Execute tests swiftly and repeatedly, without requiring manual intervention, even across multiple versions of your application.
A repeatable and consistent process with minimum effort and quick turn-around time to identify and eliminate these bottlenecks.
Remarkably fast and scalable, scan the entire application much faster with broader coverage than a manual pen tester.
API testing should entail scanning for API vulnerabilities. API security testing should be conducted early in development—detecting and remediating problems before they go into production.
Based on HAR recording of your workflow, steps & inter-step variables are imported automatically. You just need to add assertions, select security checks. No need to write scripts.
Regulations like PCI DSS demand that organizations have full control over their data, often requiring them to store it in on-prem environments. You know where your data is and can ensure it's locked down tight.
Empowering more people with low-code testing automation tools. The low-code capabilities of testing workflows allow anyone to automate, extend, and test digital workflows that can unlock productivity.
Use mutation of collected data, naughty strings, detection of sensitive data, valid enough to pass program parser checks.
Check encoded data if use of unknown or untrusted data that may result in abuses of application logic.
Always use TLS encryption, don’t include sensitive information in URLs, rate limiting and safe error responses, etc.
Smart fuzzers generate randomized data valid enough to pass program parser checks, get deep into the program logic, and potentially trigger edge cases and find bugs.
A mutation-based fuzzer takes valid inputs and generates a collection of inputs by changing (mutating) the valid inputs.
A generation-based fuzzer analyses the provided valid input structure and generates entirely new data that matches the valid one from the structure perspective.
Dumb fuzzers produce completely random input without matching the shape of the expected input or generated to match a valid input.
Dumb fuzzers, sometimes, tests a parser than your program.
Dumb fuzzers won’t be able to begin the execution of the application logic and identify potential bugs in that area of the code due to the wholly randomized input that does not match the valid input.
API Workflow Mock Servers Generated Automatically from Webtica Test Results. No Need to write codes from scratch.
Mock servers creation included in Webtica Results (Enterprise version), no need to use full-fledge dev kit for installation.
Rules are generated automatically, no need to code bit-by-bit.
Dynamic Rule Responses generated automatically, no need to build one-by-one.
With variables, Stateful Rules are generated automatically.
Generated automatically from Webtica Test Results, no need to study and build codes for individual API from scratch.
API Sandbox that saves you time. Get working mock REST APIs in seconds from Webtica API workflow test results
Making advanced API testing accessible and hassle-free, even for Security Teams & Users.
API documentation is a set of human-readable instructions for using and integrating with an API.
To generate API Documentation of this API Test Case after running.
View online or Download generated API Documentation of this Test Case.
Dockerized Application  |  Data On-Prem  |  Support Off-Line
No Credit Card | Support Off-line | On-line for login and update
Workflow Testing: Yes
Workflow Scanning: Yes
API Documentation: Yes
Max# User: 1
Max# API Test Cases: 5
Workflow Mock: No
Task Scheduler: No
Email Notification: No
Billed as HK$3,800 or US$488 /user/year
Workflow Testing: Yes
Workflow Scanning: Yes
API Documentation: Yes
Min# User: 2
Max# API Test Cases: 50 * #Users
Workflow Mock: No
Task Scheduler: No
Email Notification: No
Support Multiple Projects | Consultant for Multiple End-Users
Workflow Testing: Yes
Workflow Scanning: Yes
API Documentation: Yes
Min# User: 2
Max# API Test Cases: 50 * #Users
Workflow Mock: Yes
Task Scheduler: Yes
Email Notification: Yes
Firefox as Client | Install On-prem Recorder | Upload Workflow in HAR files 
For Personal use
No Credit Card | No limit on number of runs
Workflow Testing
Workflow Scanning
API Documentation
Max# user: 1
Max# API Test Cases: 5
Workflow Mock: No
Task Scheduler: No
Email Notification: No
WebWatch: No
Billed as HK$3,800 or US$488 /user/year
Workflow Testing
Workflow Scanning
API Documentation
Min# User: 2
Max# API Test Cases: 50 * #Users
Workflow Mock: No
Task Scheduler: No
Email Notification: No
WebWatch: No
Flexible Pricing
Support Multi-Projects | Consultant for Multiple End-users
Workflow Testing
Workflow Scanning
API Documentation
Min# User: 2
Max# API Test Cases: 50 * #Users
Workflow Mock: Yes
Task Scheduler: Yes
Email Notification: Yes
WebWatch: Yes
If it’s not a perfect fit, receive a refund for un-used number of days.
Your information is protected by 256-bit SSL encryption.
The above prices do not include applicable taxes based on your billing address. The final price will be displayed on the checkout page, before the payment is completed
Usage is limited by number of users, number of test cases; Features of email notification and task schedulers are enabled for enterprise version only.
Webitca On-prem a) requires installation of dockerized application; b) able to run without connecting to internet; c) WebWatch is not enabled; d) Do not require Multi-factor authentication after 30 days upon first login.
a) Install Docker on your system; b) download & initialize the docker (internet connection required); c) sign-up (internet connection required) and sign-in; d) create and run test cases.
Webtica (On-prem) requires internet connection only for initialization of license, user account sign up, check and download update dockerized applciation, if any. You don't need internet connection for sign-in, creating & running test cases.
No. You are in total control. Webtica On-prem would not send any of your test data to Internet, including our SaaS platform.
For test cases with cross-tab workflow, application logic involving if-the-else, etc., should be created based on OpenAPI Document, or configuration files created by JMeter.
Yep. When you upgrade or downgrade your account, all charges are automatically pro-rated. That means if you need to, you can cancel any time.
For SaaS version, no. All user accounts are protected by Multi-Factor Authentication (Smartphone based Authenticator) after 30 days upon first successful sign-in.
Unlike UI testing, which tests the look and feel of the application, API testing focuses on the business logic of the application. Also, this testing requires software to send calls to the API. The software will send requests to API, receive output, and compare the actual responses with the expected responses.
There are some cases that automatic request chaining and parameters combination may not be working, such as workflow involving Captcha, scanning of QR codes, One-time Password (OTP), etc; certificate pinning, anti-proxy, missing data of key fields, etc.. However, fall-back to manual input of API request should still be working.