delorie; will serve a web page to you with various selectable tags switched on or off; very large selection of browser types; to check how various browsers or versions might see a page.

HTML TIDY - Free utility as a console application for Mac OS X, Linux, Windows, UNIX, and more.; originally by Dave Raggett. For automatic fixing of HTML and XML errors, formatting disorganized editing, and finding problem HTML/XML areas. Available as source code or binaries.

(Note: Many of the products listed in the Web Site Management Tools section include HTML validation capabilities.)

Return to top of web tools listing

Web Accessibility Testing Tools

(This section is oriented to tools that focus on web site accessibility; note that other web testing tools sometimes include accessibility testing capabilities along with their other testing capabilities.)

Deque AXe - Free accessibility testing tool that runs in web browser - extension for Chrome or Firefox. Also available - download aXe-Core source code from GitHub repo. Supports IE, Chrome, Firefox, Safari. Other accessibility testing tools from Deque include: WorldSpace Comply - automated testing tool for performing enterprise-level accessibility audits, for compliance needs of organizations with large, dynamic websites, provides advanced reporting, monitoring, and management of accessibility issues against industry standards or customized guidelines; WorldSpace Attest - automated accessibility testing solution for developers - by integrating it into existing development and testing processes, can easily find and fix 50% of errors during development. Based on a powerful and low-impact JavaScript rules library - runs on your local development server in same browser as your functional or unit tests. Current framework integrations include Selenium, Cucumber, QUnit, and more.

AChecker - Free online tool checks single HTML pages for conformance with accessibility standards to ensure the content can be accessed by everyone. Can check by providing a URL or by pasting in HTML. Configurable options include: HTML Validator, CSS Validator, Guidelines to Check Against (such as WCAG2, Section 508, etc). Report formats: View by Guideline or View by Line Number.

Accessibility Developer Tools - Chrome extension from Google adds an Accessibility audit, and an Accessibility sidebar pane in the Elements tab, to Chrome Developer Tools. Audit results will appear as a list of rules which are violated by the page (if any), with one or more elements on the page shown as a result for each rule.

Complicance Sheriff - Tool for testing site accessibility from Cyxtera. Includes Mobile Web Best Practices and Mobile Accessibility guidelines.

Tenon - A web-based app and API from Tenon LLC that facilitates accessibility testing of web-based products and services. Tests are performaned via the API which can be integrated into your existing toolset/workflows - whichever IDE you use, or CMS you use, or automated build and deploy tool you use, or what you use for unit testing, acceptance testing, or issue tracking. Enables catching and fixing accessibility issues before they happen, not after, and allows you to release accessible code from the beginning. API can test using Document Source or URL. Based on WCAG 2.0 & Section 508.

Readability Test Tool - Free online site readability test from WebpageFX - just enter a URL, or directly enter text. Provides a score for the most used readability indicators: Flesch Kincaid Reading Ease, Flesch Kincaid Grade Level, Gunning Fog Score, Coleman Liau Index, Automated Readability. Index (ARI). Results include explanations of each item. Relates to Guideline 3.1 of the Web Content Accessibility Guidelines (WCAG 2.0).

Readability Test - Free online test tool from JuicyStudio - enter URL and site will assess readability based on Gunning Fog, Flesch Reading Ease, and Flesch-Kincaid reading level algorithms.

Image Analyzer - Free online test tool from JuicyStudio - enter URL and site will assess image width, height, alt, and longdesc attributes for appropriate values.

CynthiaSays Portal - Free web content accessibility/508 validation tool; checks one page at a time. Designed to identify errors in content related to Section 508 standards and/or the WCAG guidelines. The CynthiaSays portal is provided by Cryptzone North America Inc., ICDRI, and the Internet Society Disability and Special Needs Chapter.

WAVE - Free web accessibility evaluation online tool provided by WebAIM. It is used to aid humans in the 508 web accessibility evaluation process. Rather than providing a complex technical report, WAVE shows the original web page with embedded icons and indicators that reveal the accessibility of that page. Also available is the WAVE Firefox toolbar allowing evaluation of web pages directly within your browser.

Color Contrast Analyzer - Free downloadable tool from the Paciallo Group to help determine the legibility of text on a web page and the legibility of image based representations of text, can be used as a part of web accessibility testing. It is primarily a tool for checking foreground and background colour combinations to determine if they provide good colour visibility. It also contains functionality to create simulations of certain visual conditions such as colour blindness. Determining "colour visibility" is based on the Contrast Ratio algorithm, suggested by the World Wide Web Consortium (W3C) to help determine whether or not the contrast between two colours can be read by people with colour blindness or other visual impairments. For Win and Mac platforms.

Color Contrast Checker - Color Contrast Checker for accessibility from WebAIM at the Center for PErsons with Disabilities at Utah State University (who also provide the WAVE Web Accessibility Evaluation tool).

CheckMyColours - Free online tool by Giovanni Scala for checking foreground and background color combinations of a page's DOM elements and determining if they provide sufficient contrast when viewed by someone having visual color deficits. Based on algorithms suggested by the W3C.

Color Oracle - Free downloadable tool from Bernhard Jenny - color blindness simulator for Window, Mac and Linux. Shows in real time what people with common color vision impairments will see. Applies a full screen color filter to visuals you are designing – independently of the software in use.

JAWS - Screen reading software from Freedom Scientific; for Win platforms. Can be used for Web 508 accessibility testing.

NVDA - NonVisual Desktop Access (NVDA) is a free and open source screen reader for win platforms developed by NV Access. Support for over 20 languages and the ability to run entirely from a USB drive with no installation. Can be used for 508 accessibility testing.

PDF Accessiblity Checker - Downloadable freeware app assists in checking for problems with PDF files on the web, from Access for All, a Swiss non-profit. PDF docs on the web often present challenges for the visually impaired. Supports both experts as well as end users conducting accessibility evaluations. Based on the Matterhorn Protocol (for PDF) which utilizes a collection of Checkpoints and Failure Conditions for accessibility assessments. For Win platforms.

Return to top of web tools listing

Web Services Test Tools

Rest-Assured - Open source Java DSL for easy testing of REST services. Provides several authentication mechanisms. Supports any HTTP method but has explicit support for POST, GET, PUT, DELETE, OPTIONS, PATCH and HEAD and includes specifying and validating e.g. parameters, headers, cookies and body easily

Traffic Parrot - A stubbing, mocking and service virtualization tool that helps find more bugs by simulating hypothetical situations. Can be used for both manual exploratory and automated testing. Can manually craft the virtual service based on request/response pairs or create them by recording traffic between your app and the backend or third party system. Designed for automation with Selenium, JBehave, Cucumber, JUnit and similar. Designed to integrate with Continuous Integration environments (Jenkins, Teamcity). Free and paid options available

Karate - Karate open source tool enables scripting of a sequence of calls to any kind of web-service and asserting that the responses are as expected. Easy building of complex request payloads, traversing of data within the responses, and chaining data from responses into the next request. Payload validation engine can perform a 'smart compare' of two JSON or XML documents without being affected by white-space or the order in which data-elements actually appear, and you can opt to ignore fields that you choose. Express expected results as readable, well-formed JSON or XML, and assert in a single step that the entire response payload (no matter how complex or deeply nested) - is as expected Scripts are plain-text files and require no compilation step or IDE. Java knowledge is not required. Requires Java 8 and Maven.

API Fortress - Web-based API testing platform, from Patrick Poulin. From dev to live monitoring, all without having to write any code. Can generate a test from a spec file (Swagger/OAI, RAML, API Elements, WSDL), a Postman Collection, a payload, or your Apiary or TIBCO Mashery accounts. With over 65+ assertions built into the drag and drop interface, tests can be built quickly. With each test execution the platform saves the metrics. Know the latency and download times of every call, from various locations globally. True performance test, not just a ping test. Cloud-based or on-premises solution - entire platform can be deployed internally with a Docker container. Reporting - each test generates a detailed report that is saved in the platform, with a breakdown of every object, and pass/fail info. When there is an issue, the report contains a snapshot of the header information and the payload.

HTTPie - Open source python user-friendly curl command-line alternative with intuitive UI, JSON support, syntax highlighting, wget-like downloads, extensions, etc. Consists of a single http command designed for painless debugging and interaction with HTTP servers, RESTful APIs, and web services. Includes sensible defaults, expressive and intuitive command syntax, colorized and formatted terminal output, built-in JSON support, persistent sessions, forms and file uploads, HTTPS/proxies/authentication support, Linux, Mac OSX, and Windows support. Created by Jakub Roztocil.

Frisby.js - Open source REST API testing framework built on node.js and Jasmine BDD framework that makes testing API endpoints easy, fast. Requires node.js and NPM to be installed on your system, and is installable as an NPM package. Frisby tests start with frisby.create with a description of the test followed by one of get, post, put, delete, or head, and ending with toss to generate the resulting jasmine spec test. Has many built-in test helpers like expectStatus to easily test HTTP status codes, expectJSON to test expected JSON keys/values, and expectJSONTypes to test JSON value types, among many others. Has an option that generates test run reports in JUnit XML format compaitlble with most CI servers. By Vance Lucas.

Restlet Client - Chrome extension for REST API Testing. Visually create and run single HTTP requests as well as complex scenarios. Main functions include: API Invocation and Interaction - through an intuitive browser interface, make calls to HTTP APIs to validate their functional behavior, testing different parameters and values without writing a program or script; Create and run unit tests as well as complex API scenarios decorated by assertions to validate your APIs; Variables can be passed from one response to the next request; API Automation - API scenarios and tests execution can be easily done with Maven plugin which you can integrate to your CI/CD. Save calls history, locally or to the cloud, and organize it in projects; build dynamic requests with custom variables, security and authentication.

Runscope Radar - API test automation service from CA Technologies (formerly Runscope Inc.) for automated testing and monitoring of APIs and backend services. Build tests that verify services are returning expected data and receive notifications when things go wrong. Works with their API Traffic Inspector. Free and paid plans available.

Assertible - Tool for continuously testing your web services. HTTP requests are made to application's staging or production environment and assertions are made on the response to ensure your APIs and websites are running as expected. Free and $paid options.

JSON Pretty Print - A simple online JSON pretty printer - just paste and click.

Bench Rest - Open source Node.js client module by Jeff Barczewski for easy load testing/benchmarking of REST (HTTP/HTTPS) API's using a simple structure/DSL. Can create REST flows with setup and teardown and returns (measured) metric (average, total, min, max, histogram, req/s) can be used with CI server. Ability to automatically handle cookies separately for each iteration; automatically follows redirects for operations; errors will automatically stop an iterations flow and be tracked. Allows pre/post processing or verification of data. Allow iterations to vary easily using token subsitution.

sinon.js - Standalone JavaScript library by Christian Johansen; supports test spies, stubs and mocks. No dependencies, works with any unit testing framework. A helpful library for unit testing your code. Has cross browser support and also can run on the server using Node.js.

Sandbox - Web services mocking - automatically generate mock REST and SOAP webservices, from specs or codify behaviour from scratch - start simple with JSON or XML canned responses. Services can be made "intelligent" so app under test can make API calls needed to get similar behaviour back as it would from the actual component. Debug API calls with request inspector, see exact request and response data, down to HTTP level. Fault injection to simulate real application behaviour. Use your Apiary, Swagger, WDSL, or RAML API documentation to auto generate mock webservices. Free for up to 5000 requests. Source also available at on Github.

Dyson - Fake API server as Node app. Enables defining of JSON endpoints based on a simple template object. Capabilities include dynamic responses and status codes based on request path, GET/POST parameters, Cookies; includes random data generators. Supports GET, POST, PUT, DELETE, PATCH (and OPTIONS); CORS; delayed responses; required parameter validation.

Canned - Fake API server as Node app, by Philipp Fehre, supports basic REST-APIs; maps a folder structure to API responses.

Mocky - Free service - enables basic mocking of your HTTP responses to test your REST API; advanced mode enables custom headers.

Mockable - Configurable service to mock out RESTful API or SOAP web-services - enables quick defining of REST API or SOAP endpoints, and have them return JSON or XML data. Comprehensive Administration API - Integrate build tools with the service Mockable; admin is programmable. Control mocks using the REST API - provides 100% of the features of Mockable. Import from your API documentation straight into Mockable online - supports many well-known API description: RAML, Apigee, Swagger, Mashable for REST mocks. Import from WSDLs for SOAP mocks. Namespace aware - have your mocks on your own domain. Each space serves a domain on You can have as many spaces (domains) as you need. Mocks can also be served on your company DNS domain. Free and paid account types.

MockServer - Open source tool by James Bloom enables mocking of any server or service that you connect to over HTTP or HTTPS, such as a REST or RPC service. Useful for testing to easily recreate all types of responses. Isolate the system under test to ensure tests run reliably and only fail when there is a genuine bug, not due to dependencies and irrelevant external changes such as network failure etc. Set up mock responses independently for each test to ensure test data is encapsulated with each test, easily maintained, and avoid tests dependent on precursor tests. Enables more efficient development by providing service responses even if the actual service is not yet available or is still unstable. Available as: stand alone fully contained Netty web server, a deployable WAR that runs on any JEE web server, a fully encapsulated Docker container, or a Vert.X module that runs on a Vert.X. Or build and run MockServer directly from source code

Betamax Open source tool for mocking external HTTP resources such as web services and REST APIs in tests, by Rob Fletcher. Intercepts HTTP connections initiated by your app and returns recorded responses. The first time a test annotated with @Betamax is run any HTTP traffic is recorded to a 'tape' and subsequent test runs will play back the recorded HTTP response from the tape without actually connecting to the external server. Tapes are stored to disk as YAML files. Although written in Groovy Betamax can be used to test apps written in any JVM language so long as HTTP connections are made appropriately. Can proxy HTTPS traffic as well as HTTP - howeverf since Betamax needs to the request content and response it is not actually a valid secure proxy. (It will only work if the certificate chain is broken.)

WireMock An open source java library for stubbing and mocking web services, by Tom Akehurst. Unlike general purpose mocking tools it works by creating an actual HTTP server that your code under test can connect to as it would a real web service. Supports HTTP response stubbing, request verification, proxy/intercept, record/playback of stubs and fault injection. Has a JSON API enabling use with other languages. Ccan be run as a standalone service for unit tests or deployed into a servlet container to enable it to be installed into a dev/test environments.

REST-driver Open source Test Driver in java to test your RESTful services and clients. Includes 2 libraries: a REST server driver - for testing your RESTful service, and a REST client driver - for testing your RESTful client & mocking remote services

Parasoft SOAtest - Web services test tool from Parasoft. Automatic test creation from WSDL, WSIL, UDDI, HTTP traffic. Capabilities include WSDL validation, load and performance testing; graphically model and test complex scenarios. Data-driven testing through data sources such as Excel, CSV, DB queries, etc. Handles more than 120 message types.

Postman - Free app for Mac, Windows, Linux or as Chrome extension to create/test API requests quickly. Formatted API responses for JSON and XML; HATEOAS support; image previews; request history; basic and OAuth 1.0 helpers; key/value editors for adding parameters or header values -works for URL parameters too. Use environment variables to easily shift between settings - good for testing production, staging or local setups.

Advanced REST client - Chrome extension to create/test API requests. Integrated with Google Drive; convenient HTTP headers and payload editor; JSON & XML response viewer; help with filling HTTP headers (hint + code completion); add headers list as raw data or via form; remember latest request (save current form state and restore on load); history support; data import/export.

REST Test - An open-source native in-browser tool for testing REST/CORS services. Builds on jQuery and Bootstrap. by Jeroen. Requires browser with HTML5 supoort

LoadUI Pro - API load testing tool from SmartBear Software. Simulate traffic via load agents that can generate load from Windows or Linux-based nodes using a mix of either on-premise or cloud traffic. Virtualize external APIs that don't allow or handle load tests very well. Can reuse existing SoapUI Pro functional tests. For Win, Linux, OSX.

SoapUI - Free open source source desktop app from SmartBear Software for inspecting, invoking, developing, simulating/mocking and functional/load/compliance testing of SOAP-WSDL and REST web services over HTTP. Testing can be done both interactively in soapUI or within an automated build/integration process using the soapUI command-line tools. REST discovery via recording interactions with API and automatically create test suites for an API based on the interactions. Data driven testing via the DataSource TestStep to read and loop test data from external sources, including Excel, XML, JDBC, and Files. Mocking for both REST and SOAP APIs. Implement an entire MockService and deploy to a standard servlet container - Apache Tomcat, GlassFish, or any other - using the advanced Deploy As War feature. SoapUI Pro paid version with more extensive features available also.

Fault Factory - API-level fault injection tool from Extradata Technologies; injects HTTP/SOAP/Socket faults into an application - no code changes, no proxies required. Injects two types of faults: socket API failures and arbitrary HTTP responses (that can be used to imitate a wide range of conditions, including SOAP faults). Can be used standalone or in combination with a debugger. Language-neutral. For Windows platforms.

