Daily Learning - Day 24

Date: 22nd February 2017

Below are the topics i learnt today..

Topic 1: Security - User Supplied Input-Data on URL 

If you are testing any website and see any URL and add some characters in the URL. Check what happens.

You may see errors from application or from web server.

Note: Receiving error from web server could share information about your server.





Topic 2: Security - User Supplied Input-Data for Login 

Consider a logon screen that asks for a username and password. If the application returns one error message for an incorrect username and another message for an incorrect password. This means, attacker has guessed either of them .

The danger is that the attacker now knows that he has correct username. Now his next step is to crack the password.



Topic 3: Non-Tech: Apology 

There are 6 kinds of Apologies.

  1. "It's Regretful that.." - It doesn't require you need to admit you did wrong. You're just sorry it happened..
  2. "It seems that errors occurred.." - Acknowledging that something bad happened, but you didn't have anything to do with it.
  3. "Apology directed at another issue or person.." - I'm sorry, you misunderstood my intent.
  4. "Apology used as emphasis to make a point.." - I'm sorry, the show is not good.
  5. "Apologies in Advance.." - I'm sorry, if this hurts to you.
  6. "Deflective Apologies.."  - "I am in search of my soul and peace"
Don't Apologise in expectation of receiving an apology from others.

Don't Apologise if your intentions where misinterpreted. 

Don't Apologise to blame someone else

And.. Don't Apologise for every day behaviours.



Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 23

Date: 21st February 2017

Below are the topics i learnt today..

Topic 1: HTTPS -- But NOT Completely

If you are testing any website and Chrome Browser says: Secured. Don't Assume, its completely secured.

Exercise: Visit the website : https://threatpost.com 

It is HTTPS and Secured Padlock in Chrome Browser.

But if you see the Icons below: Twitter, Facebook etc. are actually not  HTTPS URL's.

Note: Everything should be in HTTPS to be Secured completely.




Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 22

Date: 20th February 2017

Below are the topics i learnt today..

Topic 1:  Basics of testing

There are two kinds of Bugs, which i have never heard before.

Latent Bugs:  The bug that is not identified in the past versions of the software application.

Latent Bugs are dormant or unhidden.
These bugs are not found until one or more releases of the product.


Golden Bugs:  The bug that is occurred in every instances of the application with severity level high and with high priority.

Golden bugs may affect the critical functionality of the system.


Topic 2: Task Management 

Started using a Task Management Chrome Application "TickTick" to track my learning tasks.


Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India