Skip navigation

Bug deBug Workshop – Foundations of web performance testing – A tool-agnostic tutorial

Take a look at what Rahul Verma has to say about his workshop.

Introduction

I’ve put together this workshop to focus on the concepts that form the basis of any successful web performance testing project. It covers the full performance testing life cycle. Unlike its cousins, performance testing hugely depends on the simulation of not just one user, rather on the simulation of a user community. Even an incorrect performance test would give results and beautiful plots which can be analyzed and a report can be furnished. More often than not, such performance tests are incorrectly designed and hence the performance data collected is wrong. This workshop focuses on HTTP protocol, planning and designing a performance test in the right manner, scripting challenges and so on.

As per my observation, testers often confuse performance testing knowledge with the knowledge of using a tool. A given performance testing tool just provides a sub-set of features to support performance testing with its own flavor of the scripting language, GUI design, number of components, monitoring options etc. If one has knowledge of web performance testing, then the usage of any given tool would be more effective. Also, as testers need to switch frequently from one tool to another based on the context, having solid foundations on the core subject comes handy.

Methodology

Presentation, Questioning, Debating, Exercises

Intended Audience

Any tester or developer who wants to explore the intricacies of web performance testing

Audience Pre-requisites

Some prior experience in web application testing or development would be a plus.

Contents

  • What performance means and how to find it
  • Performance testing lifecycle
  • HTTP Protocol – What a performance tester needs to know
  • The concept of a web proxy
  • Planning and designing performance tests
  • Challenges in Scripting
  • Monitoring Considerations
  • Results Analysis
  • How a performance test tool maps to the discussed concepts

Register for the workshop
Limited seats only!

About Rahul Verma:

Rahul has the experience of designing and implementing multiple test automation solutions. The automation solutions range from specific implementations for performance testing, white box testing, fuzzing, auto-generated empirical analysis of quality of builds from automated tests, distributed testing and the likes to generic object oriented test frameworks that are used by multiple teams including developers and testers. He is a regular columnist for Testing Experience magazine (Germany) with the series “Notes on Test Automation”, where he writes on various untouched topics in test automation, heavily drawn from his experience in implementing the same using Python. His experiments with Python and fuzzing made him the first to present on the subject of fuzzing at any software testing conference, voted as the Best Innovative Paper Award by audience. He moved on to present extended tutorials on the subject with demonstrations of exploits using Python.

To his credit, he has done web performance evaluation for American Airlines, Brown University, Riyadh Bank and many others. He presented a lightening note on how to convert all functional tests into heuristic performance tests at Google Test Automation conference (GTAC-2010). He runs the Testing Perspective (www.testingperspective.com) website for which he was awarded the Testing Thought Leadership Award by PureConferences. Rahul has presented at several conferences, organizations and academic institutions including GTAC, CONQUEST, STeP-IN, ISQT, TEST2008, Yahoo! India, McAfee and IIT Madras. He is a member of the Working Party for the ISTQB’s Advanced Level Test Certifications and is the president of Indian Testing Board’s Bangalore TMM Chapter.

He is the author of two free e-books on Python – “How Would Pareto Learn Python” and “Design Patterns in Python”, freely downloadable from his website. He has presented several workshops of the subjects of Python, web security testing, web performance testing, and agile testing.

Bug deBug Workshop – Security teting for software

Take a look at what Santhosh Tuppad has to say about his workshop

Did you ever wanted to hack the applications that you are testing? Did you ever wanted to start testing for security right away? If the answer is “Yes” then this workshop is definitely for you. I, being a hacker since 16 believe in hands-on training rather than just showing some slides with definitions and flow diagrams however; I will not be excluding the slides but use them in a minimal fashion. So, to summarize it would be a workshop where we say, “Let the hacking begin”. I would relate the security aspects to different things which would help you in understanding the concepts better way where you could visualize. I would be calling the volunteers to take part in various exercises. We are going to have loads of fun and exciting hacking stuff. Without much ado, here are the contents for this workshop.