XML-Simulator - Black-box test tool from Elvior for applications using asynchronous XML messaging to communicate with different systems. Customizable to support any XML protocol. Java application, runs on multiple OS's.

SOAPSonar - Web services client simulation for service testing - for functional, automation, performance, compliance, and security testing; from CrossCheck Networks. Flexible Test Types - JSON, SOAP, XML, EDI, Batch, REST, etc - all variable-enabled and can be linked together for complex business scenario testing. Automation framework for creation and enforcement of rules for assessing pass/fail characteristics of each transaction - includes database and environment. Concurrent Virtual Clients - independent loading agents aggregate statistics for througput, latency, and TPS. Ramp-up, ramp-down, and weighted scenarios. Vulnerability Analysis includes dynamic XSD mutation security testing with automatic boundary condition testing. Risk assessment and risk mitigation extensible rule framework. Available as free personal edition, pro edition, server edition

ServiceV Pro - Dynamic mocking and service virtualization tool from Smartbear Software. Decouple your own process from time constrained access to external systems, quickly isolate bad actors and poor performers during integration and load testing. Enables developing and testing before your actual API is deliverable, enables testers to have control over simulated responses and error handling, and better deal with versioning problems and speed up resolution during continuous integration cycles. Supports HTTP, REST, SOAP, JMS and JDBC. For Win/Linux, OSX.

WebInject - Open source tool in Perl, by Cory Goldberg, for automated testing of web services and apps. Can be used to unit test any component with an HTTP interface (JSP, ASP, CGI, PHP, AJAX, Servlets, HTML Forms, XML/SOAP Web Services, REST, etc) or can be used to create a suite of HTTP level functional or regression tests. Can be used as a complete test framework controlled by the WebInject User Interface (GUI) or can be used as a standalone test runner (text/console application) which can be integrated and called from other test frameworks/apps. Uses an XML API for defining and loading test cases - can use WebInject without having to deal with its internal implementation. Supports HTTPS, cookies. Can run on any platform that a Perl interpreter can be installed on.

HTTP Master - Downloadable web development and test tool from Borvid, oriented to REST web services and REST API applications. Capabilities include: dynamic parameters of various data types to create batches of different API requests, various validation types and advanced validation expressions, support for the most common REST methods, validation of output data for popular REST formats, viewers for REST response data. Free 'Express' edition available. For Windows.

Return to top of web tools listing

Cross-Browser Testing Tools/Services

Note that many tools in the 'Web Functional/Regression Test Tools' section also have cross-browser testing capabilities

Sauce Labs - Online service from Sauce Labs enables cloud-based testing on hundreds of real and VM-based devices/browsers/OSs/versions for Selenium Webdriver/SeleniumRC/Appium, JS unit test automation, Appium mobile native/web/hybrid app test automation, and manual testing. Reports can include metadata, access to log files, list of commands and responses, screenshots, screencast, etc. Access to a live remote desktop session while running tests, can breakpoint tests to enable stopping/investigating problems. SauceConnect available for secure tunneled testing of local or firewalled sites. Plugins available for Travis, Jenkins, Bamboo, more.

BrowseEmAll - Browsers and Mobile Simulators in fast desktop application from Position Fixed UG. For all major browsers. Keeps track of new browser releases and updates. Reports contain browser specific full-page and original-size screenshots. See and interact with multiple different browsers side by side - all Browsers stay fully interactive. Navigate and reload in all browsers simultaneously. Capabilities include Selenium integration. App runs on Win platforms.

Microsoft Free Cross Browser Test Tools - 1) IE VM's: Test MS Edge and IE6 through IE11 using free virtual machines you download and manage locally. Available for Win/Mac/Linux and VirtualBox, Vagrant, VMWare, HyperV, VPC, more. (Note: downloads are of course very large.) 2) Free testing of Edge via Browserstack - No downloads required, test Microsoft Edge from the cloud. 3) Free BrowserStack-based screen shots for site rendering comparisons. 4)Sonarwhal linting tool for the web - checks accessibility, 'interoperabilty', performance, apple touch icons, 'Strict-Transport-Security' response header.

Browserling - On-the-web cross browser testing tool from Browserling Inc. provides unlimited browser sessions and SSH tunnels for multiple versions of Chrome, Firefox, Safari, Internet Explorer and Opera. Enables interactive cross-browser testing; fully interactive sessions, not static screenshots; powered entirely by canvas and javascript. Reverse-proxy your localhost into Browserling with Browserling ssh tunnels - just copy and paste an ssh one-liner from the UI.

Gridlastic - Cloud based selenium grid cross-browser testing tool from Gridlastic LLC that enables launching your own selenium grid in any Amazon data region. With 1 click you get an instant selenium maintenance-free auto-scaling cross browser testing infrastructure. The grid environment is updated regulary to support new browsers and selenium versions. Videos of every test are available for debugging.

CrossBrowserTesting - Test your website in dozens of browsers and real devices; over one thousand combinations of browsers, OSs, and devices - not emulators. Test your sites on more than 900 browsers across more than 40 operating systems, including iOS, Android, Windows, Mac and more. Render your site across as many browsers as you’d like with automated screenshots. Compare layouts side-by-side. Works with selenium automation. Can work with test sites that are behind firewalls.

Lunascape - A free 'triple engine' web browser from Lunascape Corp. that includes the three most popular rendering engines Trident (IE), Gecko (Firefox) and Webkit (Chrome and Safari). By clicking the smart engine-switch button next to the address bar, a user can switch rendering engine for any page, enabling running and testing of a website in multiple rendering engines. Comparisons can be made side by side with it's Cascade view/tiled windows. For Windows platforms. Also included is a 'switch user agent' capability. Supports add-ons of IE and Gecko (Firefox), plus add-ons made specifically for Lunascape. For multiple platforms.

BrowserStack - Cloud-based testing on real browsers for hundreds of desktop/mobile/tablet browser-platform combinations. Capabilities include selenium automation integration, tunneling to any local server environment, HTTPS. Mobile testing via emulators. Stacks include a wide variety of developer tools.

IEVMS - Open source multi-IE version cross browser VM tool from Greg Thornton. Microsoft provides virtual machine disk images to facilitate website testing in multiple versions of IE, regardless of the host operating system. With a single command, you can have IE6, IE7, IE8, IE9, IE10 and IE11 running in separate virtual machines. Requires Virtual Box, Curl, Linux.

TestingBot - Cloud-based automated cross-browser testing service from TestingBot - utilize Selenium tests to run in the cloud on the TestingBot grid infrastructure. Compose a Selenium test with simple commands. Includes capability to run via a provided ssh tunnel allowing tests during development against staging code/environments. Also allows running tests at a specific time and interval, with failure alerts. Infrastructure includes many browsers, browser versions, OS platforms; run mobile tests (Android or iOS) using Appium. Manual testing capability also.

Turbo - Turbo (formerly Spoon) is a lightweight, high-performance container platform for building, testing and deploying applications and services in isolated containers. Once an app or service is put into a container, that image can be saved/distributed to testers or any Turbo user by pushing the image to the Spoon Hub. The runtime environment of Turbo containers is supplied by the Turbo Virtual Machine or SVM, a lightweight implementation of core operating system APIs, including the filesystem, registry, process, and threading subsystems. Containerized applications consume only a small percentage of additional CPU and memory consumption relative to native applications. Turbo overhead is generally negligible. For manual browser testing, you can run any version of any browser in a container or build a custom browser container with components like Java and Flash. The automated testing solution allows running tests with Selenium on the Turbo web-based Selenium Grid that utilizes your browser containers on your local machine to minimize your testing environment setup. Browsers and test scripts can run on your local machine, so there is no need for any special proxy configuration or modifications to the URL when testing an internal site. Supports Chrome, Firefox, and IE. Hosted, Enterprise, and ISV licensing; free and paid versions.

Utilu - Free utilities from Utilu that contain collections of standalone versions of IE or Firefox browsers; multiple versions can be used at the same time. Utilu Mozilla Firefox Collection contains more than ten versions of Firefox (English versions only); also includes the Firebug and Web Developer add-ons and Flash player; configurable to install only specified desired version. Supports upgrading - no need to uninstall a previous version before installing a newer version. Utilu IE Collection contains more than ten versions of Internet Explorer (English versions only); configurable to install only specified desired version; original version number is shown correcty in the User Agent string; version number also shown in window title; includes the IE Developer Toolbar.

Multi-Browser Viewer - Downloadable automated cross browser testing solution from TWD Solutions Pte Ltd. includes a wide variety of standalone virtualized browsers, multiple standalone mobile/tablet browsers or emulators, wide variety of screen capture image browsers. Screenshot comparison function ('Onion Skin' or 'Side-by-Side'). Capabilities include Record/playback, MultiBrowser Test API for custom scripting. Each browser is virtualized into a single exe, enabling you to run multiple web browsers side by side locally on a single PC. Can run different versions of each browser simultaneously. Simulate mobile network conditions (offline/3G/4G/etc.). Integrated screenshot comparison tools, assess differences visually with onion skin and animated overlay screenshots comparisons. Preview web site across multiple devices and resolutions from iPhones to desktop computers in a single click.

IETester - Free browser compatibility checker from Core Services for Internet Explorer Versions from 5.5 to 11. WebBrowser that allows you to have the rendering and javascript engines of IE11, IE10, IE9, IE8, IE7 IE 6 and IE5.5 on Windows 8, 7, Vista and XP, as well as the installed IE in the same process.

IE Netrenderer - Free site allows you to check how a website is rendered by Internet Explorer from current versions back to 5.5, as seen from a high speed datacenter located in Germany. Just type in a URL. Able to process a large number of capturing jobs in parallel and in realtime, making for fast service. From GEOTEK Netzwerkservice Berlin.

Litmus - Cross-browser testing service from Salted Services Inc.; oriented to html email testing; but also does 'landing page' cross browser testing for multiple web browsers.

Return to top of web tools listing

Web Functional/Regression Test Tools

Note that some tools in the this section also have cross-browser testing capabilities and some have visual regression testing capabilities. (Also see the 'Cross-Browser Testing Tools/Services' section and the 'Visual Regression Testing tools' section.)

Katalon Studio - Free test automation tool from KMS Technology, Inc; supports Win and Mac, most browsers; web, mobile, API testing. Provides project templates for organizing test cases, object repository and keywords. Easy to integrate with Jenkins, GIT and JIRA with native plugins. Can record/generate tests automatically. Scripts can be edited or created in Groovy. Runs test cases or test suites using multiple configurations and data sets. Dynamic failure handling and auto re-execution. Includes run-time rules to automatically handle complex execution flows. Multiple report formats. Advanced logging, debug data and screenshots.

WebdriverIO - An open source testing utility for nodejs. Enables easy writing of selenium tests with Javascript in your favorite BDD or TDD test framework, which will run locally or in the cloud using Sauce Labs, BrowserStack or TestingBot. Lets you control a browser or a mobile app with minimal lines of code. Removes the cumbersome setup work and manages the Selenium session for you. The test runner comes with a variety of hooks that allow you to interface into the test process in order to e.g. take screenshots if an error occurs or modify the test procedure according to a previous test result. This is used by WebdriverIOs services to integrate your tests with 3rd party tools like Appium. Cucumber, Jasmine and Mocha+Chai are supported by the configuration wizard.

Intern - An open source test system for JavaScript designed to help you write and run consistent, high-quality test cases for your JavaScript libraries and apps. Write tests in JavaScript and TypeScript. Run tests from browser, in Node.js, or against many browsers & platforms at the same time with the Intern test runner. Get full code coverage reporting. Can be used to test Web pages generated by server-side languages (like Java, PHP, or Ruby), native or hybrid iOS, Android, and Firefox OS applications, and any javascript code. Enforces only a basic set of best practices designed to ensure your tests stay maintainable over time. Extensible architecture. Designed to work out-of-the-box with CI services like Jenkins and Travis CI.

OpKey - Test automation tool from Smart Software Testing Solutions Inc. enables test teams to automate their web apps, mobile apps, and web services and integrate seamlessly with their Devops without requiring a coding background. Built-in test recorder, object repository, data repository. Smart Recorder for All Browsers. Secured Tunnel to test applications hosted behind your firewall. Test editor to create your new test or modify existing one with more than 400 Keywords to perform all possible actions on your application. Execute OpKey tests over 50 OS & browsers through OpKey Cloud Gherkin support and integrations with JIRA, Jenkins, Bamboo. Automate Android and iOS applications on 500+ real mobile devices on mobile device lab - pCloudy.

pCloudy - Cloud based App Testing Platform provides single click access to 500+ Android and IOS devices directly from your browser. Full access to devices. Capture screenshots, device logs, crash report and device video sessions. Measure CPU utilization of device and app; memory consumption; get detailed analysis on memory consumption of app and its processes; track Battery drainage. For manual testing, automated testing, and performance testing. Jenkins plugin available; API's available for integrating with other tools. Public cloud, private cloud, and on-premises cloud options. Test on real networks or simulated networks.

NighwatchJS - Open source automated testing framework for web applications and websites, written in Node.js and using the W3C WebDriver API (formerly Selenium WebDriver). It is a complete browser (End-to-End) testing solution which aims to simplify the process of setting up Continuous Integration and writing automated tests. Can also be used for writing Node.js unit tests.

QF-Test - QF-Test/web from Quality First Software GmbH is a cross-platform software tool (Windows, Linux/Unix, macOS) for cross-browser test automation of web-based applications and Java apps. Includes test management capabilities, capture/replay mechanism, intuitive user interface and extensive documentation, reliable component recognition and can handle a wide variety of complex and custom GUI objects, integrated test debugger and customizable reporting. Image testing/comparison: Multiple algorithms also for fuzzy comparison. Convenient diff view for validation of deviations. Supports IE, Firefox, Chrome, Safari and Edge via WebDriver; headless browser for Chrome and Firefox. Supports HTML, AJAX: HTML5, AJAX: Angular, Smart (GWT), GXT/ExtGWT, ExtJS, ICEfaces, jQuery UI, jQueryEasyUI, Kendo UI, PrimeFaces, Qooxdoo, RAP, RichFaces, Vaadin, ZK. Scripting languages Jython, Groovy and JavaScript

Qualitia - Test automation tool provides step-wise approach to quickly build test automation and handle complexities easily with unique criptless approach. Provides point and click mechanism to identify objects for Selenium, and provides object integration with QTP/UFT. For Selenium, objects are learned based on list of locator types including ID, Name, Xpath or Link. Default priorities are set based on best practices; however flexibility in altering defaults is available. Includes test case management capabilities. For Win, Linux, Mac and Unix.

SideeX - A free Chrome/Firefox add-on, functions as an extended version of Selenium IDE with expanded record-playback automation capabilities. From the Software Engineering Lab at National Cheng Kung University, Taiwan. Capabilities include auto-generation of: commands for selecting unnamed windows and inner frames, commands for closing new popup windows, mouseOver and mouseOut commands, scrolling commands, commands for autocomplete feature, and more. Auto-wait for: AJAX requests completion, page loading completion, DOM change completion.

Gauge - Open source light weight cross-platform test automation tool for authoring test cases in business language, from ThoughtWorks. Replaces previous Twist tool. Has a rich markup based on markdown; support for writing test code in any programming language (currently java, ruby, C#) Modular architecture with plugin support. Supports External Data Sources, IDE's (including Eclipse and IntelliJ). Report plugins include HTML Report Plugin, XML Report Plugin.

FReT - FRET (FRont End Testing) puts a user friendly GUI in front of Selenium to automated and report on web tests. Screenshots can be taken at any step(s) in tests. Simplified automation setup using predefined commands Test runs use real browsers and can be set to run a predefined intervals. Each test can have up to 13 steps. For Firefox, IE and Chrome.

Certify - Test automation management tool from WorkSoft, Inc. For managing and developing test cases and scripts, and generating test scripts. For automated testing of Web, client/server, and mainframe applications.

EveryStep - Free downloadable point-and-click automation scripting tool from Dotcom-Monitor Inc. After recording a script it can be played back in the script editor to check for and resolve errors. Scripts can be saved to a local file and manually edited to inject certain verification steps, add time delays, timeout counters, or screen shots via the script editor and add the necessary tasks. The script player can automatically replay at set configurable intervals from a local machine. Playback results are recorded on your local machine, and you can set the player to send email alerts if any errors are detected. Scripts can also be uploaded and run from Dotcom-Monitor's locations around the world. Reports include overall percentages of page load speed for each type of element, fastest/slowest loading elements, and a waterfall chart detailing the progress and speed of each element in real time. For Win/IE.

RoutineBot - A functional test automation tool from AKS-Labs that enables creation and execution of tests based on image patterns. Can use manual script design or automatic script recording. Supports Pascal, JavaScript and Basic scripting languages; supports a variety of events - mouse events (clicking, moving), keyboard events (entering text), taking screenshots, loading and saving data, downloading files, working with applications and windows; supports wide range of functions to log events which includes advanced htm log with screenshots of test cases.

