A place where sofware quality lives

Announce for OnlineTestConf Spring 2017

Yet another interesting free online conference is upcoming! Here is some details about. It’s 2 day online-only conf which has some of the topics to discuss. You may overview the schedule at the following page: http://www.onlinetestconf.com/program/ It’s worthwhile to make some list of the classes you want to visit, so not hang on whilst boring ones is going on.

Some of the topics I’m going to visit:

  • 101 For Building The Right Mobile Test Lab For Your Business
  • Contributing to GitHub is for Everyone
  • Opening Keynote: Testing and AI
  • Crowd Testing Magic
  • Testing Challenges in the Highly Interconnected World of IOT

Event Time: Tue, June 13 (10:00am–3:00pm) and Wed, June 14 (10:00am–3:00pm).
Times presented are in (EDT) Eastern US timezone.
Event Registration: Free. Use this link to register

Announce for online StarEast Virtual Conf 2017

STAREAST Virtual conference on software testing and QA will be streaming live on Wednesday, May 10 and Thursday, May 11 straight to your computer or mobile device from the live event in Orlando, Florida.

Your virtual conference registration is completely free and streams keynote presentations, live interviews, and industry technical presentations, so you’ll get a taste of what it’s like at the actual event. Plus, you can learn about top industry testing solutions all from the comfort of your home or office. See full schedule here.

Event Time: Wed, May 10 (8:30am–5:30pm ET) and Thur, May 11 (8:30am–5:30pm ET)
Event Registration: Free. Use this link to register

dirsearch — поиск скрытых директорий

Тип: python-скрипт
Назначение: веб-кроулер, поиск скрытых директорий и файлов​
Страница проекта: https://github.com/maurosoria/dirsearch
Входит в Kali Linux: нет (в 4.8.0, возможно в будущих редакциях включат)

Плюсы: легко поставить, простой в использовании, мультиплатформенный в силу того что это Python. Кроме того, автором заявлено:
— Multithreaded
— Keep alive connections
— Support for multiple extensions (-e|—extensions asp,php)
— Reporting (plain text, JSON)
— Heuristically detects invalid web pages
— Recursive brute forcing
— HTTP proxy support
— User agent randomization
— Batch processing
Минусы: результат сильно зависит от словарей, по которым работает сканер (словари в Kali лежат в /usr/share/dirb/wordlists/)

Read the rest of this entry »

Announce for «Testing Connected Devices for the Internet of Things»

Broadcast Date: Thursday, February 16, 2017, 2:00 p.m. Eastern
Registration Link: here

The Internet of Things (IoT) and its connected devices are quickly influencing our daily lives. Although consumer goods have received the most publicity, another fast-emerging area is the use of IoT technologies in manufacturing.

Whether for the consumer or the industrial sector, testing embedded and connected devices for the IoT comes with different concerns from traditional software testing. Using industrial IoT as an example, this web seminar will detail the top three software challenges IoT developers and testers face—managing security and vulnerabilities, privacy and regulations, and eliminating silos while maintaining quality—and explore the best practices for addressing them.

Anyone involved in the software development or testing of connected devices will benefit from this web seminar. You will learn:

  • How to effectively manage and maintain an ongoing security assessment for your products
  • How to navigate existing and future connectivity regulations and privacy
  • What software testing tools and processes provide the biggest impact

Behind the proxy: оффлайн-установка Nessus в условиях корпоративной среды

Nessus — это полнофункциональный сканер системы безопасности. Модульная архитектура Nessus позволяет пользователям настраивать его для своих систем и сетей. Как и любой другой сканер, Nessus хорош настолько, насколько хороша его база данных сигнатур. К счастью, Nessus часто обновляется. Он выдаёт подробные отчёты, позволяет сканировать узлы и способен искать уязвимости в реальном времени.

Хитросплетение отношений прямого и прокси-доступа в корпоративных сетях может повергнуть в уныние даже бывалого пользователя. Установка Nessus требует регистрации лицензии, при установке его в офисе может возникать проблема с доступом через прокси, однако разработчик сканера Tenable предоставили возможность проведения оффлайн-активации продукта и установки плагинов (сигнатур) уязвимостей.

Ставить будем на Kali Linux 2016.2

Read the rest of this entry »

Latest webinars this year

December is a great time to threat yourself and get familiar with something new or to refine existing skills. Find below list of upcoming online events, I believe most of them worth to attend.

  • Secure Software Requires the Right Tools. Synopsys cybersecurity expert Jonathan Khudsen will tell about classes of tools work best for locating vulnerabilities and how to use them in the context of product development.  Date and time: 13.12.2016, 2:00 PM ET. Free, registration required.
  • The Future of Test Automation: Leading Experts Share Their Vision for 2017. Test Automation gurus Dave Haeffner, Jim Evans, Simon Stewart and Brian Jordan, about to ​discuss emerging trends, skills, and best practices that will shape your testing environment during 2017. English language. Date and time: 15.12.2016, 10:00-11:00 AM PST. As usual, event is free but registration required.
  • HP invites to discover a HPE User Behavior Analytics, some kind of enterprise DLP (data leak prevention) system with fraud-assessment abilities. Russian language. Date and time: 16.12.2016, 11:00-12:30 (MSK). Free, but registration requried.

Quick automation: Getting Started with Selenium

Selenium is a famous tool and framework which allows you to automate your web-applications testing: record, edit and execute tests.

Selenium consist of two major parts, which can be used independently or in a cooperation, depending on your project needs:

  • Selenium IDE — a Firefox browser add-in with GUI which allows you to do simple record-and-playback interaction with the browser
  • Selenium WebDriver — a framework (API) libraries, which allows you to develop and run tests directly from your IDE

Selenium is open-source software distributed under Apache license (so it’s royalty-free) and has wide community support with addons and guidances.

All this makes Selenium good to use in various kinds of projects, includes commercial.

If you’re about to quickly start with automation some of your manual test cases, you’re on the right path.

Watch the following videos to get familiar with Selenium IDE to record users actions and give a result in minutes. Then we’ll enhance the abilities with the Selenium WebDriver.

Selenium IDE — Record, Play & Expand




Selenium WebDriver — Feel the power




How Dell tests their notebooks

Testing is not only about software. It’s about hardware as well. We may await high reliability from our devices, especially if it’s high-end ones. It should have no damage and continue to work when we accidentally drop it, spill a cup with hot coffee or even sit on it.

Big HW vendors, of course, have their own hardware testlabs where they test all similar cases before mass production starts, and adjust design & materials accordingly. They use various mechanical tools to simulate load, drops, spills, etc. plus monitoring devices to collect results.

Watch these incredible videos how Dell do HW testing of their notebooks.

Case Study: Non-functional testing to Android App+HW bundle

The Internet is full of articles which has description of kinds of testing, including a those where non-functional testing. However it become to hard to find a proper one, especially if we’re talking about a industry-specified devices based on common mobile OS. This kind of devices designed to be serving to specified software for the work on field. Yet it boring to read huge amount of plain text. Thank God, we have such a great tool like Mind Maps, a graphical representation of our thoughts.

Look at the mind map below (which I created using free version of XMind, but there’s plenty of alternatives), it represents (I believe) all kinds of non-functional tests that could be conducted over some Sales App+HW (Android phone+Printer+Payment Terminal) bundle. Click on the picture to see it in the full size.