Contents

1. Introduction about Security Testing & Hacking

  • What hacking is and what hacking is not?
  • White hat, Black hat, Gray hat, Script Kiddies
  • Hackers and what they could potentially do
  • Cases of hacking that has caused huge loss (Case Studies)
  • Why knowing tools doesn’t really mean you are hacker
  • Security testing and hacking – are they different?
  • How you should advice your customers about security
  • Laws related to hacking and how you should be aware of the laws before you test / hack

 

2. Talking about Physical Security and Software Security

  • Social Engineering attacks can be very bad
  • Cheat Sheets
  • Things to keep in mind with respect to Physical Security

 
3. Web Application Security

  • How secure is the web?
  • How functionally correct software is fundamentally incorrect on security?
  • Developing Bug Advocacy Skills to help others understand about risk

 

4. Desktop Application Security

  • Hacking licenses and extending the licenses
  • Data theft using malware / trojan embedded into the software

 
5. Tools / Add-ons / Utilities to aid for security testing

  • Mantra browser
  • Tamper Data, Cookie Manager, Hackbar and more
  • Wireshark
  • And more

 
6. Hands-on training

  • Exercises on SQL injection
  • Exercise on Cross site scripting
  • Exercise on Tampering Data
  • Exercise on Brute Force and Dictionary Attack
  • Exercise on Social Engineering Attacks
  • Exercise on Bug Advocacy for Security Bugs
  • And more

 

7. Question and Answers with Discussion

Target Audience

Testers, Developers and Students who want to learn “How to test software for Security?”

Note for Participants

I insist participants to bring their laptop with them to facilitate learning. Most of the time will be used for hands-on exercises and not having laptop would just look like theory and you might miss out the fun of not really experiencing “Hacking or Security Testing”.

If you do not have a laptop then you can pair up with another participant who has got a laptop.

One more cool news for participants is: Even after the workshop you can get in touch with me for any help regarding security testing either through chatting or e-mail communication.

Register for the workshop
Limited seats only!

About Santhosh Tuppad:

Santhosh Tuppad is known for his testing skills and winning many testing competitions across the world. He is an avid testing blogger and a testing enthusiast. Security, Usability, UX and Web Accessibility testing are his core strengths. He has published his articles in testing magazines – a few of those being Testing Circus, STP Pro and Logigear. He has also conducted Security testing workshop for one of his clients. While many youngsters at his age were thinking about job security, Santhosh was game to start his own testing services company http://moolya.com.  Santhosh blogs at http://tuppad.com/blog/ and tweets at @santhoshst.

Bug deBug Workshop – Skilled exploratory testing in agile context

Can you imagine there is a testing workshop where no slides will be shown? And, it is experiential other than being hands on where participants test and at are facilitated to see their own mistakes and learn from it. Welcome to this workshop on exploratory testing.

Pradeep Soundararajan, a synonymous name to exploratory testing in India must have facilitated this workshop to more than three thousand testers so far. He does this workshop a thousand times better than what he did a couple of years ago. Being hands on tester himself, he engages testers, leads and managers to the problems they might be facing to what they don’t know they are facing but they should know.

It will be fun, humorous, engaging, energetic and exciting.

What would be covered?

  • Passion for software testing
  • Exploratory testing – history, brief, people, changes, research, current progress
  • Styles of exploratory testing – freestyle, partially scripted,  mission, charters
  • Session Based Test Management
  • Tools for Session Based Test Management
  • Heuristics & Oracles
  • Test Strategy & Approaches
  • Skills for testing
  • Test Coverage
  • Mind maps in testing
  • How to test in agile context
  • Consulting notes from testing done in agile context
  • Problem solving – Bring your testing problem to the table and it will be jiggled to see how it settles

Exercises:

  • Testing (yes, you will test) – applications, objects
  • Exploratory testing demonstration
  • Session Based Test Management Demonstration
  • Mind mapping



Take a look at ‘How Pradeep teaches software testing

Register for the workshop
Limited seats only!

About Pradeep Soundararajan:

Pradeep Soundararajan is the Founder & Managing Director at Moolya (www.moolya.com) which caters to international and domestic companies ranging from start-ups to multibillion dollar companies. He wears many different hats and has done well with each of them. Some of the hats he wears are Entrepreneur hat, Coach hat, Consultant hat, Speaker hat, Author hat. His blog http://testersted.blogspot.com is one of the most widely read testing blogs from India. He is an invited speaker at international conference. He remains to be hands on tester and can find bugs faster and better than what he did in past. If you were to compare testing to martial arts and if you were to want a comparison of a particular style in martial art (like the snake fist) to testing, Pradeep’s style of testing is the “Test Coverage Fist”.

Pradeep has been awarded “Testing Thought Leader” by Vipul Kocher at Test 2008, New Delhi and Bach Brothers (James and Jon) awarded Pradeep with a “Testing Legion of Merit” in CAST 2011, Seattle, USA

Oh, by the way, there are only a few people who haven’t laughed to Pradeep’s humour J