Usetrace - Software testing service designed for agile, continuous development environments, from Usetrace Ltd. Automate functional end-to-end UI testing on web sites/apps; includes regression testing, monitoring and performance, and load testing. Automated tests are called traces, which are visual descriptions of the user paths through the application under test. Traces are made by interacting with your site as your users would. Usetrace records these interactions into modules that can be reused, building a highly maintainable automation test suite for your app's UI. Capabilities include automated screenshots, extendable with javascript, integrates with Jenkins and other CI systems, parameterizable (test data), record/playback, test reporting to email and chat. Tests on IE, Firefox and Chrome.

SlimerJS - Open source criptable browser for web dev/testing - enables web page interaction via an external JS script; by Laurent Jouanneau. Useful for doing functional tests, page automation, network monitoring, screen capture, etc. Similar to PhantomJs (which is built on top of Webkit), except that it runs on top of Gecko, the browser engine of Mozilla Firefox, instead of Webkit, and is not yet truly headless. In your JavaScript you can use modules, providing access to many APIs enabling read/write files, act on web page like a user, take screenshots; listen for network events to do network monitoring during the load of a webpage. Can execute CommonJS modules, so main script can be written with CoffeeScript as well. Page rendering in SlimerJS is strictly identical to the rendering in Firefox.

SeLite - Open source extension of the Selenium IDE that enhances automation of Firefox; by Peter Kehl. It enables functional testing of web applications with an isolated test database, (isolated from the DB of the tested application). Other enhanced capabilities include: management and customisation of test configuration settings, extra test actions (e.g. random input generators), loading user extensions and their dependencies in order (ExtensionSequencer), making a snapshot and reverting test DB and app DB directly from Selenium IDE. Requires Firefox, Selenium IDE and SeLite AddOns.

ChemistryKit - Framework for Selenium WebDriver was designed to help get started with Selenium WebDriver quickly, to grow as needed, and to avoid common pitfalls by following convention over configuration. Ruby; Built on top of RSpec. Makes it simple to encapsulate data about a particular user that is "using" your application that you are testing. Users are called "chemists". When you create a new test harness there will be a chemists folder; in this folder you can create any number of files with arbitrary user data,

TestCafe - Functional web testing framework from Developer Express Inc.; can run tests in any browser that supports HTML5 (including IE9+, Chrome, Firefox, Safari, Opera). OS agnostic - run tests on Win, Mac or Linux. Run tests on remote computers and mobile devices, in multiple browsers and on multiple machines simultaneously. Also eliminates out-of-process browser plug-ins, and provides wrapper-free access to DOM via jQuery or a browser's API. Ships with powerful built-in visual test recorder, and can execute generated tests on demand or as part of a CI system.

ZapTest - Offers true cross/platform cross/environment test automation for web as well as mobile and desktop. From Zap Technologies. With 1Script technology user can automate any GUI on any OS; execute it throughout these environments with same script; execute same script at once across different workstations/mobile devices (ZAP MultiRun add-in). For Windows; Mac; Linux; iOS; Android; Blackberry; WinMo. Integrates with HP ALM and UFT (optional add-in). Community Edition [Zapfree] is a no-cost, entry-level test automation technology for users interested in ad-hoc software testing cross-platform.

HttpMaster - Web app test automation tool from Borvid. Test RESTful web services, API applications, and classic websites. Key features are dynamic parameters, response data validation rules, response data viewers, properties to fine tune web requests, intuitive user interface, and 'quick help' buttons. Express (Free) and Pro verdsions available. For Win platforms.

CasperJS - Open source navigation scripting & testing utility written in Javascript for PhantomJS WebKit headless browser and SlimerJS (Gecko - Firefox). Eases the process of defining a full navigation scenario and provides useful high-level functions & methods for doing common tasks such as defining & ordering browsing navigation steps, using forms and links, capturing screenshots of all/part of a page, testing remote DOM, logging events, downloading resources (including binary), writing functional test suites, saving results as JUnit XML, scraping Web contents. Written on top of PhantomJS, which is a node-independent Qt/WebKit based library. Will not work with node - to drive CasperJS from node, use SpookyJS. For OSX, Win, Linux. Requires PhantomJS, Python, .NET Framework or Mono.

TOSCA Testsuite - Integrated functional testing and test management tool from TRICENTIS Technology & Consulting GmbH., for manual and automated testing, UI and non-UI, Mobile/Smart Device, Cross-Browser, SAP as well as Data Warehouse and BI Testing. Delivers a single administrative interface for manual, semi-automated, and fully automated test cases. Provides comprehensive integration with SAP, popular ALM systems, like HP, IBM, Polarion, popular defect tracking solutions and others.

RIATest - Web UI testing tool from Cogitek, for HTML, jQuery, Sencha ExtJS, Windows 8 Store apps, etc. Also supports Adobe AIR, Flex, simulation of OS level mouse and keyboard events on GUI elements, image-based automation. Can verify that a GUI element has certain appearance or contains a certain subimage inside or near it. Recorder, component inspector, RIAScript scripting language and debugger. For Win and Mac OS X platforms - scripts interoperable between both

GEB - Open source cross browser automation tool leverages the WebDriver library for browser automation - Works with any browser that WebDriver works with. Supports remote and headless browsers. JQuery-like API. Supports the Page Object pattern, leveraging Groovy's DSL; provides integration modules for popular testing frameworks such as Spock, JUnit, TestNG, EasyB and Cucumber (via Cuke4Duke).

Mink - Open source PHP Web acceptance testing framework library. Mink driver is a simple class implementing Behat\Mink\Driver\DriverInterface. (Behat is an open source BDD tool in PHP which comes bundled with Mink.) Comes with four drivers out of the box: GoutteDriver for the Goutte pure-php headless browser, SahiDriver for the Sahi JS browser controller; ZombieDriver for the Zombie.js headless browser emulator; SeleniumDriver for (deprecated) Selenium RC; and Selenium2Driver for Selenium Webdriver.

Selenium - Open-source tool set, originally from Thoughtworks. Consists of multiple related tools/projects including:
* Selenium WebDriver, for driving a browser natively either locally or on remote machines. Works with most browsers and OS's. Utilizes a common API along with drivers for each browser type.
* Selenium IDE, a Firefox add-on for record/playback tests in Firefox; can be used to generate code to run tests with Selenium Remote Control.
* Selenium Remote Control, a client/server system enabling control of web browsers locally or on other computers through its HTTP proxy, using almost any programming language and testing framework.
* Selenium Grid, which enables running many tests simultaneously, reducing time needed to test multiple browsers or OS's. Note: With the release of Selenium 2.0, the Selenium Server now has built-in Grid functionality.

Selenium WebDriver - Open source alternative to the initial Selenium approach for driving browsers; has been integrated into the Selenium 2.x project. Instead of being a JavaScript application running within the browser, WebDriver uses whichever mechanism is most appropriate to control the browser. For Firefox, it's implemented as an extension; for IE, it utilizes IE's Automation controls. This alternative mechanism of controlling the browser allows working around the JavaScript security model browser restrictions. Addtionally, where automation through the browser isn't enough, WebDriver can interact with the Operating System - such as in simulating typing at the OS level in Windows. Drivers available for most browsers. Can be controlled via C#, Python, Java, Ruby, Javascript (Node).

Watir - 'Web Application Testing in Ruby', an open-source family of web automation libraries in Ruby. The libraries (for Watir-WebDriver, the most recent Watir version) support IE, Firefox, Chrome, Safari. Win, Mac, Linux. For a listing of additional tools that are available to extend some capabilities, see the Watir site. Note: Watir-Webdriver requires Selenium-Webdriver. Although that means the Selenium API's are of course available, there are some who find the Watir API's more intuitive and easier to use.

PhantomJS - Open source headless WebKit, scriptable with a JavaScript API. Fast and native support for various web standards: DOM handling, CSS selector, JSON, Canvas, and SVG. Can run functional tests with frameworks such as Jasmine, QUnit, Mocha, Capybara, WebDriver, and many others. Can use for general command-line based testing, within a precommit hook, and as part of a continuous integration system. Can create web page screenshots with thumbnail preview. Available as executable binary for Win, Mac, Linux.

Rapise - Functional test automation platform from Inflectra, Inc. with an open, extensible architecture. Cross-browser testing capabilities support multiple versions of MSIE, Firefox, and Chrome. Built-in support for Ajax/GWT/YUI, Flash/Flex/AIR, Silverlight, etc. Keyword and data-driven testing using MS-Excel spreadsheets. XPath and CSS based object identification. Built-in Optical Character Recognition (OCR) for bitmaps. Scripting in JavaScript; scripts and learned objects are stored in an open format rather than a proprietary binary file or database; includes a full-function JavaScript editor with automatic code completion. Pluggable active JavaScript debugger with watches and breakpoints is available.

Jubala - Open source tool for automated functional GUI testing for HTML and Java applications. Available as part of an Eclipse package, via an update site and as a standalone application with an easy-to-use installer. View current and previous test results in Jubula client; automatic screenshot on error. Supports HTML, Swing, SWT/RCP/GEF applications; heuristic object recognition, command line client for continuous integration, context-sensitive help in client, projects stored in multi-user database, portability and version control via exports in XML format. Contributed by BREDEX GmbH, who also develop GUIdancer, which is based on the Jubula core and offers additional features. Jubala is platform independent - Windows, Linux/Unix and Mac.

Fabasoft app.test - Web test tool from Fabasoft Distribution GmbH; tests are based on patterns to reduce the complexity of HTML and Java applications - no XPath or CSS expressions are stored in the test but meaningful and understandable statements. Patterns for web sites can be designed by using the point-and-click editor as an Eclipse Plugin. Tests can be recorded by using the point-and-click recorder in all supported web browsers (IE, Firefox, Safari) and immediately be replayed in all other browsers without modification. Various Ant-Tasks provide seamless integration into Continuous Integration systems like Hudson. Generates various reports as HTML or PDF; errors documented with screenshots and various dumps. Supports Win, Linux, Mac OS-X; free and premium $ versions available.

Janova - A web-based, automated web testing tool that runs functional tests securely in the cloud. Users configure Janova using project structures of Features (test scripts), Pages and Flows to access their web-based application and define the requirements of the site in English. Features describe how the application is supposed to work; once a feature has been created, a user defines what verification elements are supposed to be on the web page. Includes detailed test results reports.

FuncUnit - Free open source web application testing framework; uses API based on jQuery. Can be downloaded and used standalone or as the part of the full stack JavaScript framework - JavaScriptMVC. Supports all modern browsers on PC, Mac, and Linux; tests can also be run via Selenium. Also available is FuncIT an IDE for FuncUnit; and Syn which creates synthetic events and performs default event behavior - can simulate user typing, clicking, dragging the mouse and enables complex JavaScript functional testing and also works with most modern browsers on PC, Mac, and Linux.

qUnit - JavaScript test suite used by the jQuery project to test its code and plugins but is capable of testing any generic JavaScript code. Similar to other unit testing frameworks like JUnit, but utilizes JavaScript features and helps with testing code in the browser, such as with its stop/start facilities for testing asynchronous code.

Progress Test Studio - Test suite from Telerick Test for web, mobile and desktop applications handles GUI, performance, load and API testing. A point-and-click software testing tool that helps users build in-depth automated web and desktop. Users can use smart wizards to visually highlight an element and automatically generate verifications, without the need for coding. Test maintenance is faster using web element abstraction techniques. Scripting with C# and VB.NET. Handles HTML5, Angular, AJAX, JavaScript, Silverlight, WPF, MVC, Ruby and PHP, iOS, Android.

Cloud Testing Service - Web testing utilizing cloud capabilities, from Cloud Testing Limited. Involves first recording web functionality via browser and Selenium IDE, uploading scripts to the Cloud Testing website; then scripts run using real browsers on real operating systems in the testing cloud; results are available as screenshots, HTML & component diagnostics. Test can be re-run whenever needed or as scheduled. Cross Browser feature enables test runs in multiple browsers (IE, Firefox, Safari, Opera, Google Chrome) and comparing appearance/results side-by-side. Cloud load testing and site monitoring services also available.

Tellurium - Web-based test tool - no installation, and no tests taking over your machine; log in and begin managing your tests and collaborating with your team. Includes a full library of 'Plain English' commands – plus the ability to create your own. Uses domain-specific language 'PBehave'. Robust test case management - organize your test suite as much or as little as you like with groups, tags, and playlists. Easily relate tests by area of functionality, type, owner, or any other category, then view and run those tests with a click. Real-time email notifications with test results; schedule recurring test runs; reuse tests for functional testing, smoke testing, monitoring, and more. Write flexible tests using test data and custom phrases.

TestOptimal - Functional/regression and load/stress testing automation platform for web applications and Java applications, from TestOptimal. Utilizes Model-Based Testing (MBT) and Mathematical Optimization techniques; test case generation and execution directly from the application model. TestOptimal is a web application itself; can be integrated with JUnit and run inside Eclipse or NetBeans. Application modeling with graphs - state chart XML (SCXML) with drag and drop user interface running on standard browser; many test sequencers (test generation) to meet different testing needs, test automation with Java or mScript (XML-based scripting), statistical analysis on test executions and virtual (concurrent) users for load testing. With its WebService interface, can be integrated with other testing tools like Quality Center and QTP. Multiple browser support. For Windows, linux and unix.

Windmill - Open source web testing framework; in Python. Capabilities include full featured recorder - one click and the IDE writes the tests; DOM Explorer; assertion explorer - quickly generate action validating the state of application; test saving and playback; real time performance and output information; handles SSL; supports Python, JavaScript, Ruby; supports most browsers.

Ranorex Studio - A Windows GUI-based test automation framework from Ranorex GmbH for testing many different application types. Supports a wide variety of technologies, platforms, integrations, and browsers. Directly record tests on your device. Utilize the Ranorex API and create robust test automation projects entirely in C# or VB.NET. The IDE includes test project management, integration of all Ranorex tools (Recorder, Repository, Spy), intuitive code editor, code completion, debugging, and watch monitor. Endpoint panel UI provides a central command center to set-up and manage endpoints as well as configure their environments. Utilize Ranorex Agents on remote machines to deploy multiple Ranorex tests for remote execution in different environments, using different system configurations and operating systems.

Celurity - Culurity is an open source tool by Alexander Lang that integrates Cucumber and Celerity; can run Celerity from within Cucumber which allows testing of the full stack of Rails or other web applications from database to in-browser JavaScript; run an application in any Ruby (like MRI 1.8.6) while Celerity runs in JRuby so you can still use gems/plugins that would not work with JRuby; enables reuse of existing Webrat-Style step definitions

Webrat - Ruby-based utility to enable quick development of web app acceptance tests. Open source by Bryan Helmkamp and Seth Fitzsimmons. Supports RSpec, Cucumber, Test::Unit, more. Leverages the DOM to run tests similarly to in-browser test tools like Watir or Selenium without the associated performance hit and browser dependency. Best for web apps that do NOT utilize Javascript; apps using Javascript in-browser tools may be more appropriate. Ruby gem also available.

Capybara - Ruby gem from Jonas Nicklas, Thomas Walpole and others; for testing Rails and Rack apps. It is inspired by and aims to replace Webrat as a DSL for interacting with a web application. Automatically waits for your content to appear on the page - manual sleeps not needed. It is agnostic about the driver running tests and as of comes bundled with support for Rack::Test and Selenium support built in. WebKit is supported through an external gem.

Steam - An open source tool from Sven Fuchs and Clemens Kofler providing headless integration testing tool driving HtmlUnit to enable testing JavaScript-driven web sites. It is similar to Culerity which drives Celerity (which also drives HtmlUnit). Steam’s advantages over plain Webrat is that it can test your Javascript and CSS.

Mechanize - Open source Ruby library for automating interaction with websites; automatically stores and sends cookies, follows redirects, can follow links, and submit forms. Form fields can be populated and submitted. Also keeps track of the sites visited. It is a Ruby version of Andy Lester's Perl 'Mechanize' Note: does not handle javascript.

Testing Anywhere - Test automation tool from Automation Anywhere Inc. for web and application GUI testing, using 'SMART' Automation Technology. Capabilities include: conversion of test scripts to .exe, web recorder, image recognition, script editor with 500+ commands. For Win platforms.

StoryTestIQ - StoryTestIQ (STIQ) is a test framework used to create Automated Acceptance Tests. It's a mashup of Selenium and FitNesse: its "wiki-ized" Selenium with widgets and features that make it easier to write and organize Selenium tests.

