hasher/TESTING.md

Quick Start & Testing Guide

This guide will help you quickly set up and test the Hasher application.

🚀 Quick Start

1. Prerequisites Check

Ensure you have:

• ✅ Node.js 18.x or higher (node --version)
• ✅ npm (npm --version)
• ✅ Elasticsearch running on localhost:9200

2. Installation

# Navigate to the project directory
cd hasher

# Install dependencies
npm install

# Start the development server
npm run dev

The application will be available at: http://localhost:3000

3. Verify Elasticsearch Connection

# Check health endpoint
curl http://localhost:3000/api/health

Expected response:

{
  "status": "ok",
  "elasticsearch": { ... }
}

---

🧪 Testing the Application

Test 1: Generate Hashes from Plaintext

1. Open http://localhost:3000
2. Enter password in the search box
3. Click Search

Expected Result:

• Display all hash values (MD5, SHA1, SHA256, SHA512)
• Message: "These hashes have been saved to the database"

Test 2: Search for an Existing Hash

1. Copy the MD5 hash from Test 1: 5f4dcc3b5aa765d61d8327deb882cf99
2. Enter it in the search box
3. Click Search

Expected Result:

• Display: "Hash Found!"
• Plaintext: password
• All associated hashes displayed

Test 3: Search for a Non-existent Hash

1. Enter: aaaaaaaaaaaaaaaaaaaaaaaaaaaaaaaa (32 a's)
2. Click Search

Expected Result:

• Display: "Hash Not Found"
• Message: "This hash is not in our database"

Test 4: Bulk Indexing

# Index the sample wordlist
npm run index-file sample-wordlist.txt

Expected Output:

📚 Hasher Indexer
━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
Elasticsearch: http://localhost:9200
Index: hasher
File: sample-wordlist.txt
Batch size: 100

🔗 Connecting to Elasticsearch...
✅ Connected successfully

📖 Reading file...
✅ Found 20 words/phrases to process

⏳ Progress: 20/20 (100.0%) - Indexed: 20, Errors: 0

🔄 Refreshing index...

━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━━
✅ Indexing complete!

Test 5: Search Indexed Words

After running the bulk indexer, search for:

• admin
• 123456
• qwerty

All should return their plaintext values.

---

🔍 API Testing

Using cURL

Test Search API:

# Search for a hash
curl -X POST http://localhost:3000/api/search \
  -H "Content-Type: application/json" \
  -d '{"query":"5f4dcc3b5aa765d61d8327deb882cf99"}'

# Generate hashes
curl -X POST http://localhost:3000/api/search \
  -H "Content-Type: application/json" \
  -d '{"query":"test123"}'

Test Health API:

curl http://localhost:3000/api/health

Using JavaScript Console

Open browser console on http://localhost:3000:

// Search for a hash
fetch('/api/search', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ query: '5f4dcc3b5aa765d61d8327deb882cf99' })
})
  .then(r => r.json())
  .then(console.log);

// Generate hashes
fetch('/api/search', {
  method: 'POST',
  headers: { 'Content-Type': 'application/json' },
  body: JSON.stringify({ query: 'mypassword' })
})
  .then(r => r.json())
  .then(console.log);

---

🎯 Feature Testing Checklist

UI Features

• Search input accepts text
• Search button is clickable
• Loading spinner shows during search
• Copy buttons work for all hash values
• Copy confirmation shows (checkmark)
• Responsive design works on mobile
• Dark mode support (if implemented)

Search Functionality

• MD5 hashes are detected (32 chars)
• SHA1 hashes are detected (40 chars)
• SHA256 hashes are detected (64 chars)
• SHA512 hashes are detected (128 chars)
• Case-insensitive search works
• Plaintext search generates all hashes
• Results display correctly

Data Persistence

• New plaintext is saved to Elasticsearch
• Saved hashes can be found in subsequent searches
• Bulk indexing saves all entries
• Index is created automatically if missing

