simioni87
commented
3 years ago Hi Alex
I do not really see the benefit of the matrix despite of the nice looking overview. Maybe I do not fully unserstand what you mean, but from my point of view you are able to do all your matrix tests with no additional efforts and without any changes in the current implementation. Just define your three sessions and set the session on which you are currently testing to "Not Running" (button at the status panel). The status of this session is then delcared with "NA" in the table. With this setup you can proceed for all three users and you will have all the testing outputs in the same table...
Best regards Simon
When testing for multiple user roles, there are usually distinctive features set available to each role and we (as pentester) usually want to test each individual role.
To illustrate what I suggest let's say we have three (3) distinct roles:
A thorough test would be to set the tokens for each role and then start manually interacting with the application.
In this case three (3) different, left panel view (request and bypass) should be generated as we would want to test as an admin, can doctors and clients repeat the request, then we want to test the application as a Doctor and check if Admins and Clients can repeat the requests.
In short what we want is a matrix.
Sorry if I have not been super clear, happy to elaborate on this if needed.
Kind regards, Alex