AutoMate - Automation platform from Network Automation, includes capability to simulates GUI activity via the browser.Inc with robust automated testing capabilities. Capabilities include support for HTTPS; Microsoft Excel Integration; a test run Event Database, native Terminal Emulation support. Tasks can be developed via drag-and-drop without writing code. Runs on Windows platforms.

iMacros for Firefox - Free Firefox add-on to record and automate web interactions. Can use variables inside the macros, and import data from CSV files. Includes user agent switcher, PDF download and Flash, ad and image blocking functions. The recorded macros can be combined and controlled with Javascript, so complex tasks can be scripted. The EXTRACT command enables reading of data from a website and exporting it to CSV files. Full Unicode support and works with all languages including multi-byte languages such as Chinese. STOPWATCH command enables capturing of web page response times

Avignon Acceptance Testing System - Open source acceptance test system that allows writing of executable tests in a language that the user can define. It uses XML to define the syntax of the language but, if the user chooses to extend the language, allows the semantics of the tests to be user-defined. Includes modules for testing web applications through either IE or FireFox, and modules for testing Swing and .NET WinForm applications also..

Sahi Pro - Free open-source web test tool, written in java and javascript, from Narayan Raman/Tyto Software. Works with any web application on any browser, any operating system. The same script works on all browsers. Record/playback capabilities. The Sahi Controller helps easily identify and experiment with elements on any browser. Identifies elements in simple stable ways; works on applications with dynamic ids, using _near, _in etc. APIs to easily locate one element with respect to another. Eliminates need for wait statements even for inconsistent page loads and AJAX. eEports provide concise summaries and graphs across runs, to exact line of script failure in code; all logs are stored in database. Execute tests in parallel on one machine or distribute it across machines. Can run from command line. Sahi Script is based on Javascript, and enables interaction with File-System, Databases, Excel sheets, CSV files; call any Java code or library; inbuilt Excel Framework. Free Shai OS (open source) limited version also available.

Fitnesse - A lightweight, open-source framework that makes it easy for software teams to collaboratively define Acceptance Tests -- web pages containing simple tables of data inputs and expected outputs, and run those tests and see the results. The tables are expressed in the form of a wiki; the Fitnesse wiki enables easy creation and editing of the Wiki/Fitnesse pages. FitNesse is a web server.

WebFT - Web-centric functional testing solution from Radview, supports both established and emerging web technologies. Provides a visual environment for creating Agendas (scripts) that include test recording, editing, debugging, verification and reporting features.

WET - Open source web testing tool that drives MSIE directly; from Qantom Software Pvt. Ltd. Has many features like multiple parameter based object identification for more reliable object recognition, support for XML Based Object Repository and more. Scripting in Ruby; written in Ruby.

Regression Tester - Web test tool from allows testing of functionality of any page or form Reports are fully customizable.

Yawet - Visual web test tool from InforMatrix GmbH enables graphical creation of web app tests. Create, run and debug functional and regression tests for web applications. Can verify HTML, XML, and PDF; ability to do report generation, reusable step libraries and parameterization. Freeware; downloadable jar file.

Squish for Web - Cross platform automated testing framework from Froglogic GmbH for HTML-based Web and Web 2.0/Ajax applications running in any of several browsers. Record or create/modify scripts using Tcl, Python, JavaScript. Automatic identification of GUI objects of the AUT; inspect AUT's objects, properties and methods on run-time using the Squish Spy. Can be run via a GUI front-end or via command line tools. Can execute tests in a debugger allowing setting breakpoints and stepping through test scripts.

Funkload - Free web functional testing and load testing tool written by Benoit Delbosc in Python and distributed as free software under the GNU GPL. Emulates a web browser (single-threaded) using webunit; https support; produces detailed reports in ReST, HTML, or PDF. Functional tests are pure Python scripts using the pyUnit framework.

WebCorder - Free GUI web testing tool from Crimson Solutions, developed in VB. Designed for end users who are doing web based software testing, as a simple tool to record test scenarios, and play them back and generate log files. The user may also check for text or images on the screen or save screenshots.

Soda - Selenium Node.JS adapter - an open source light-weight Selenium RC client for NodeJS, with additional Sauce Labs integration for acceptance testing in the cloud. From Supports multiple browsers and versions.

IeUnit - IeUnit is an open-source simple framework to test logical behaviors of web pages, released under IBM's Common Public License. It helps users to create, organize and execute functional unit tests. Includes a test runner with GUI interface. Implemented in JavaScript for the Windows XP platform with Internet Explorer.

QEngine - Automated testing tool from Zoho Corp. for functional testing of web applications and web services. For Linux anx Windows. Records and plays in IE, Mozilla, and Firefox browsers.

AppPerfect DevSuite - Suite of testing, tuning, and monitoring products from AppPerfect Corp. that includes a web functional testing module. Records browser interaction by element instead of screen co-ordinates. Supports handling dynamic content created by JavaScript; supports ASP, JSP, HTML, cookies, SSL. For Windows and MSIE; integrates with a variety of IDE's.

JStudio SiteWalker - Test tool from Jarsch Software Studio allows capture/replay recording; fail definitions can be specified for each step of the automated workflow via JavaScript. JavaScript's Document Object Model enables full access to all document elements. Test data from any database or Excel spreadsheet can be mapped to enter values automatically into HTML form controls. HTML-based test result reports can be generated. Shareware for Windows/MSIE.

Test Complete - Automated web test tool from SmartBear Software. Use record and replay to create tests or script tests in Python, VBScript, JScript, DelphiScript, C++Script, and C#Script. Plugin available for build systems such as Jenkins along with support for source control systems like Git, Subversion, and Mercurial. SoapUI Integration. Support for JUnit, TestNG, PyUnit, Ruby, PHPUnit, and NUnit frameworks. Support for development controls such as Developer Express, Telerik and Microsoft among others. For Chrome, IE, Firefox on Win.

actiWate - Java-based Web application testing environment from Actimind Inc. Advanced framework for writing test scripts in Java (similar to open-source frameworks like HttpUnit, HtmlUnit etc. but with extended API), and Test Writing Assistant - Web browser plug-in module to assist the test writing process. Freeware.

jWebUnit - Open source Java framework that facilitates creation of acceptance tests for web applications. Provides a high-level API for navigating a web application combined with a set of assertions to verify the application's correctness including navigation via links, form entry and submission, validation of table contents, and other typical business web application features. Utilizes HttpUnit behind the scenes. The simple navigation methods and ready-to-use assertions allow for more rapid test creation than using only JUnit and HttpUnit.

SimpleTest - Open source unit testing framework which aims to be a complete PHP developer test solution. Includes all of the typical functions that would be expected from JUnit and the PHPUnit ports, but also adds mock objects; has some JWebUnit functionality as well. This includes web page navigation, cookie testing and form submission.

WinTask - Macro recorder from TaskWare, automates repetitive tasks for Web site testing (and standard Windows applications), with its HTML objects recognition, keystroke and mouse handling. Includes capability to expand scope of macro scripts by editing and adding loops, branching statements, etc. (300+ commands); ensure robustness of scripts with Synchronization commands. For IE, Firefox, Chrome. Extensive ODBC functionality Synchronization on a text through an OCR engine Data Extraction and Data Extraction using OCR.

Canoo WebTest - Free Java Open Source tool for automatic functional testing of web applications. XML-based test script code is editable with user's preferred XML editor; until recording capabilities are added, scripts have to be developed manually. Can group tests into a testsuite that again can be part of a bigger testsuite. Test results are reported in either plain text or XML format for later presentation via XSLT. Standard reporting XSLT stylesheets included, and can be adapted to any reporting style or requirements.

TestSmith - Functional/Regression test tool from Quality Forge. Includes an Intelligent, HTML/DOM-Aware and Object Mode Recording Engine, and a Data-Driven, Adaptable and Multi-Threaded Playback Engine. Handles Applets, Flash, Active-X controls, animated bitmaps, etc. Controls are recorded as individual objects independent of screen positions or resolution; playback window/size can be different than in capture. Special validation points, such as bitmap or text matching, can be inserted during a recording, but all recorded items are validated and logged 'on the fly'. Fuzzy matching capabilities. Editable scripts can be recorded in SmithSript language or in Java, C++ or C++/MFC.

MITS.GUI - Unique test automation tool from Omsphere LLC; has an intelligent state machine engine that makes real-time decisions for navigating through the GUI portion of an application. It can test thousands of test scenarios without use of any scripts. Allows creation of completely new test scenarios without ever having performed that test before, all without changing tool, testware architecture (object names, screen names, etc), or logic associated with the engine. Testers enter test data into a spreadsheet used to populate objects that appear for the particular test scenario defined.

Badboy - Tool from Bradley Software to aid in building and testing dynamic web based applications. Combines sophisticated capture/replay ability with performance testing and regression features. Free for most uses; source code available.

SAMIE - Free tool designed for QA engineers - 'Simple Automated Module For Internet Explorer'. Perl module that allows a user to automate use of IE via Perl scripts; Written in ActivePerl, allowing inheritance of all Perl functionality including regular expressions, Perl dbi database access, many Perl cpan library functions. Uses IE's built in COM object which provides a reference to the DOM for each browser window or frame. Easy development and maintenance - no need to keep track of GUI maps for each window. For Windows.

PAMIE - Free open-source 'Python Automated Module For Internet Explorer' Allows control of an instance of MSIE and access to it's methods though OLE automation. Utilizes Collections, Methods, Events and Properties exposed by the DHTML Object Model.

Solex - Web application testing tool built as a plug-in for the Eclipse IDE (an open, extensible IDE). Records HTTP messages by acting as a Web proxy; recorded sessions can be saved as XML and reopened later. HTTP requests and responses are fully displayed in order to inspect and customize their content. Allows the attachment of extraction or replacement rules to any HTTP message content, and assertions to responses in order to validate a scenario during its playback.

HttpUnit - Open source Java program for accessing web sites without a browser, from Source Development Network, designed and implemented by Russell Gold. Ideally suited for automated unit testing of web sites when combined with a Java unit test framework such as JUnit. Emulates the relevant portions of browser behavior, including form submission, basic http authentication, cookies and automatic page redirection, and allows Java test code to examine returned pages as text, an XML DOM, or containers of forms, tables, and links. Includes ServletUnit to test servlets without a servlet container.

iMacros - Macro recorder utility from Ipswitch Inc. automates repetitious aspects of web site testing. Records any combination of browsing, form filling, clicking, script testing and information gathering; assists user during the recording with visual feedback. Power users can manually edit a recorded macro. A command line interface allows for easy integration with other test software. Works by remote controlling the browser, thus automatically supports advanced features such as SSL, HTTP-Redirects and cookies. Can handle data input from text files, databases, or XML. Can extract web data and save as CSV file or process the data via a script. For Windows and MSIE. iMacros for Firefox add-on and the iMacros for Chrome add-on support Win, Mac and Linux.

MaxQ - Free open-source web functional testing tool from, written in Java. Works as a proxy server; includes an HTTP proxy recorder to automate test script generation, and a mechanism for playing tests back from the GUI and command line. Jython is used as the scripting language, and JUnit is used as the testing library.

TestDrive - Test tool from Original Software Group Ltd. utilizes a non-coding approach to recording/playback of web browser scripts. It analyses the underlying intentions of the script and executes it by direct communication with web page elements. IntelliScripting logic removes the reliance on specific browser window sizes, component location and mouse movements for accurate replay, and for easier script maintenance. Playback can run in background while other tasks are performed on the same machine.

Rational Functional Tester - IBM's (formerly Rational's) automated tool for testing of Java, .NET, and web-based applications. Enables data-driven testing, choice of scripting languages and editors. For Windows and Linux.

UFT - Unified Functional Testing (formerly QTP) functional/regression test tool from Microfocus (formerly HP, formerly Mercury); Uses an intuitive, visual user experience that ties manual, automated, and framework-based testing together in one IDE. Includes support for testing Web, Java, ERP, etc.

SilkTest - Functional test tool from Microfocus (formerly from Borland, formerly from Segue) for Web, Java or traditional client/server-based applications. Features include: test creation and customization, test planning and management, direct database access and validation, recovery system for unattended testing, and IDE for developing, editing, compiling, running, and debugging scripts, test plans, etc.

Return to top of web tools listing

BDD (Behavior-Driven Development) Test Tools

Cucumber - Open source tool for executing plain-text functional descriptions as automated tests - it supports BDD (Behavior-Driven Development). This means that the 'tests' (plain text feature descriptions with scenarios, written in the 'Gherkin' domain-specific language) are typically written before anything else and verified by business analysts, non-technical stakeholders, etc. The production code is then written outside-in, to make the stories pass. Cucumber itself is written in Ruby (and also has implementations in Java, Groovy, Javascript, C++, etc.), but it can be used to 'test' code written in any language.

Jasmine - An open source behavior-driven development framework for testing JavaScript code; does not depend on other JavaScript frameworks; does not require a DOM. From Pivotal Labs.

Lettuce - A simple BDD tool for Python based on Cucumber. By Gabriel Falcăo.

JBehave - An open source Java BDD Framework that is the precursor of Cucumber. Integrates with all popular Java IDEs. Stories can be run on command-line (typically for continous-integration) or in any modern Java IDE that supports unit testing frameworks (JUnit supported by default, but any test framework can be easily adopted). Scenarios can be written in JBehave syntax or Gherkin syntax.

Behat - Open source Behavior-Driven Development framework for PHP. Many extensions available. Uses same Gherkin syntax as Cucumber and many other BDD frameworks

Concordian - An open-source BDD tool for automating Specification by Example, for Java or C#. Capabilities include screenshots, stack traces, results breadcrumbs, integrates well with Selenium WebDriver. Concordion specifications use an attractive stylesheet that makes them easy to read.

Yatspec - An open source Java BDD framework that generates HTML test reports from JUnit Java tests. Supports 3 levels of usage: 1) TableRowTest support for JUnit Methods (like in MBUnit / NUnit) 2) Specification support for Junit; produces readable HTML from your test 3) "Given/When/Then" support with automatic capturing and display of "givens" and captured inputs and output.

Serenity - An open source automated acceptance tests reporting java library. Helps structure your automated acceptance tests in order to make them easier to understand and maintain, and provides great reporting capabilties on top of tools like JBehave, Cucumber or JUnit. Also provides tight integration with WebDriver, to make automated web testing easier and more efficient. Works in two ways: 1) instruments your test code and reports on the steps that your tests execute to achieve their goals, and stores the test results in a standardized format;(2) aggregates these test results into clear and meaningful reports, that reflect not only the outcomes of your tests, but also the status of your project. For example, you can get Serenity to report on what requirements, features or stories you have implemented, and how well (or not) they were tested.

SpecFlow - Cucumber for .Net: BDD tool to define, manage and automatically execute human-readable acceptance tests in .NET projects. From Handelsgesellschaft m.b.H. Supports the .NET framework, Xamarin and Mono. Integrates with Visual Studio, but can be also used from the command line (e.g. on a build server). Supports multiple testing frameworks: MSTest, NUnit (2 and 3), xUnit 2 and MbUnit. Free and paid (SpecFlow+) versions.

Return to top of web tools listing

Web Site Security Test Tools

AppSpider - Web application security testing tool from Rapid7 includes interactive actionable reports that prioritize the highest risk security issues and streamline remediation efforts. Can drill deep into a vulnerability to get more information and replay attacks in real-time. Provides interactive actionable reports that behave like web pages with effective organization and links for deeper analysis.

Veracode Web Application Scanner - Web application scanning tool from CA Technologies; discovers and inventories all of your external web applications, then performs a lightweight scan on thousands of sites in parallel to find critical vulnerabilities and helps you prioritize your biggest risks. As a second step, you can run authenticated scans on critical applications to systematically reduce risk. Offers multiple scanning technologies on a single platform, so you get unified results, analytics, and increased accuracy.

Brakeman - Open source ruby static code analysis tool checks Ruby on Rails apps for security vulnerabilities. Plugin available for Jenkins/Hudson.

W3af - Web Application Attack and Audit Framework, an open source web application security scanner which helps developers and penetration testers identify and exploit vulnerabilities in their web applications. The scanner is able to identify 200+ vulnerabilities, including Cross-Site Scripting, SQL injection and OS commanding. Has a graphical and console interface; written in python.

OWASP ZAP - Open source tool from OWASP - Zed Attack Proxy (ZAP) is one of the world’s most popular free security tools and is actively maintained by hundreds of international volunteers. Helps automatically find security vulnerabilities in your web applications while you are developing and testing your applications. Also useful to experienced pentesters for manual security testing.

Checkmarx CxSAST - Static code scanning tool from Checkmarx provides the ability to find vulnerable lines of code and learn how to fix them. Supports 20 coding and scripting languages and their frameworks. Incremental scan capability only analyzes new code or modified code. Identifies hundreds of known code vulnerabilities and ensures coverage of security standards (OWASP Top 10, SANS 25 and more).