Error Handling

• Elasticsearch connection errors are handled
• Empty search queries are prevented
• Invalid input is handled gracefully
• Network errors show user-friendly messages

---

🐛 Common Issues & Solutions

Issue: Cannot connect to Elasticsearch

Solution:

# Check if Elasticsearch is running
curl http://localhost:9200

# If not accessible, update the environment variable
export ELASTICSEARCH_NODE=http://your-elasticsearch-host:9200
npm run dev

Issue: Module not found errors

Solution:

# Clean install
rm -rf node_modules package-lock.json
npm install

Issue: Port 3000 already in use

Solution:

# Use a different port
PORT=3001 npm run dev

Issue: Bulk indexer script fails

Solution:

# Ensure file exists and has proper permissions
ls -la sample-wordlist.txt

# Run with absolute path
npm run index-file -- "$(pwd)/sample-wordlist.txt"

---

📊 Verify Data in Elasticsearch

Check Index Stats

curl http://localhost:9200/hasher/_stats?pretty

Count Documents

curl http://localhost:9200/hasher/_count?pretty

View Sample Documents

curl http://localhost:9200/hasher/_search?pretty&size=5

Search Specific Hash

curl http://localhost:9200/hasher/_search?pretty -H 'Content-Type: application/json' -d'
{
  "query": {
    "term": {
      "md5": "5f4dcc3b5aa765d61d8327deb882cf99"
    }
  }
}'

---

🎨 UI Testing

Visual Tests

1. Open http://localhost:3000
2. Check the gradient background
3. Verify icon displays correctly
4. Test responsive layout (resize browser)
5. Test on mobile device or emulator

Interaction Tests

1. Hover over copy buttons (should change color)
2. Click copy button (should show checkmark)
3. Type in search box (should accept input)
4. Submit empty form (should be disabled)
5. Test loading state (network throttling)

---

📈 Performance Testing

Load Test with Apache Bench

# Install apache bench
sudo apt-get install apache2-utils  # Ubuntu/Debian

# Test search endpoint
ab -n 100 -c 10 -p search.json -T application/json \
   http://localhost:3000/api/search

Create search.json:

{"query":"password"}

Expected Performance

• Search latency: < 100ms
• Bulk indexing: 1000+ docs/sec
• Concurrent requests: 50+

---

🔐 Security Testing

Test Input Validation

• SQL injection attempts (should be safe - NoSQL)
• XSS attempts in search input
• Very long input strings
• Special characters
• Unicode characters

Test API Security

• CORS configuration
• Rate limiting (if implemented)
• Error message information disclosure
• Elasticsearch authentication (if enabled)

---

✅ Pre-Production Checklist

Before deploying to production:

• All tests passing
• Environment variables configured
• Elasticsearch secured and backed up
• SSL/TLS certificates installed
• Error logging configured
• Monitoring set up
• Load testing completed
• Security review done
• Documentation reviewed
• Backup strategy in place

---

📝 Test Report Template

# Test Report - [Date]

## Environment
- Node.js version: 
- Elasticsearch version: 
- Browser(s) tested: 

## Test Results

### Functional Tests
- [ ] Hash generation: PASS/FAIL
- [ ] Hash search: PASS/FAIL
- [ ] Bulk indexing: PASS/FAIL
- [ ] API endpoints: PASS/FAIL

### Issues Found
1. [Description]
   - Steps to reproduce:
   - Expected:
   - Actual:
   - Severity: High/Medium/Low

## Performance
- Average search time: 
- Bulk index rate: 
- Concurrent users tested: 

## Conclusion
[Summary of testing]

---

🎓 Next Steps

After successful testing:

1. ✅ Test all features
2. ✅ Fix any issues found
3. ✅ Perform load testing
4. ✅ Review security
5. ✅ Prepare for deployment

See DEPLOYMENT.md for deployment instructions.

---

Happy Testing! 🎉