Write a blog post on writing a custom test using Akto’s Test Editor

[Ankita28g]

Akto is an open source API security product.

Your task is to write a blog post on writing a custom test using Akto’s Test Editor on various use cases of your choosing.

🎯 Requirements

• Your article has to be publicly available.
• Your article must tag Akto in any way (hashtag, embedded, link...).
• Your article should be at least 1000 words long.
• Your article should look nice. 👀 Use titles, subtitles, screenshots, images, gifs, or even memes.
• The blog has to be factually correct. Incorrect submission will be rejected.
• You have to deep dive into the product by signup and using it.

✅ Task summary:

• Drop a comment on this issue indicating that you’re working on it.
• Write a blog post with title 'How I wrote a custom test with Akto's Test Editor'
• Publish an article on your favorite platform or website. (Medium, Dev.to, Hashnode...)
• Submit a pull request here.
• Share your work on social media and tag https://github.com/akto-api-security/akto (Reddit / HackerNews / Twitter / Facebook / Linkedin)

🙋🏼‍♂️ Questions:

If you have questions, need any help, or just want to hang out, make sure to join us on our [Discord server](https://discord.com/invite/Wpc6xVME4s).

[nandini584]

Heyy I want to work on this issue can it be assigned to me?

[akash47angadi]

i am working on it

[nandini584]

https://nandini584.hashnode.dev/how-i-wrote-a-custom-test-with-aktos-test-editor

I have made the blog already @Ankita28g

[akash47angadi]

https://dev.to/akash47angadi/how-i-wrote-a-custom-test-with-aktos-test-editor-dap

My blog is ready @Ankita28g

[Ankita28g]

@nandini584

Thanks for your submission. I read the blog. Some of the content is incorrect. I can accept the PR once you solve these issues:

1. your examples are wrong. these tests won't work in Akto:

• Test for SQL Injection Vulnerability
• Test for Cross-Site Scripting (XSS) Vulnerability
• Test for Authentication Bypass

2. The below is a custom test for SQL Injection. This example of SQL injection is wrong. this won't work in Akto.
3. Here's the complete YAML for a SQL Injection test. This YAML won't work in Akto.

Let me know if you need help. Maybe try read documentation and some tests from library to write the above examples and a complete YAML. I will be able to accept PR once it is corrected and are valid YAMLs and examples.

Happy to help!

Happy Hacktoberfest 🎉

[Ankita28g]

@akash47angadi

Thanks for your submission. I read the blog. Some of the content is incorrect. I can accept the PR once you solve these issues:

1. Log in to Akto: Open your favorite web browser and go to localhost:9090. If you're logging in for the first time, you'll need to create an account. This is incorrect.
2. Navigate to Test Editor: Once you're logged in, navigate to the Test Editor section. It should be easy to find in the Akto dashboard. Explain where it is.
3. Start a New Test: Click on the "New Test" button to create a new test. There is no new test button in Akto. This is incorrect.
4. Here's an example of a simple test script: This example is wrong. It's not Akto's YAML. I am not quite sure if you logged into Akto and saw Akto's test library.
5. Lastly, please write in detail the steps, make sure you use right examples. Describe the test format in detail.

Let me know if you need help. Maybe try and read documentation and go through some tests from library to write the above examples and a complete YAML. I will be able to accept PR once all the above are corrected and the blog is factually correct.

Happy to help!

Happy Hacktoberfest 🎉

[nandini584]

Hey @Ankita28g I wanted to know, we are writing a custom test right? so what are those custom tests that I can actually write here and why won't the sql injection one work?

Also Can I include the CSRF code instead of sql injection one which is mentioned in the documentation ? In order to get my PR accepted? Thankyou so much.

[nandini584]

Hey @Ankita28g I have updated the blog, would you please let me know if there are any other improvements to be made ?

[Ankita28g]

Hey @nandini584 can you send me a link to social media post where you published this blog?

[nandini584]

https://twitter.com/nandiniarora584/status/1712111214460035296?t=xgehMB49lMeBHY11MRdMFA&s=19

Here @Ankita28g

[Ankita28g]

Thank you!

[Ankita28g]

your blog is accepted @nandini584. You will receive details on the prize distribution once Hacktoberfest is over. :)

[Ankita28g]

Thanks for your contribution @nandini584 🎉

[akash47angadi]

https://x.com/akashvangadi/status/1712110017674199332?s=20

@Ankita28g, I have corrected my issues, please check.

[hridaya423]

Can i make 1 asw? @Ankita28g

[akash47angadi]

https://x.com/akashvangadi/status/1712110017674199332?s=20

@Ankita28g, I have corrected my issues, please check.

[RaagaAkto]

Hi @nandini584, please fill out this form here so we can send you Akto swags. Will let you know ETA of swags soon, thanks for your contribution! 🚀

[nandini584]

I don't have the permission as mentioned in the form @RaagaAkto

[RaagaAkto]

Hi @nandini584, fixed it, please try again?

[nandini584]

Sure

On Tue, Jan 30, 2024, 3:30 PM Raaga @.***> wrote:

Hi @nandini584 https://github.com/nandini584, fixed it, please try again?

— Reply to this email directly, view it on GitHub https://github.com/akto-api-security/akto/issues/637#issuecomment-1916478912, or unsubscribe https://github.com/notifications/unsubscribe-auth/A3723MQQEYXB7GB3JV46BNDYRDAFVAVCNFSM6AAAAAA5Z4UNRGVHI2DSMVQWIX3LMV43OSLTON2WKQ3PNVWWK3TUHMYTSMJWGQ3TQOJRGI . You are receiving this because you were mentioned.Message ID: @.***>

[akash47angadi]

@RaagaAkto , won't i get Akto swag ? , as i have also submitted

[RaagaAkto]

Hi, @akash47angadi, thanks for filling out the form, you will get Akto swags for your 2 PRs that have been accepted

[RaagaAkto]

Hi @nandini584 , we've received your details, swags should reach you in a month!

[akash47angadi]

@RaagaAkto , I have submitted 3 PRs in total