Synopsys Static Analysis (Coverity) - Static Analysis and Static Application Security Testing (SAST) platform from Synopsys; provides actionable remediation guidance. Provides full path coverage, ensuring that every line of code and every potential execution path are tested. View all outstanding security issues, OWASP Top 10 issues, CWE, and PCI related issues. Policy Manager enables defining/enforcing a consistent standard for code security and enables compliance visibility. Supports C/C++, Java, C#, JavaScript, Node.js, Objective-C, PHP, Python, ASP.NET, Ruby, and more. Supports over 100 compilers and many popular IDE's.

InsightAppSec - Cloud-based web application security scanner from Rapid7. Analyzes site exposure risk, ranks threat priorities. Provides a replay capability for each vulnerability, so that after a developer. has implemented a fix, they can quickly test their work with the replay capability immediately. 'Universal Translator' capability understands the formats, protocols, and development technologies used in modern mobile and browser-based applications. Provides actionable insights with reports that speed remediation.

Burp Suite - An integrated web app security testing platform from PortSwigger Ltd, written in Java. Its various tools work together to support the entire testing process, from initial mapping and analysis of an app's attack surface, through to finding vulnerabilities. Can combine advanced manual techniques with state-of-the-art automation, to enable faster and more effective security testing. Key components include: An intercepting Proxy, which lets you inspect and modify traffic between your browser and the target application; an application-aware Spider, for crawling content and functionality; an advanced web application Scanner, for automating the detection of numerous types of vulnerability; an Intruder tool, for performing powerful customized attacks to find and exploit unusual vulnerabilities; more. Extensible, allowing writing of custom plugins. Free and $Pro versions.

Web Server Security Test - Online free web server security test service by High-Tech Bridge SA. Test your Content Security Policy (CSP), HTTP Security Headers and overall web server security; API also available. Score reported as a grade A-F. Checks: Detailed analysis (syntax, validity, trustworthiness) of HTTP headers that may impact web server, web application or website visitors security or privacy; analysis of HTTP methods that may put web server, web application or website visitors at risk; detailed analysis of web application cookies for secure attributes that may improve web application and website visitors' security and privacy. Also available is a free online SSL/TLS Server Test, which tests the SSL/TLS implementation of any service on any port for compliance with PCI DSS requirements, HIPAA guidance and NIST guidelines.

Vega - A GUI-based, multi-platform, free and open source web security scanner from Subgraph Inc. that can be used to find instances of SQL injection, cross-site scripting (XSS), and other vulnerabilities in your web apps. Also includes an intercepting proxy for interactive web application debugging. Written in Java, GUI based; runs on Linux, OSX, and Win. Vega attack modules are written in Javascript, users can easily modify them or write their own.

ParosPro - Web security auditing platform from Milescan Technologies. Capabilities include a network spider to collect information about a site's hierarchy; vulnerability scanning based on plug-ins written to target common web vulnerabilities, including many popular Content Management Systems vulnerabilities; simulates hacker attacks; scan scheduling; more.

Skipfish - Open source active web application security scanner from Michal Zalewski/Google. Prepares interactive sitemap by carrying out a recursive crawl and dictionary-based probes. The map is then annotated with the security check output. The final output report is meant to serve as a foundation for professional web application security assessments. Goals for the tool are stated as: Raw speed; Unique brute-force capabilities: includes utilization of highly customized, hand-picked dictionaries, and a unique auto-learning feature that builds an adaptive, target-specific dictionary based on site content analysis; High quality security checks with an emphasis on well-crafted probes, and on testing for behavioral patterns, rather than signatures; Coverage of more nuanced problems - looks for significant security issues often neglected by other tools - such as caching intent mismatches, mixed content issues, XSSI, third-party scripts, cross-site request forgery, etc; Adaptive scanning for real-world applications - handles complex, mixed technology sites such as recognizing obscure 404 behaviors, unusual parameter passing conventions, redirection patterns, content duplication, etc.

WebReaver - Web app security security scanner for Mac OS X, for novice as well as advanced users. Identify over 70 variants of severe vulnerabilities such as SQL Injection, XSS, Local File Includes and others. Export vulnerability reports in several document formats such as RTF, HTML, DOC and TXT.

Samurai Web Testing Framework - Open source web pen testing framework from Inguardians Inc. includes a live linux environment that has been pre-configured to function as a web pen-testing environment. Includes a variety of open source and free tools web pen testing tools. Includes reconnaissance, mapping, discovery, and exploitation tools, and a pre-configured wiki set up to be the central information store during pen testing.

Tarantula - Open source tool from Relevance Inc. that crawls your Rails application, fuzzing data to see what breaks.

RATS - The Rough Auditing Tool for Security is an open source code security analysis tool developed by Secure Software, which was acquired by Fortify Software/HP/Microfocus. Scans C, C++, Perl, PHP and Python source code and flags common security related programming errors such as buffer overflows and TOCTOU (Time Of Check, Time Of Use) race conditions. Provides a security analyst with a list of potential trouble spots on which to focus, along with describing the problem, its potential severity, and potential remedies. Also performs some basic analysis to try to rule out conditions that are obviously not problems. As the name implies, it provides a rough analysis of source code, and will not find all errors, and will find things that are not errors; can be used as an aid to manual code inspection. Not updated since 2009.

beSTORM - Software security analysis fuzzing tool from Beyond Security; can be used for securing in-house software applications and devices, as well as testing the applications and devices of external vendors. Tries virtually every attack combination, intelligently starting with the most likely scenarios and detects application anomalies which indicate a successful attack. Also available is hosted service WSSA - Website and Web Server Security Auditing. Provides a complete report with the facts and recommendations needed to take corrective action. 15-day free trial.

Powerfuzzer - Open source automated customizable Web fuzzer; based on many other Open Source fuzzers available and information gathered from numerous security resources and websites. Capable of spidering website and identifying inputs. Capable of identifying common web vulnerabilities (incl. XSS, SQL Injection). Supports https. Written in python. Project leader is Marcin Kozlowski. Commercial version Powerfuzzer Online available as an online service.

Wapiti - Open source vulnerability scanner for web applications. It checks vulnerabilities like XSS, SQL and XPath injections, file inclusions, command execution, LDAP injections, CRLF injections. Uses Python; no SSL support.

nCircle Certified PCI Scan Service - External scan service from nCircle for all PCI Data Security Standard-relevant conditions. Upon completion of the scan, merchants have access to an auto-generated PCI Security Standards Council certified report. The scan report clearly indicates whether the merchant's payment network is secure, in which case the merchant may download the report and submit it to the acquiring bank.

SecPoint Penetrator - Site/network security testing tool from SecPoint ApS, available as penetration testing appliance or as a web-based service. Site/network security testing tool from SecPoint ApS, available as penetration testing appliance or as a web-based service. Provides full vulnerability scanning, pen testing. Find vulnerabilities in Firewalls, Websites, Joomla, Wordpress, Drupal, Joomla, Magento, Shopify, Umbraco, Mail servers, Database servers and more. Powerful Cloud Security Scanner find vulnerabilities on websites: Scans for SQL Injection, XSS Cross Site Scripting XSS, SQLi, LFI, RFI and CSRF. Reports in PDF, XML, HTML formats with recommended solutions.

Netsparker - Web application security scanner from Mavituna Security with integrated exploitation features to allow users to exploit the identified vulnerabilities and see the real impact of the problem. Via desktop or online service. Capabilities include: false-positive-free; handling of websites that rely on AJAX and Javascript; confirms vulnerabilities by exploiting them in a safe non-destructive manner; specific impact and remediation information is tailored based on details of issue. For Windows.

Kyplex Cloud Security Scanner - Cloud-based web site security scanning service - no installation or network modifications required. Capabilities include cross site scripting attacks (XSS), detects hidden directories and backup files, looks for known security vulnerabilities, searches for SQL Injection vulnerabilities, more. Finds complex security breaches and web server configuration errors, as well as zero-day vulnerabilities. From Kyplex Ltd.

Fortify - Security product suite from Microfocus (formerly HP, formerly Fortify Software) includes vulnerability detection. Integrates static source code analysis, dynamic runtime analysis, and real-time monitoring to identify and accurately prioritize the greatest number of critical security vulnerabilities. Capabilities include the Program Trace Analyzer (PTA) that finds vulnerabilities that become apparent only while an application is running - integrate into a QA test to find vulnerabilities while a functional test is being conducted on an application.

OWASP Security Testing Tools - Variety of free and open source web security testing tools via the OWASP (Open Web Application Security Project) site. SQLiX is an SQL injection vulnerability test tool that uses multiple techniques - conditional errors injection; blind injection based on integers, strings or statements, MS-SQL verbose error messages ("taggy" method); can identify database version and gather info for MS-Access, MS-SQL, MySQL, Oracle and PostgreSQL. Other security testing tools available include WSFuzzer, WebScarab, Tiger, LAPSE, Pantera, etc.

Retina Web Security Scanner - Dynamic application security testing (DAST) solution from BeyondTrust Inc. for site crawling, detecting & remediating vulnerabilities for web and mobile apps. Includes client-side JavaScript testing & pre-attack analysis. Capabilities include auto-population of forms, exportable XML-based reporting. Handles reporting for reporting requirements for PCI, FISMA, OWASP, SOX, HIPAA, GLBA, and more.

Trustwave AppScanner - Automated security testing tool set for web applications, web services and cloud and mobile apps, from Trustwave Holdings Inc. Available as a cloud-based on-demand service or installed on-premises app. Includes a scanning engine that contains an emulated browser, which traverses applications just as a user would using a library of “SmartAttacks,” which are automatically updated weekly. Looks at actual behavior, as opposed to code strings, thus preventing excessive false positives. Centralized dashboard instantly displays application risk scores and tracks trends over time, and provides threat prioritizations.

GamaSec - Automated online website vulnerability assessment delivers proactive tests to Web Servers, Web-interfaced Systems, and Web-based Applications. Configurable scan intervals/frequency. Supports a wide variety of HTTP Authentication schemes, common HTTP protocol, BASIC, NTLM with abilities to analyze the broadest web technologies; PHP, ASP.NET, ASP, etc.

Wikto - Web server security assessment tool for windows servers, open source, from SensePost. It's three main sections are its Back-End miner, Nikto-like functionality, and Googler to obtain additional directories for use by the other two. Includes ability to export results to CSV file

Nikto Scanner - Open source web server scanner from which performs comprehensive tests against web servers for multiple items, including over 3300 potentially dangerous files/CGIs, versions on over 625 servers, and version specific problems on over 230 servers. Scan items and plugins are frequently updated and can be automatically updated.

Fortify WebInspect - WebInspect automated security assessment tool for web applications and services, from Microfocus (formerly HP, formerly SPI Dynamics). Ability to test the dynamic behavior of running web applications and services to identify security vulnerabilities and integrating runtime analysis to expand the attack surface to identify issues in hidden directories and pages that go undetected by black-box testing alone. Provides details and priorities of each vulnerability. Get compliance reports for all major industry and regulatory standards (such as PCI, SOC, ISO and HIPAA).

IBM Security AppScan - Tool suite from Rational/IBM (formerly Watchfire) automates web and mobile application security testing, produces defect analyses, and offers recommendations for fixing detected security flaws. Assessment module can be used by auditors and compliance officers to conduct comprehensive audits, and to validate compliance with security requirements. Includes static code analysis capabilities Includes support for JavaScript, HTML5, Cordova, Java and Objective-C.

Defensics Core Internet Test Suite - Security testing tool from Codenomicon Onc. searches and preemptively eliminates security-related flaws from the implementations that create the backbone of the modern Internet and communication between the networked devices. This includes, but is not limited to, routers, switches, firewalls, desktop and server systems, laptops, PDAs, cell phones and other mobile systems, as well as a large number of various embedded systems. Because several protocols from this category are often tightly coupled with the underlying operating system, serious flaws in handling them may easily result in total system compromises.

SecurityMetrics Vulnerability Scan - Service from SecurityMetrics that analyzes external network devices like servers, websites, firewalls, routers, and more for security vulnerabilities which may lead to interrupted service, data theft or system destruction. Includes instructions to help immediately remedy security problems.

Core Impact Pro - Security testing tool from Core Security Technologies for web apps and other systems. Testing capabilities across network, web, mobile, and wireless. Uses penetration testing techniques to safely identify exposures to critical, emerging threats and trace complex attack paths.

Snort - Open source network intrusion prevention and detection system from Cisco; capable of performing real-time traffic analysis and packet logging on IP networks. It can perform protocol analysis, content searching/matching, and can be used to detect a variety of attacks and probes, such as buffer overflows, stealth port scans, CGI attacks, SMB probes, OS fingerprinting attempts, and much more.

Nessus - Vulnerability scanner from Tenable Network Security with high speed discovery, configuration auditing, asset profiling, sensitive data discovery and vulnerability analysis of security posture. Nessus scanners can be distributed throughout an entire enterprise, inside DMZs, and across physically separate networks. Free for home users; annual fee for Professional license. Updated continuously. Includes scripting language for writing custom plugins.

Security Center - Security management tool from Tenable Network Security for asset discovery, vulnerability detection, event management and compliance reporting for small and large enterprises. Includes management of vulnerability, compliance, intrusion and log data. Company also provides the Nessus Vulnerability Scanner, and Passive Vulnerability Scanner.

SARA - 'Security Auditor's Research Assistant' Unix-based security analysis tool from Advanced Research Corp. Supports the FBI/SANS Top 20 Consensus; remote self scan and API facilities; plug-in facility for third party apps; SANS/ISTS certified, updated bi-monthly; CVE standards support; based on the SATAN model. Freeware. Also available is 'Tiger Analytical Research Assistant' (TARA), an upgrade to the TAMU 'tiger' program - a set of scripts that scan a Unix system for security problems.

GFiLANguard - Network vulnerability and port scanner, patch management and network auditing tool from GFI Software. Scans using vulnerability check databases based on OVAL and SANS Top 20, providing thousands of vulnerability assessments.

Qualys Platform - Suite of cloud-based security tools/services for asset inventory, vulnerability management, continuous monitoring, web app scanning, security configuration assessment, and more. Also available is 'Qualys FreeScan' to scan computers and apps on the Internet or in your network, detect security vulnerabilities and the patches needed to fix them, view interactive scan reports by threat or by patch, test websites & apps for OWASP Top Risks and malware, test computers against SCAP security benchmarks.

SAINT - Security Administrator's Integrated Network Tool - Security testing tool from SAINT Corporation. An updated and enhanced version of the SATAN network security testing tool. Updated regularly; CVE compatible. Includes DoS testing, reports specify severity levels of problems. Single machine or full network scans. Also available is 'WebSAINT' self-guided scanning service, and SAINTbox scanner appliance. Runs on many UNIX flavors.

NMap Network Mapper - Free open source utility for network exploration or security auditing; designed to rapidly scan large networks or single hosts. Uses raw IP packets in novel ways to determine what hosts are available on the network, what services (ports) they are offering, what operating system (and OS version) they are running, what type of packet filters/firewalls are in use, and many other characteristics. Runs on most flavors of UNIX, OSX, Win.

OWASP Security Testing Tools Listing - Listing of commercial, free, and open source security testing tools, source code analyzers, and binary analysis tools via the OWASP (Open Web Application Security Project) site.

Top 125 Security Tools - Listing of 'top 125' network security tools from survey by Gordon Lyon/ (Includes various types of security tools, not just for testing.)

Return to top of web tools listing

External Site Monitoring Services

Monitis - Monitoring service - websites, networks, cloud, servers, apps with a unified dashboard. Website uptime and response time, Server health, Network performance, Custom metrics, and more. It’s fast and intuitive. Easy-to-use API, integrations and plug-ins; archived performance history is stored for 2 years. More than 35 strategic monitoring locations. Free and $paid versions available.

CloudReady - Monitors web pages, transactions, DNS and network path performance for internal and external web and SaaS applications. Easily deployed on-premise or from multiple locations throughout the world and captures real-time end-user experience with notifications and crowd-sourced benchmarks. From Exoprise Systems Inc.

AppBeat - Web-based monitoring service from Appbeat; supports integration with HipChat, OpsGenie, PagerDuty, Pushover, Slack, StatusPage and webhooks, alows monitoring of various protocols, multi-location monitoring and public status. Capabilities include monitoring of web server certificates for validity and send alert before expiration; listen for periodic server ping responses; check connectivity for arbitrary port using TCP or UDP protocols; check DNS server entries for correct address resolution; check email servers (IMAP, POP3, SMTP); native support for HTTP and HTTPS protocols with granular control over web request creation: you can choose HTTP method (GET, POST, HEAD, ...), HTTP version, IP version, set authentication or use response matching. Free and paid plans available.

Web Performance Monitor - Monitoring service from Solarwinds Worldwide LLC; key features include continuous synthetic transaction monitoring, detailed load-time metrics, monitor from multiple locations, browser-based transaction recorder, transaction recording. For Windows servers.

