|Advanced Penetration Testing|
Speaker : Amarendra Godbole
Aim of penetration testing (pen-testing) is to break into an application while closely approximating an attacker’s behavior. Typical approaches that rely heavily on the usage of security tools produce only tool-based results, and may limit the effectiveness.
In order to closely approximate an attacker’s tactics, more of a mental shift, knowledge about the application, and motivation are required. This paper tries to bridge that gap, and aims to discuss
advanced and sophisticated steps to make the pen-testing effort more effective, and optimize the skills of the pen-tester and the tools.
Starting with planning, recon, deciding the attack surface, tool selection, and final closure, advanced penetration testing will take your understanding about the application to a different level. Overall,
these steps will assist in reasonable assessment of the security posture of an application.
|Agile Testing – Principles and Practices|
Speaker : Anil Karade
Traditional test processes are not adaptive to extensive changes in software. Agile process emphasizes on ability to adapt to changing business needs, customer collaboration, integrated teams and frequent delivery of business values. Agile is an umbrella term that describes a variety of methods including XP and Scrum.
The talk will discuss pitfalls of the traditional testing process. Traditional testing process happens very late in the SDLC Where as Agile process focuses on test-first approach. The talk will explain benefits of going agile. Principles and practices of agile process will be discussed and agile methodologies Scrum and Extreme Programming will be discussed in detail. Purpose of Scrum, its effectiveness, timings and managing the scrum will be discussed. Some of the practices for XP like Pair Programming, Test Driven Development will be discussed. The Talk will also cover the QA role in agile world. The talk will cover the implementation issues while shifting from traditional to agile process. Talk will also include an interactive game for illustration of concepts.
|Designing Software For Testability: A forgotten design pattern|
Speaker :Rohit Nayak
In the semiconductor industry, Design For Testability (DFT) is an essential part of the architecture and design of components. Software designers on the other hand do not pay much (if any) attention to the testing needs of their code.
In this talk we review some core DFT principles like Built-In Self Test, Test Point Insertion, Fault Modeling and Fault Simulation and map them to software testing. Examples of using DFT to create testable software will be given. DFT fits in especially well with the increasing use of Test Automation and Agile Methodologies.
We hope this talk will empower test leads and engineers with knowledge they can use to get their developer counterparts to modify the application-under-test to significantly increase automation, enhance test coverage, run tests faster and reduce the costs of testing.
|Performance and Automation Testing using Apache Jmeter for Agile Environment|
Speaker : Sameer Naik , Prasad Nirantar
Jmeter, a powerful performance testing tool from the Apache Jakarta project, can be used to simulate a heavy load on a server, network or object .This helps to test the strength or to analyze overall performance of the system under different load conditions. It has a Full multithreading framework which allows concurrent sampling by many threads and simultaneous sampling of different functions by separate thread groups. It can test servers eg. Web Server – HTTP, HTTPS, Web Services – SOAP, JUnits, Database via JDBC. Jmeter based tests can be integrated into scheduled builds using build tool like Apache Ant . JMeter and Flex BlazeDS Application Performance Testing can be used in a scenario where the front end is developed using flex, the flex remote objects communicate in the flex AMF format. We can leverage JMeter for such scenario where an AMF message can ride over http and a web application can be tested for performance testing and load testing. Take away for the audience :-
|Smarter Sprint Cycles , Better deliverables|
Speaker : Suma Shastry
Many a times, we see that a single team is responsible for development, QA and support for the product. It’s a challenging environment when multiple fix packs for older versions and a fresh new release goes in parallel and the team has recently adapted to agile practices. In this session, I would detail out a case study and highlight the challenges we faced in our early sprint cycles, how we learnt lessons and applied them to the next sprints and effectively improved upon our deliverables. The following concepts will be covered in this session 1.Being Agile – Effective Planning for the sprints (both Dev and QA) 2.Preparing for the deliverables – defining mile stones (For the sprint) 3.Better delivery – Effective scrums
Audience: Teams following or new to agile methods
Audience will be able to learn the techniques used to plan and deliver sprint items in better way. Challenges presented during the case study would serve as learning to the audience so that those mistakes can be avoided while applying these methods practically.
|Test Automation in Flex|
Speaker : Richa Sharma
Flex is a highly productive, free open source framework for building and maintaining expressive web applications that deploy consistently on all major browsers, desktops, and operating systems.
|Testing Techniques for Mobile Applications|
Speaker : Indira Pai, Basant Chandran
With the fantastic growth of mobile computing platforms such as the iPhone, Blackberry,Symbian, J2ME, Windows Mobile and Android environments, there has been a dramatic increase in the value of mobile applications for most companies.
|Web Test Automation Framework with Open Source Tools powered by Google WebDriver|
Speaker :Nikhil Bhandari, Kapil Bhalla
Amid Nails, Nuts and Bolts the hammer is not enough.
Attempting a task of writing test automation framework which does more than UI testing for rapidly growing web-based applications is a tough task. Many find it tormenting, some attempt it & only a few succeed. You have to apply lots creative ideas and innovative approaches for your test automation project rather than just selecting ONE tool which will do everything for you.
Often the search for a Silver Bullet tool for automating ends in a compromise. In the demanding times when everything is changing rapidly, speed and flexibility cannot be compromised.
In our attempt of combating Automation we came up with TeKila. TeKila is an aggregation of best of various Open Source Powers enabling us to do:
|Write Tests in End Users’ Lingo|
Speaker : Nikhil Fernandes, Chirag Doshi
Many of the testers understand the importance of automated tests which can test the system end to end. There are plenty of tools like Selenium, Watir, White etc. which allow you to drive your web or desktop ui for these tests. The intention of these tests is to mimic the user’s interaction with the system and automatically validate that he could achieve his goals.
Considering this, wouldnt it make sense for tests to talk the same language that an end user understands. Although, When we look around today most of the functional tests talk the language that the browser understands, it goes click button A, enter value in textfield B etc.
In this session we will share various approaches which allow you to build tests which an end user can understand and maybe even participate in writing. We will look at the problems with the usual approach of end-to-end writing tests such as being too verbose and technical.
We will look at the multiple benefits of writing tests in the end user’s language and the different ways in which to achieve it.
Finally, we will look at the key takeaways.