Monkey Test It - Automated (no coding) website tester with scheduled checks/alerts as well as an API for easy CI system integration. Detects issues in JavaScript, CSS, broken links, oversized mobile pages, and other common mistakes; checks all page elements. Based on analysis of the most common issues that most websites have, and development of custom software for identifying these issues. Free (limited) and $paid versions available.

Apica Synthetic - Synthetic site monitoring service provides real browser monitoring, in real time - from many locations worldwide across Chrome, Firefox and IE browsers. Produce performance and SLA reports for technical & managerial staff. Monitor up to 5 websites or applications. Use advanced scripting tool or record, edit and replay network traffic from any application or device—without writing any code. Can use Selenium IDE scripts. Options include SaaS solution, hybrid, and on-prem deployments. Integrate with AppDynamics, New Relic and Dynatrace.

UptimePal - Site monitoring service for periodic checking of site availability, performance, and content validation. Real time dashboard includes response times by monitoring location, pie chart of uptime percentage, and logs detailing performance, quality and alert listings. 15 worldwide monitoring locations available. Receive instant alerts via email, text/SMS, phone call.

Testomato - Automated SaaS-based web site monitoring/testing in the cloud from Testomato s.r.o. Paid plans can run tests as often as every 5 minutes.

Monitor.Us - Free website, network, server, mobile and open API monitoring services from Monitor.Us. Monitor all areas of you IT system with a single-view dashboard and have complete visibility of your infrastructure with cloud based monitoring tools. Monitoring frequency - every 30 mins, from two different locations; history available for 24 hrs. Premium $$ service also available.

SuperMonitoring - An online tool for monitoring website uptime, its content and basic functions. 60 second checking frequency. Instant email and mobile text (SMS) alerts. Powered by Superheroes.

Monitive Website Monitoring Service - Monitoring services for websites, MySQL, FTP, POP3, IMAP, DNS and many other. Periodically checks a site from multiple worldwide locations and sends notifications when they go down via SMS text, email or Twitter DM. It also monitors performance by measuring server connect, transmit and response times, executes automatic diagnosis, sends weekly reports, displays charts and more.

Check my Website - A SaaS service from Novateek SARL to remotely monitor website availability and performance every minute (or less) from various locations around the world. Notifications via email and SMS are fired when problems occur. Site screenshots included in reports. Free service also available for Open Source projects and non profit organizations.

Uptrends Website Monitoring - Service from Uptrends LLC to monitor websites, servers, transactions, performance, SSL Certificates and more from a global and end-user perspective, all from the cloud.

GotSiteMonitor - Web site uptime monitoring service from Vannet Technology provides five free website monitors with 5-minute monitoring interval. Monitor website downtime/slowness, track website performance, check webpage content, check SSL secure certificate. Free limited phone/sms alert credits. 12 monitoring locations across 4 continents. Flexible monitoring location configuration. Upgrades available to paid plans.

Sentinel - Comprehensive web site monitoring tool from Reflective Solutions. Simultaneously monitors multiple system components (OS, DB servers, app servers, web servers, etc). Enables staff to easily understand problems and identify root causes. Can provide detailed historical data, trend analysis, and customizable reporting, tables and graphs. Configurable alert thresholds and notification settings. Components include controller, viewer, and resource monitor packs for a variety of OS's, databases, web servers, and apps.

Alertfox - Real browser website and web application performance monitoring service from iOpus Inc. Supports transaction monitoring of sites that use complex HTML, AJAX, Flash, Flex, and Silverlight. In-depth root cause analysis for trouble-shooting sporadic issues.

SiteBeam - External site monitoring service from Silktide Ltd. Enterprise tool for automatically testing website accessibility, SEO, speed, spelling, cookie law, W3C compliance, check for analytics, redirections, broken links, and more. Test and compare scores between websites, e.g. competitors and peers.

SiteObservers - Monitoring services checks web site availability and performance from outside the firewall with monitoring locations worldwide.

IP-label.newtest - An external availability and performance monitoring solution for internet services (websites, streaming, mail servers etc) and business applications based upon an extensive network of measurement points worldwide which provide real-time insight into how internet users experience a website.

100Pulse - Online Website Monitoring service from HIOX Web Services; free and paid services available. Monitor websites, Port and DNS Servers for availability and performance; free Instant alerts through E-mail, RSS Feed and Google gadget; analyze site's periodic performance through graphs, charts and statistical data; periodical Reports customizable by all users

EZ Web Site Monitoring - Service can keep tabs on your website and competitor websites in one easy report. Monitor uptime, response time monitoring, weekly error checking; track keywords and popularity, and always know when it changes.

SiteUpTime - Basic plan for monitoring one web site is free; others $. Highly configurable service options, multiple monitoring locations around the world; if more than one location detects a connection failure a notification is sent.

Panopta Advanced Server Monitoring - Web site monitoring service and outage management system from Panopta LLC for online businesses and service providers, with the ability to detect outages immediately, provide notifications, and provide a team the right tools to resolve the outage quickly. Checks services every 60 seconds using global monitoring network.

Pingdom - Web site monitoring services from Pingdom AB; monitor uptime, performance, simple or complex transactions. Includes current and historical reporting; world-wide network of monitoring servers.

Site 24x7 - Monitoring of website uptime & performance from multiple geographical locations; monitor multi-step web applications or e-business transactions; monitor DNS servers & email server round-trip time; instant alerts for any downtime or threshold violations; email/SMS alerts and reports. Also available are free accounts with limited services for personal use.

WebSitePulse - Monitoring service from WebSitePulse. Simultaneous monitoring from multiple global stations; alerts sent when web page errors occur, performance thresholds are exceeded or connectivity problems are detected and verified from up to three independent monitoring resources, and when unauthorized content changes are detected. Supports cookies; monitors and verifies file size, MD5 checksum, present or missing text string. Customizable alert escalation schedules, configurable 'Do Not Disturb' times for contacts.

SiteMorse - External site monitoring services from SiteMorse - runs a periodic full report - clients can request to be notified if there is any change to the sites scores. Enterprise clients have the option of setting such thresholds on any one of over 300 tests.

eXternalTest - Site monitoring service from eXternalTest. Periodically checks servers from different points of the world; view what customers see with screen shots using different browsers, OSs, and screen resolutions.

internetVista - Service from Lyncos remotely monitors web sites and Internet services for availability (http, https, smtp, ftp, pop, nntp, tcp). Notifications sent via email and SMS. Monitoring centers in U.S. and Europe. Free service also available, with limited features.

Host Tracker - Site monitoring service from Host Tracker; monitor an unlimited number of resources, distributed monitoring points, possible monitoring of CGI scripts' operation, keyword presence control, can specify keywords by regular expressions, unlimited number of addresses for server error notifications, historical statistics.

Neustar Website Monitoring - Transactional application monitoring service from Neustar. Can simulate defined web transactions, such as customer logins and purchase order fulfillment, up to every five minutes to verify application availability and performance. Scriptable alerting - can identify problems with connectivity, time-outs, SLA violations and more, plus fire off events. Utilize commonly used browsers: IE, Firefox, Chrome or all; or monitor with emulated browsers. Worldwide monitoring network, using real or emulated browsers.

Vertain Monitoring Service - Services from Vertain Software include verification that web site is up and running and that users can complete multi-page transactions. Also available: Free service for up to six tests per day.

AlertBot - Monitoring service from InfoGenius, Inc. tests website availability, performance, and alerts webmaster of downtime. Also provides ftp, http, pop3, snmp, https, smtp, ip, and dns server monitoring.

1stMonitor - Site monitoring service notifies when a web site is down or new content has been posted. Easy and simple to use. Email notification. Weekly and monthly reports; instant setup.

SiteTechnician - Service of SiteTechnician LLC, identifies broken links, analyzes accessibility, reports on search engine optimization, monitors page load times and provides eight reports to help manage changes to website content over time. - Web site monitoring service from PingALink LLC; remotely monitors websites and other Internet protocol servers for availability and performance issues. Sends detailed error codes via pager, email, ICQ, etc. RFC compliant protocol checks assure valid monitoring. Extensive reporting.

AlertSite - Web site monitoring tools and services from SmartBear Software to ensure website/services/API's are available and performing optimally. Includes mobile web monitoring capabilities using iPhone, iPad, Blackberry and Android, etc. Immediate notification of problems via e-mail, pager, cell, or SMS. Monitoring from multiple locations around the world. Freeand $ versions available.

elkMonitor - Service from Elk Fork Technologies for websites and other Internet servers; monitors availability and performance. Utilizing multiple test servers located on various Internet backbones, elkMonitor can alert users when sites or servers are unavailable or performing poorly. Alerts via email, pager or SMS alert.

Catchpoint Real User Monitoring - A web performance monitoring solution from Catchpoint Systems, that relies on JavaScript tags to capture the performance of the webpages for the actual end users of the site. It provides insight on the performance of the pages and its impact on the business.

Catchpoint Synthetic Monitoring - Site monitoring service from Catchpoint Systems, monitors the performance of webpages, APIs, DNS, and FTP from multiple locations around the world. Provides detailed analysis that assists in quick detection of problems and quick resolution times. Includes support for Selenium transaction scripts.

AlertMeFirst - Service from Commerx Corp. reports on the performance and availability of a web site from customer's perspective; including experience with mail server, proxy server, transaction server, databases, etc. Flexible design allows changes to monitoring profile at any time and payment is required only for services used each day.

PureAgent - Service from Minq Software that monitors response times from the agent to a server, by replaying transactions at specified intervals. This includes static and dynamic web applications as well as other server applications. Capabilities include specifying limited access for certain users (such as historical stats only), encryption of stored scenarios, and viewing/downloading of raw XML definitions of Scenarios/Activities.

Dotcom-Monitor - External website monitoring/alerting/load testing service; monitoring locations worldwide. Supports full-cycle sequential transactions; 'macro recorder' capabilities for setting up monitoring of complex web site processes such as online ordering; monitoring of sites, email and FTP services, DNS and router monitoring; includes a wide variety of online and downloadable reporting tools.

SiteGuardianPro - Site monitoring solution from SmileyTch provides 24x7 monitoring of downtime, user experience, and application problems. Includes recommendations for resolving issues found. Configururable notification method and intervals.

WatchDog - Online website tracking and monitoring services from NEtwork Solutions; geared to small business web sites. Provides uptime and load time reports, downtime alerts, etc. Distributed monitoring from multiple worldwide sites.

SiteScope - Hosted web-based monitoring service from Microfocus (formerly HP, formerly Mercury); agentless monitoring solution designed to ensure the availability and performance of distributed IT infrastructures including servers, operating systems, network devices, network services, applications.

Dynatrace Application Monitoring - Monitor real user data, application performance, infrastructure and cloud environments. Get all metrics in real-time. Auto-detects all application dependencies and tracks transactions across all tiers. Ability to capture and track every swipe, every click, for every transaction, every user, 24x7x365. Captures timing and code-level context for every transaction, method, and service across all tiers. Learns how your application environment performs and proactively detects anomalies. AI technology tells you where and why applications break down.

Return to top of web tools listing

Web Site Management Tools

(This section includes products that contain: site version control tools, combined utilities/tools, server management and optimization tools, and authoring/publishing/deployment tools that include significant site management or testing capabilities.)

Dareboost - Online service for testing, analyzing, and monitoring web pages. Includes: performance testing for page speed using 11 test locations and real Chrome browsers; web page analysis using 100+ checkpoints for SEO, Security, Performance, with optimization guidelines provided; comparison and benchmark analysis; performance synthetic monitoring for monitoring page speed at preset intervals.

Simply Testable - Web-based service provides one-click full-site automated HTML validation, CSS validation, JavaScript static analysis (using a configurable JSLint) and broken link checking.

Vervy - Free online tool - just enter a url. Checks how well a page follows the Google guidelines; has explanations and backround information on each guideline. By Patrick Sexton.

Nuxeo - Open source platform for Enterprise Content Management enabling architects and developers to build, deploy and run the best content-driven applications in an easy way. Nuxeo applications can be configured with no programming experience, and extended using standard Java EE technologies.

Radiant CMS - A no-fluff, open source content management system designed for small teams. Features: elegant user interface, flexible templating with layouts, snippets, page parts, and a custom tagging language, extension/plugin system, simple user management and permissions.

BugDigger - Web bug reporting tool from BugsIO Solutions, Inc; works as a plugin for Chrome, Safari, MS IE and Firefox, adds a bug reporting button to browser toolbar. Automatically collects contextual data that may be of use to developers to isolate the bug to a specific area. Capabilities include screenshot of the web page, screenshot annotation editor, current and recently opened URLs on the web site, browser details, and more. Can send bug reports to hosted My BugDigger service or, via API's, to your Jira, Bugzilla, Fogbugz, Basecamp, Mantis, etc.

Webriq - Web-based site management and editing tool with drag and drop capabilities, for web, social and mobile marketing initiatives. From Webriq Pte Ltd, includes multiple language interfaces.

A1 Website Analyzer - Website analyzer and link checker from Microsys, also can check response times, spell check, html and CSS validation, track file sizes, check for page title duplication; optimize internal page link structure to maximize SE page rankings, list all images where one or more references are missing "alt" text. Also available is 'A1 Sitemap Generator' for crawling and generating sitemaps of large web sites. For Win and Mac platforms.

BrowserCMS - Web content management system from BrowserMedia LLC for creating, managing, and publishing dynamic, information driven websites. Direct in context editing. Supports larger teams of editors, allows for varied permission models, customizable via modules. Browse by an intuitive sitemap of folders and pages Search for content, or browse by content type. Extensible Content API. Compatible with multiple server OS's and web servers; runs on Ruby on Rails. Related app available as an open source CMS .

SortSite - Desktop tool from Electrum Solutions that checks pages against W3C and IETF standards, checks for compliance with accessibility standards; link checker, browser compatibility checker; checks for regulatory compliance, checks site against Google/Yahoo/MSN search guidelines, more.

Ahrefs - Web-based Site mgmt tool collection from Ahrefs Pte. Ltd. Includes tools for for improving marketing and SEO, competitive analysis capabilites, keyword research tools, content research tool, link building tools, rank tracking, web monitoring, more. Reference data set of 30 petabytes; daily crawls 6 billion web pages.

DeepTrawl - Site management tool from Deep Cognition Ltd. finds dead/slow/invalid links, finds common html flaws, has integrated HTML editor with problem highlighting, finds stale content. Finds slow content based on configurable settings, checks for undesirable user postings, exports to CSV / HTML, more. Downloadable tool for Win or Mac.

WebWatchBot - Web site monitoring, notification, and analysis tool for web sites and IP Devices, from ExclamationSoft Inc. Capabilities include real-time charting of response times for multiple items, reporting of historical data, comprehensive dashboard view of all monitoring. Monitor web page transactions - execute any monitored item in sequence, handle login and web form posting, run as a windows service or application. Requires Windows, MSIE, SQLServer.

Savvy Content Manager - Content management tool from Savvy Software Inc. Simplified editing process - click on an area of your web site in Savvy's browser-based interface, update the information and then publish to the Web with another click. No coding, no file transfers, no additional software.

WebCEO - Tool from includes a site maintenance module. Includes link checker, WYSIWYG editor, FPT/publishing, traffic analysis, and site monitoring capabilities.

IBM Tealeaf CF - Web application Customer Experience Management solution from IBM (formerly from TeaLeaf Technology Inc.) that provides detailed visibility into availability and functionality issues to enable efficient problem identification, isolation, and repair. Captures and monitors real user sessions, providing context and correlation data for application failure analysis. Add-on capabilities include a 'Dashboard' to provide real-time, customizable views of success/failure rates for key online business processes and other critical metrics, and 'Real Scripts' automatically generated from recorded user sessions for use in specified other load testing tools.

PROGNOSIS - Comprehensive tool from Integrated Research Ltd. for performance and availability monitoring, network management, and diagnostics; suited to large systems.

Enterprise Content Management Suite - Enterprise and Digital content management systems from Open Text Corp, designed to help organizations with digital transformation. Creates a centralized, unified information grid, connecting information from across the enterprise with the people and systems that need it,

Cuevision Network Monitor - Monitoring tool from Cuevision for monitoring website, server, services, applications, and network; capabilities include notifications via email, net send, and popup, restart apps and services, etc. For Windows.

GFI Network Server Monitor - Server management tool from GFI Software Ltd. checks network and servers for failures and fixes them automatically. Alerts via email, pagers, SMS; automatically reboot servers, restart services, run scripts, etc. Freeware version of GFI Network Server Monitor is also available; includes modules to check HTTP and ICMP/ping for checking availability of HTTP and HTTPS sites.

WebLight - HTML validator and link checking tool from Illumit LLC. Free for use on small sites, low cost for large sites. Works on multiple platforms.

Trellian InternetStudio - Suite of web site management utilities from Trellian including site upload/publishing tools, text editor, HTML editor, link checker, site mapper, spell checker, site spider, image handling, HTML encryptor/optimizer, HTML validator, image mapper, e-commerce site designer/generator. For Windows.

Serena Collage - Content management tool from Serena; browser-based, scalable content management platform for content contributors distributed across an organization. Works with content from any platform or application. Enables collaboration, version control, activity tracking, administration, templates, styles, approval workflow, multi-lingual support, more. Runs with a variety of platforms, web servers, and DB servers.

Alchemy Eye - System management tool from Alchemy Lab continuously monitors server availability and performance. Alerts by cell phone, pager, e-mail, etc. Can automatically run external programs, and log events.

Web500 CMS - Web content management and site maintenance solution from Web500. Add-on modules allow capabilities such as WAP, e-commerce, payment processing, customer relationship management, and more.

HTML Rename - Site Migration/Batch processing tool from Expandable Language that enforces file naming conventions (case, length, invalid chars), renaming the files to match the convention, then correcting the links to those files automatically. Eliminates problems encountered when moving files between Windows, Mac, and UNIX systems and publishing to CD-ROM. For Mac or Windows.

IPCheck Server Monitor - Server monitoring tool from Paessler AG. Alerts webmasters if a webserver is not working correctly via sensor types PING, PORT, HTTP, HTTPS, HTTP Transaction, DNS, SMTP, POP3, SNMP, and custom sensors. Notifications can be triggered by downtimes, uptimes, or slow responses. For Win platforms; has a web-based user interface.

Oracle WebCenter Content - Content management tool uses a web-based repository, where all content and content types are stored for management, reuse and access. Capabilities include digital asset management, records management, image management via itelligent data capture, annotation and markup of images, automates routing and approvals; capture, secure, share and distribute digital and paper-based documents and reports.

Percussion CMS - Web content management product from Percussion Software; content development, publishing, version control, and customizable workflow. Manages Web content, documents, digital assets, etc. Responsive mobile templates. Dashboard allows marketers and website managers to view site performance, visitor activity, content updates, and potential problems. Built-in SEO audit tool. Keeps track of all page and file locations dynamically - when a page is moved/renamed, all references are automatically updated to avoid broken links.

Broadvision - Suite of content and publishing management tools from Broadvision Inc.; allows a distributed team of non-technical content experts to manage every aspect of site content, including creation, editing, staging, production, and archiving.

HTML-Kit - Free, full-featured editor from designed to help HTML, XHTML and XML authors to edit, format, lookup help, validate, preview and publish web pages. Uses a highly customizable and extensible integrated development environment while maintaining full control over multiple file types including HTML, XHTML, XML, CSS, XSL, JavaScript, Perl, Python, Ruby, Java, and much more. Finds errors and provides suggestions on how to create standards compliant pages. Includes internal, external, server-side and live preview modes; FTP Workspace for uploading, downloading and online editing of files; and the ability to use hundreds of optional free add-ins through its open plugins interface. GUI support of W3C's HTML Tidy; seamless integration with the CSE HTML Validator. Validate XML documents using its DTD and/or check for well-formedness. Hundreds of free plugins available for extending and customizing HTML-Kit. Pro plugins available to paid registered users.

WebCheck - Windows application from Peregrine Software that runs in background and periodically checks a site for availability and correctness; searches for keywords; provides notification by displaying a message or sending an e-mail.

WS_FTP Pro - FTP/web publishing tool from Ipswitch; manage, upload, and update websites; automatically resume interrupted transfers; support more than 50 host file systems; drag-and-drop files; for Windows.

A1Monitor - Utility from A1Tech for monitoring availability of web servers. Capabilities include notification by email and automatic reboot of web server. For Windows.

AgentWebRanking - Freeware tool from AADSoft to monitor site's search engine position, improve search engine ranks, submit URL's. Searches top engines for keywords; can specify search depth. Also has keyword count for pages vs competitor's pages; auto or manual submit of URL's to search engines, meta tag creator. Requires MSIE and Windows.

WebSite Director - Web-content workflow management system from CyberTeams Inc. with browser-based interface includes configurable workflow management, e-mail submission of web content, and e-mail notifications; allows defining and applying existing workflow and approval rules to web content management process. For Windows, UNIX.

XMetal - XML development tool from Justsystems, Inc. for XML-based web site authoring and validation. Uses XML standards such as the Darwin Information Typing Architecture (DITA). Publish XML content directly from author’s desktop to a variety of customer-facing output formats including PDF, EPUB, Kindle, HTML, online help systems and more. Integrate authoring with virtually any repositories, CMS's or source control systems. Can handle ontent in right-to-left languages. For Windows.

PowerMapper - From Electrum Multimedia; for customizable automated site mapping, accessibility and usability checking, HTML validation, link checking, CSS validation, browser compatibility, and more. Requires Windows and MSIE.

Dreamweaver - Tool from Adobe to design, code, and publish responsive websites; support for HTML, CSS, JavaScript, and more. Create, code, and manage dynamic websites easily with the simplified coding engine. Access code hints to quickly learn HTML, CSS, and other web standards. Includes starter templates that you can customize to build HTML emails, About pages, blogs, e-commerce pages, newsletters, and portfolios. Code coloring and visual hints help you read code more easily for quick edits and updates. Git support enables management of your source code within Dreamweaver and performance of all common operations right from the Git panel.

NetObjects Fusion - Site authoring/management tool from NetObjects Inc. Visual site structure editor, layout editor, graphics management, staging/publishing control. Includes capabilities for mobile wbe sites. For Windows.

Content Management apps listing - Large listing of content management apps, in Wikipedia. Includes info re: Proprietary, Open source, etc; Platform (java, php,, Perl, python, etc.) supported databases and latest release date.

Return to top of web tools listing

Other Web Test Tools

Window Resizer chrome extension - Enables emulation of various resolutions - helps test layouts on different browser resolutions. Resolutions list is completely customizable (add/delete/re-order). You can set the window's width/height, window's position, preset icon (phone, tablet, laptop, desktop). Option to apply the new dimensions to the entire window or just to the viewport. Also features customizable global key shortcuts, an option to export your settings and import them on another computer and more.

Page Ruler chrome extension - Draw a ruler to any page and view the width, height and top, bottom, left and right position, drag the edges of the ruler to resize it; use the arrow keys to move and resize the ruler, show guides extending from the ruler edges, manually update the size and position of the ruler from the toolbar to make precision changes, enable "Element Mode" to outline elements on the page as you move your mouse over them, navigate through parents, children and sibling elements of any measured element.

XPath Helper - Chrome extension that makes it easy to extract, edit, and evaluate XPath queries on any webpage.

FireShot Chrome extension - Full webpage screenshots; capture, edit and save them to PDF/JPEG/GIF/PNG, upload, print, send to OneNote, clipboard, email, gmail. Can edit and annotate captures.

Ghostery browser extension - Browser add-on works with most browsers; allows switching 3rd party items in page on/off; helps test for functional impacts if users block certain items or if 3rd party items block or delay loading of certain component(s) of you web pages.

HTTP Archive Viewer - HAR file viewer chrome extension; allows you to inspect HAR log files generated by browser. HAR (HTTP Archive) files can be generated by most browsers and contain a log of HTTP requests and responses, they can also contain body content. Excellent for debugging HTTP sessions.

Protractor - Open source test automation framework for AngularJS apps. A Node.js program built on top of WebDriverJS, which uses native events and browser-specific drivers to interact with your application as a user would. Can automatically execute the next step in your test the moment the webpage finishes pending tasks, avoiding waits for your test and webpage to sync.

Siesta - JavaScript unit testing tool from Bryntum AB that helps test any JavaScript code and also performs testing of the DOM and simulates user interactions. Can be used together with any type of JavaScript codebase – jQuery, Ext JS, React, Angular etc. Using the API, you can choose from many types of assertions ranging from simple logical JS object comparisons to verifying that an HTML element is visible in the DOM. Free 'lite' version for running tests in the browser; paid version can run from command line, enables automation, has an event recorder, can integrate with selenium, can generate code coverage reports, and more.

Linktropy WAN emulators - WAN emulators, from Apposite Technologies allows users to test applications under a spectrum of real world network connectivity conditions in a controlled, repeatable test environment. By making emulation quick and easy, with easily-configured emulators, users can simulate network bandwidth, delay, jitter, packet loss, congestion, and other important link impairments at speeds of up to 1 Gbps per link.

Browsersync - Open source tool for keeping multiple browsers & devices in sync when building/testing websites. Works by injecting an asynchronous script tag right after the body tag during initial request. Can eliminate many repetitive manual tasks such as URL pushing, form replication, clicks, scrolls, etc. Customise an array of sync settings from the UI or command line to create a personalised test environment. Easily integrated with your web platform, build tools and other Node.js projects. Built on Node.js to support Windows, MacOS and Linux. Browsers are automatically updated as you change HTML, CSS, images and other project files.

HTML Comments Parser - Open source tool written in Python - visits user provided URL's and extracts the comments (HTML style, C style single line and multi-line) and writes the summary to a file. Among the extracted comments it will also search for user provided keywords (like password, pswd, passwd, author etc.) and writes those lines containing them to a file. This is useful for checking if any sensitive information is part of the comments.

Time Machine - Software virtual clocks from SolutionSoft Systems Inc. that enable 'time traveling' of apps into the future or the past, facilitating time shift testing on date and time sensitive application logic, such as month end, quarter end, year end processing, billing cycle, work flow, regulatory go live, and policy life cycle. Transparent to apps and databases so no code modification is required to do time shift testing and the system clock is never modified.

TimeShiftX - Date and time simulation software from Vornex, Inc. that enables instant "time travel" for web & software apps in the future or past to temporal test all date and time sensitive functionality and code such as end of year/month/quarter, daylight savings, leap year, billing, rates, policies, etc. Employs user level virtual time containers to provide simulated dates & times to apps & DB's. Virtual times can be in the future, past, frozen, or accelerated/decelerated.

SPOF-O-Matic - Chrome extension from Patrick Meenan (developer of detects likely third-party single points of failure as you browse and allows you to simulate 3rd party resources being unavailable so you can see what the impact would be on a page/site.

ScienceLogic Hybrid IT - Monitor and visualize cloud-based infrastructure as well as on-premises infrastructure - enables increased efficiency in offloading resources, controlling costs and cloud sprawl by seeing the linkage of technologies between off- and on-prem resources, and ensure application uptime. Gain complete visibility by seeing the interdependencies across your infrastructure from both high-level and detailed views. FromScienceLogic Inc.

MS Site Scan - Free online service from Microsoft - run a quick code scan on any URL to check for out-of-date libraries, layout issues, cross-browser issues, responsive design issues, content compression, image alt attribute issues, accessibility, and more.

Browser Screenshots - Free online service from Microsoft renders a URL in multiple common browsers and devices. Just enter a URL.

Trickle - A lightweight userspace bandwidth shaper for Linux. Can run in collaborative mode (together with trickled) or in stand alone mode. Download and upload rates can be set separately, or in an aggregate fashion. Can set the maximum download speed of your browser by creating a custom launcher via a simple command.

Yeti - Open source command-line tool by Reid Burke for launching JavaScript unit tests in a browser and reporting results without leaving your terminal. Designed to work with tests built on YUI Test, QUnit, Mocha or Jasmine just as they are. Capabilities include server-side AJAX testing with echoecho, JUnit XML output to work with Jenkins, optional Selenium/WebDriver browser launching. Requires Node.js

Buster.JS - An open source JavaScript test framework for node and browsers. Ships with collection of assertions, two built-in front-ends (xUnit style test cases, and BDD style), several reporters, and a simple API for building your own reporters. Supports deferring a test so it doesn’t actually run, but you get notified of deferred tests every time you run your test suite. Ships with Sinon.JS - every test in a test case has a sandbox associated with it, making it easy to mock and stub without worrying about side-effects beyond the scope of the test.

Weinre - WEb INspector REmote. Open source debugger for web pages, like FireBug (for FireFox) and Web Inspector (for WebKit-based browsers), except it's designed to work remotely, to enable debugging of mobile device web pages. Although most mobile devices now have built-in tools to enable this, some (such as Windows Phone 8 as of mid-2015) do not.

Karma - Open source tool that allows execution of JavaScript code in multiple real browsers (desktop, mobile, tablets, etc.) testing locally during development. Powered by Node.js and Oriented to test-driven development. Although not a testing framework it can be used or adapted as needed, and has ready-to-go support for Mocha, Jasmine, and QUnit. Works with multiple browsers including IE, Firefox, Chrome, Safari, Opera, PhantomJS.

Mocha - Open source JavaScript test framework running on node and the browser. Tests run serially, allowing for flexible and accurate reporting, while mapping uncaught exceptions to the correct test cases.

Laika - Open source testing framework for Meteor. Can evaluate code of both the server and client on a single test. By default uses tdd style; has option to change to bdd style. Each test runs against a separate instance of your meteor app and a clean mongodb database. Works with both meteor and meteorite.

JS-Test_Driver - Open source Javascript test driver; aim is promoting good TDD practices and making writing unit tests easy.

Testem - Open source Javascript Unit testing testrunner. Supports Jasmine, QUnit, Mocha, Buster.js, others via custom test framework adapters. Run tests in all major browsers and Node and PhantomJS. Supports TDD — streamlines TDD workflow; supports continuous integration - works with CI servers like Jenkins or Teamcity. Supports OS X, Windows, Linux; Preprocessor support for CoffeeScript, Browserify, JSHint/JSLint, etc.

Istanbul - Open source JS code coverage tool that computes statement, line, function and branch coverage with module loader hooks to transparently add coverage when running tests. Supports all JS coverage use cases including unit tests, server side functional tests and browser tests, for node and browser. Can be used on the command line as well as a library.

Closure Linter - Javascript style checker from Google Developer tools that checks files for such issues as operator placement, missing semicolons, spacing, presence of JsDoc annotations, etc. as per guidelines in the Google JavaScript Style Guide ; automatically fixes many common Javascript errors.

Email2DB - Tool from Parker Software to automate incoming Email Messages, Twitter Feeds, Web & Data Sources, create triggers based on message content to automate your processes and send auto-responses.

STB Tester - An open source video-capture record/playback system for automated testing of set-top boxes and similar devices, from David Röthlisberger. Can record a test case by listening for remote-control keypresses, taking screenshots from the set-top box as it goes; includes image-matching capabilities. Written on top of GStreamer, a library of media-handling components. Test scripting is in Python.

Robot Framework - Open source test automation framework for acceptance testing and acceptance test-driven development (ATDD), from Nokia Siemens Networks. Has a tabular test data syntax, uses keyword-driven testing approach. Can be extended by test libraries in Python or Java. Provides easy-to-read reports and logs in HTML format, and a command line interface and XML based outputs for integration into existing build infrastructure. Provides support for Selenium for web testing as well as support for Java GUI testing, running processes, Telnet, SSH, etc.

Skytap - Cloud-based application development and test solution from Skytap Inc. provides developers and test engineers with scalable cloud based virtual data centers (VDC) that can run apps/sites without rewrites; publish specific environments to different testing teams; scale load testing capacity on-demand. Create isolated test environments for wide variety of OS, database, browser, and app combinations and capture state (memory, network settings, data, etc) of multi-machine configurations and save as templates. Each configuration is network fenced, enabling installation of intrusive tools and restoration to a safe known version.

Feedback Roulette - A free service for anonymous exchange of feedback about websites, by Michael Dadashyan. You review others' websites and they review yours. Members assign scores to each others' reviews to specify how useful the feedback is. Based on that the reviewer's reputation is calculated. The system then uses the reputation to match reviewers. All reviews are anonymous, allowing people to say openly what they think. Also there is a powerful system of ratings and reputation which helps to match reviewers with each other. Premium memberships also available via PayPal subscription or redeeming Feedback Points.

Charles - Web debugging proxy app by Karl von Randow at XK72 Ltd is an HTTP proxy / HTTP monitor / Reverse Proxy that enables viewing all the HTTP and SSL/HTTPS traffic between the browser and the Internet. This includes requests, responses and the HTTP headers (which contain the cookies and caching information). For Win/Mac/Linux.

Email on Acid - Service to preview an email in more than 40 variations of the most popular mobile devices, web-based email clients, and email apps. Tests can be run 3 ways - insert a URL, cut/paste HTML code, send an email directly to Email on Acid account. Uses two approaches: a) Screen Captures - the email is sent through each email client application with a screen capture of the final result, b) Code Based Simulations - a code based simulation of the email is generated by analyzing and parsing the HTML and CSS code much like each of an actual email clients does, and test results are displayed from within a web browser; for web based email clients, the email is displayed as it would appear in the browser being used to run the test. Free and $ versions of service available.

Litmus - Email preview service via screenshots of how email would appear in more thaqn 30 mobile devices and email clients. Allows uploading the HTML or sending a test email. Also provides cross-browser landing page and website testing, in addition to the email previews, by generating landing page previews in 8 different web browsers.

View Dependencies - Firefox extension adds a tab to the Page Info window, in which it lists all the files which were loaded to show the current page. It orders the files by servers and by types (image, stylesheet, script, ...). The size of each file, the total size per server and the total page size are displayed. With a context menu, can open any file in a new tab or new window; can also copy a url to the clipboard.

Web Developer - Firefox extension with a vaireity of useful capabilities; one of the more popular Firefox extensions for dev/testing. Capabilities include inspect, edit and disable CSS, graphics; browser resizer; much more.

Greasemonkey - Firefox extension enable user to customize the way a web page displays or behaves, by using small bits of JavaScript; hundreds of useful Javascript snippets available.

FireShot - Firefox extension that creates screenshots of web pages entirely and enables annotations. save as PNG/GIF/JPEG/BMP. Also available for Google Chrome and IE.

RedBot - An open source tool that checks HTTP resources for feature support and common protocol problems. Public instance available, or you can install it locally and use it on the command line, or self-host your own Web checker.

Xpresser - An open source Python module which enables trivial automation of GUIs via image matching algorithms. Note: though Xpresser uses gtk to implement its features, there’s nothing specific to gtk on the features and interface that Xpresser offers. Can use on its own or embedded in other apps.

Flash-Selenium - The Flash-selenium open source project extends the Selenium RC clients for adding Flash communication capabilities. Enables direct testing of the UI components of a Flex application.

Selenium-Flex API - The Selenium-Flex API allows automation of Flex applications using the popular test automation tool Selenium. The API is easy to set up and can be done with only basic working knowledge of either Flex or Selenium. Requires Firefox and inclusion of the Selenium-Flex API in Flex app build. Spell Checker Online free spell checker and link checker from C# computing.

HTTPDebugger - HTTP Traffic Analyzer tool from that enable effective debugging of http headers and http content. Analyze HTTP headers, POST data, cookies, error codes and SOAP envelopes; measure the size, execution and downloading time of dynamic web pages; view the traffic from browser add-ons, ActiveX components and Java applets; decode HTTPS connections and gzip/chunked encodings; see complete stats in charts and diagrams. Supports a variety of browsers.

Spello - Open source web site spell checker; run as a windows form or command line. Supports English (US and UK), French, German and Spanish (Spain and Mexico) dictionaries. More dictionaries can be downloaded from Html based log file. Written in C#, requires Microsoft.Net 3.5 SP1, the setup program has a bootstrapper to install it.

T-Plan Robot - A black box automated testing tool developed on generic image based testing principles; provides a human-like approach to software testing and performs in situations where other tools may fail. Support of Java test scripts as well as a proprietary scripting language; record & replay capability; support of testing over the RFB protocol (better known as VNC); ability to perform black box GUI testing of mobile phones (Windows Mobile, Symbian, iPhone); open architecture with a generic plugin interface and well documented programming interfaces. Platform independent (Java); runs on, and automates major systems, such as Windows, Linux, Unix, Solaris and certain mobile platforms.

System Shephard - An IT Performance Monitoring and Operations Management Platform for web and other systems; from Absolute Performance Inc. Modules include StressWalk and WebWalk. Delivers an enterprise-wide view of system performance and alert status; supplies analysis and reports based on real-time, recent, and historical data

Twill - Simple open source Python-based scripting language for web browser control from a command-line interface. Navigate through Web sites that use forms, cookies, and most standard Web features. Supports automated Web testing

Web Testing Plugin collection - Large collection of links to and short descriptions of open source utilities and tools for web testing, unit testing, assertions, mocks, fixture utilities, reporting, validators, code coverage, etc. Mostly for Ruby, maintained by Benjamin Curtis

UTE - Automated 'usability testing environment' from Mind Design Systems, Inc. Assists in quantitative usability evaluation of websites and web applications; automates capture of usability data in detail not easily done by a human observer. Consists of a) a 'UTE Manager' which helps set up test scenarios (tasks) as well as survey and demographic questions, and compiles results and produces customized reports and summary data; and b) a 'UTE Runner' which presents test participants with test scenarios (tasks) as well as any demographic and survey questions; the runner also tracks actions of the subject throughout the test including clicks, keystrokes, and scrolling.

Venkman Javascript Debugger - Firefox extension; open source JavaScript debugging environment for Mozilla based browsers.

XPather Firefox add-on by Viktor Zigo. Has rich XPath generator, editor, inspector and simple extraction tool. Requires the standard DOM inspector plugin for FF3.

FlexMonkey - Free legacy testing framework for Flex apps, from Gorilla Logic. Capabilities include capture, replay and verification of Flex UI functionality. Can generate ActionScript-based testing scripts that can easily be included within a continuous integration process. Uses the Flex Automation API and was created by extending Adobe's sample automation adapter, AutoQuick.

FunFx - A free Ruby test framework for functional testing of Adobe Flex applications Enables driving a Flex application through a web browser.

UnmaskParasites - A free online service that checks web pages for hidden illicit content (invisible spam links, iframes, malicious scripts, unauthorized redirects and other signs of security problems By Denis Sinegubko/Sucuri Inc. Just type in the URL of the web site to be checked.

File Comparators - Web testing - or any type of testing - often involves verification of data vs expected data. While this is simple enough programmatically for single data points or small data sets, comparison of large amounts of data can be more challenging. This site, maintained by FolderMatch/Salty Brine Software, a windows file/folder comparator tool vendor, lists a large number of Win data comparators.

TMX - Keyword driven test automation product from Critical Logic, provides automated, fully annotated, executable scripts for QTPro, Watir, TestPartner, and SilkTest. Imports the objects that make up an application (radio buttons, entry fields, etc.) and builds an Object Tree containing all elements and attributes subject to testing. Then automatically generates the executable test scripts and test documentation. 'Virtual Objects' allow building of test scripts from requirements in parallel with code development.

Google's Website Optimizer - Google's service for testing variations in site design (titles, images, content, etc) to determine impacts on conversions, user actions, traffic, or other goals.

ItsNat - Open source Java AJAX component-based web development framework provides a natural approach to web development; leverages 'old' tools to build new AJAX based Web 2.0 applications. Server centric using an approach called TBITS, "The Browser Is The Server": simulates a Universal W3C Java Browser at the server mimicking the behavior of a web browser, containing a W3C DOM Level 2 node tree and receiving W3C DOM Events. Contains significant built in functional web test support.

HTT - Open source scriptable HTTP test tool for testing and benchmarking web apps and for HTTP server development. Can act as client (requesting) and server (backend for reverse proxies). Pattern matching answers (both server and client) to test validity. Supports chunking in request and response.

HTTPWatch - An HTTP viewer and debugger plugin for MS Internet Explorer for HTTP and HTTPS monitoring without leaving browser window. Real-time page and request level time charts;millisecond accurate timings and network level data. Includes automation interface that can be used by most programming languages. Supports filtering of requests by criteria such as content types, response codes, URLs, headers and content. Basic free and paid versions available.

TextTrust - Online service for one time or periodic full site spell checking; report includes listing of each text error with URL, built-in spelling mistake highlighter; correct your errors with Google suggestion lookup. System learns as it checks, detects industry terms and buzzwords such that only real errors are reported.

WireShark - Network protocol analyzer available under the GNU General Public License. Capabilities include deep inspection of hundreds of protocols, live capture and offline analysis, standard three-pane packet browser, runs on most platforms. Captured network data can be browsed via a GUI, or via the TTY-mode TShark utility; rich VoIP analysis; read/write a very wide variety of different capture file formats. Live data can be read from Ethernet, IEEE 802.11, PPP/HDLC, ATM, Bluetooth, USB, Token Ring, Frame Relay, FDDI, and others. Decryption support for many protocols, including IPsec, ISAKMP, Kerberos, SNMPv3, SSL/TLS, WEP, and WPA/WPA2. Coloring rules can be applied to the packet list for quick, intuitive analysis. Output can be exported to XML, PostScript, CSV, or plain text

BWMeter - Bandwidth meter, monitor and traffic controller, which measures, displays and controls all traffic to/from computer(s) or on your network. Can analyze the data packets (where they come from, where they go, which port and protocol they use). For Windows platforms. Shareware.

Fiddler - Free HTTP Debugging Proxy from Telerik which logs all HTTP traffic between your computer and the Internet. Inspect all HTTP Traffic, set breakpoints, and "fiddle" with incoming or outgoing data. Includes a powerful event-based scripting subsystem. Handles HTTPS encryption/decryption. Leverage Fiddler and the Geoedge global proxy network to monitor, inspect and debug traffic from over 130 locations. Fiddler's Composer tab enables authoring of arbitrary HTTP(S) requests using any HTTP method, url, headers and body, and the many Inspectors permit examination of responses of any type. Includes a Request History pane to allow simple reuse of existing requests. The Scratchpad capability enables displaying a list of requests and executing requests as needed including via requests expressed in curl syntax. Can resend selected saved requests singly or sequentially, automatically verifying each response’s status code and body match the original response. Has many useful addons. Works on most browsers/OS's/platforms.

HTTP Interceptor - Low cost pseudo Proxy server that performs http diagnostics and enables viewing of the two way communication between browser and the Internet. View http, asp, http header, data headers, responses. Demo version Free and paid versions available.

Expecco - A component based, modular test and quality assurance platform from eXept Software AG, which aims at the consolidation of tests and partial test systems into an automated, interactive test center. Enables productivity improvement in creation and maintenance of test scenarios, includes extensive debug features and flexible integration into existing enterprises. Features include utilization of UML 2.0 and Selenium libraries.

Aptixia IxLoad - Highly scalable, integrated test solution from Ixia Inc. for assessing the performance of Triple Play (Voice, Video and Data services) networks and devices. IxLoad emulates IPTV and Triple Play subscribers and associated protocols to ensure subscriber Quality of Experience (QoE). Protocols supported include video protocols like IGMP, MLD, and RTSP; voice protocols like SIP and MGCP; and data protocols like HTTP, FTP, and SMTP. Can be used to test critical aspects of the infrastructure like DNS, DHCP, RADIUS, and LDAP services, as well generate malicious traffic to test for security. Also available are a wide variety of other related performance test tools to help accelerate the migration of communications and entertainment to IP.

Chickenfoot - An open source Firefox extension from MIT that creates a programming environment in the Firefox sidebar, enables writing of scripts to manipulate web pages and automate web browsing. Scripts are written in a superset of Javascript that includes special functions specific to web tasks.

sketchPath - Free XPath Editor and XML analysis and testing tool by Phil Fearon supporting XPath 1.0 and 2.0. Capabilities includes: Provides integrated graphical environment for viewing XML files, developing and testing XPath expressions against them and managing the expressions in file libraries. Auto-Generate XPath locations by selecting from XPath result list, regular expression result list, element tree view, element nodes list, XML text editor, etc. Import XPath Expressions from an XML source (e.g., XSLT). auto-complete uses 'Look-Ahead' to list available location and value nodes when typing, XSD schema validation with fully-navigable invalid elements list. Use regular expressions to resolve XPath locations. And more. For Windows platforms.

Tools4Internet - Free on-the-web tools for determination/testing of various web page/site characteristics; results presented in convenient tabbed summary format. Includes browser/server security information tool for viewing details of http headers sent from web server and browser, along with other information obtainable via javascript and other publicly available means. Web Content Analysis capability includes response time, web page code comments lines, anchors, scripts, etc.

Filemon - Free tool from Microsoft monitors and displays Windows file system activity on a system in real-time. Timestamping feature shows when every open, read, write or delete, happens, and its status column indicates outcome. Useful in security testing, monitoring/testing of web servers etc. Also available (links available on Filemon page): RegMon - a Registry monitor; Process Monitor - a process and thread monitor; DiskMon - a hard disk monitor.

AceLive - Tool from OpNet Technologies Inc. for end-user experience monitoring and application performance management. Spans network monitoring, measurement, and detection of SLA violations, and can bridges seamlessly into integrated and detailed transaction-level troubleshooting with OPNET’s ACE Analyst.

Charles - An HTTP proxy/monitor/Reverse Proxy that enables viewing all HTTP traffic between browser and the Internet, including requests, responses and HTTP headers (which contain the cookies and caching information). Capabilities include HTTP/SSL and variable modem speed simulation. Useful for XML development in web browsers, such as AJAX (Asynchronous Javascript and XML) and XMLHTTP, as it enables viewing of actual XML between the client and the server. Can autoconfigure browser's proxy settings on MSIE, Firefox, Safari. Java application from XK72 Ltd.

Paessler Site Inspector - A web browser that combines MSIE and Mozilla/Gecko into one program; it's Analyzing Browser allows switching between the two browser engines with the click of a mouse to compare. Freeware.

CookiePie Browser Extension - Firefox/Chrome extension from Nektra enabling maintenance of different cookies in different tabs and windows. For example developers working on web software supporting multiple users or profiles can use CookiePie to simultaneously test their software with each user without needing to open a different browser.

Test Architect - Keyword-driven test automation tool from LogiGear Corp. Supports IE/Edge, Firefox, Chrome, Safari, Win, Mac, Linux, Android, iOS, REST, SOAP, XML, JSON, image-based comparison testing, data-driven testing, BDD testing and a wide variety of 3rd party controls. Integrates with MS TFS/Visual Studio/MTM, Quality Center, Jira, Zephyr, Jenkins. IDE with real-time interactive debugging Supports Python, C#, Java. command-line execution, remote execution, parallel execution, distributed testing.

Morae - Usability test tool for web sites and software, from TechSmith Corp. for automated recording, analyzing and sharing of usability data. Consists of 3 components. A Recorder records and synchronizes video and data, creating a digital record of system activity and user interaction. An Observer component enables geographically dispersed observers to watch usability tests from any location; it displays test user's computer screen along with a picture-in-picture window displaying the test participant's face and audio; Remote Viewer observers can set markers and add text notes. The Manager component includes integrated editing functionality for assembly of important video clips to share with stakeholders. For Windows.

TestGen - Free open-source web test data generation program that allows developers to quickly generate test data for their SOAP/WSDL web services before publicly or internally releasing the web service for production.

Fiddler - A free HTTP Debugging tool from Telerik/Progress Software Corp. Acts as an HTTP Proxy running on port 8888 of local PC. Any application which accepts an HTTP Proxy can be configured to run through Fiddler. Logs all HTTP traffic between computer and the Internet, and allows inspection of the HTTP data, set breakpoints, and "fiddle" with incoming or outgoing data. Includes a simple but powerful JScript.NET event-based scripting subsystem. Free, for Windows; run on Mac via VM.

IP Traffic Test and Measure - Network traffic simulation and test tool from Omnicor Corp. can generate TCP/UDP connections using different IP addresses; data creation or capture and replay; manage and monitor throughput, loss, and delay.

VisitorVille - Site traffic monitoring tool from World Market Watch Inc. that depicts website visitors as animated characters in a virtual village; users can watch their web traffic as if they're watching a movie.

Sandra - 'System ANalyser, Diagnostic and Reporting Assistant' utility from SiSoftware. Provides large variety of information about a Windows system's hardware and software. Includes CPU, mainboard, drives, ports, processes, modules, services, device drivers, ODBC sources, memory details, environment settings, system file listings, and much more. Provides performance enhancing tips, tune-up wizard, file system and memory bandwidth benchmarking, more. Reporting via save/print/fax/email in text, html, XML, etc. Free, Professional, and other versions available in multiple languages.

Dummynet - Flexible tool developed by Luigi Rizzo, originally designed for testing networking protocols, can be used in testing to simulate queue and bandwidth limitations, delays, packet losses, and multipath effects. Can be used on user's workstations, or on FreeBSD machines acting as routers or bridges.

Co-Advisor - Tool from The Measurement Factory for testing quality of protocol implementations. Co-Advisor can test for protocol compatibility, compliance, robustness, security, and other quality factors. Has modules for HTTP (RFC 2616) and ICAP (RFC 3507) protocols . Other info: runs on FreeBSD packages, Linux RPMs, Windows (on-demand); available as on-line service, binaries, or source code.

PocketSOAP - Packet-capture tool by Simon Fell, with GUI; captures and displays packet data between local client and specified web server. Can log captures to disk. For Windows; binaries and source available; freeware. Also available is PocketXML-RPC and PocketHTTP.

TcpTrace - Tool by Simon Fell acts as a relay between client and server for monitoring packet data. Works with all text-based IP protocols. For windows; freeware. Also available: ProxyTrace open source tool.

XML Conformance Test Suite - XML conformance test suites from W3C and NIST; contains over 2000 test files and an associated test report (also in XML). The test report contains background information on conformance testing for XML as well as test descriptions for each of the test files. This is a set of metrics for determining conformance to the listed W3C XML Recommendation.

MRTG - Multi Router Traffic Grapher - free tool by Tobi Oetiker utilizing SNMP to monitoring traffic loads on network links; generates reports as web pages with GIF graphics on inbound and outbound traffic. For UNIX, Windows.

Return to top of web tools listing