Speedy Development, Smarter QA- How GreyB Keeps It Simple
It's autonomouse QA!
Latest
Building DX - Developer Experience
Testing is often perceived as the gatekeeper of products, causing deployment delays. This common misconception overlooks the significant role testing plays beyond merely testing and managing bugs. They are instrumental in shaping a product that users will love. And smoother developer experience. You may be wondering how? Thinking like a
Band-Aid Product or Scalable Product: Using Testing as Fuel
If opening this article would have taken more than 2-3 seconds, you'd probably be annoyed. This is the expectation we have now from anything we use. Whether it’s internet speed, instant Google searches, Netflix streaming, or 10-minute delivery, we demand speed and efficiency. First movers have a
How Process Debt Slows Down a Product?
Imagine taking shortcuts during construction to finish a building faster. While it might be tempting at first, neglecting proper procedures can lead to problems down the line like this: In the product language, these problems are called Technical Debt. For those who don't know what this is. It&
The Efficiency Trap - Building Fast vs Building Right
Every customer's question: What Kind Of Product Are You Building?. But in the early stages, focusing solely on the vision can be a recipe for disaster. How can someone understand your GRAND vision if the product itself is still taking shape? Building for the Wrong Reasons If you
How can a user design your feature?
General opinion: There's a hyped term - go into the user's shoes and you'll make what they would like. Then, you can run campaigns to verify certain hypotheses, take surveys, have interviews, etc. Or see from analytics what could have happened. Or the best
Is complex password safe?
Which of the following is a safer password? 1. wG1eqe#4D 2. therearemanyunpopularopinions General opinion: 1 is safer because it has capital, small letters, numbers, special characters, etc. It’s harder to break. Probably it will take many months to break it. It is impossible for a person to guess
How long does it take to find the root cause of a failure in your system?
General opinion: Five mins? Five days? (Dare I say it) I have no idea, we sit until it’s found out. This must have happened when your production would have gone under crisis. The whole team would have come up forming a crew to fix up. Alternate opinion: If your
How did you make your feature deadline?
General opinion: That’s the feature - planned. It will take me X no of days to implement the feature - implementation. For fixing the mess-ups a day more added - buffer. Deadline: X+1 days. Alternate opinion: If my colleagues at GreyB would be your QA. Bye-bye, your deadline.
Why do many websites ask for work emails instead of personal emails while registering?
General opinion: Being in an industry that works with organizations and not with individuals, it is considered to be useful to have their work emails to create a relationship of retention. There’s no whose account is it? disputes and easier handoff organizations. Alternate opinion: In addition to the above,
Quality != Test cases Count
Choose one - 60 test case or 10 for one function? General Opinion: More the test cases, better the code. So, 50. Alternate Opinion: If you choose 50, It’s better don’t spend time on writing test cases, just do the development rather - it would be less waste
A Problem vs The Problem
Situation: I can access this after being even when my access is revoked. Problem: You missed a check in a function. General opinion: Add the missing condition in that function and push it to production. Time took to fix: A few mins - Quick approach Impact level of the fix:
How to use Wireshark to capture and monitor packets?
In the last article, I had shared after this article you’ll master LAN sniffing. I hope you have tried your hands on the techniques shared in it. Then, let’s go and learn. How to use Wireshark? Wireshark is an open-source packet analyzer that can be used to capture,
Lean Approach
Open Test Strategy
It's similar to open source libraries, which are open telling about some extent in generic ways. Then, why not tests? Test teams establishing stuck on planning how to setup, it's about sharing that. It's about sharing how someone can test using similar strategies and not exactly the test suites.
Lesson Learnt from Bugs
Can ChatGPT still write you exploits?
What if I tell you it can still give you this: If you’re reading this article, I assume you would know about DAN. A popular method used to get over ChatGPT before it became ChatGPT 4. Well, the more mysterious this world of AI is, the more is bypassing
Meterpeter the heart of Post exploitation
With the ending of the last article, we have successfully exploited a system, now what? As a pentester, when you’ll share vulnerability with the organization, you’ll have to show them the impact. This article is about creating that level of impact. Post exploitation — The last step In post-exploitation,
Lesson Learnt from Bugs
Email attacks that are proven to be devastating
Clients are called the weakest links to take advantage of. They get stuck into the PDF attacks like shared in the last article and email attacks. Like I had said, it’s not only about securing your server, it’s also about helping your clients to take intelligent decisions when
PDF hacking made simple: 5 steps to the power of PDF
PDF hacking is one of the exclusive topics when working in client-side exploitation. This is about creating malicious PDF documents and providing them to the user in some way from the target. In the last article, we talked about the ways by which clients are attacked. Have you tried SET
How to use Metasploit to save tons of time
Metasploit is a powerful tool that is used by ethical hackers to find vulnerabilities on networks and servers. It helps to find the weak spots in the network. I know, how eager you are to know about this tool. Have you completed the rest of the articles on remote exploitation?
Lesson Learnt from Bugs
The 5-Minute, 5-Step ways to exploit SMTP
The secret I’m going to tell you about is — “Control is an illusion”. The topic( SMTP exploit) will also convince you on agreeing to this quote. Have you covered the basics of remote exploitation we discussed in the last article? If not, complete that first because this is the
Everything you need to know about remote exploitation
Everyone wants to turn their GOD mode on when looking for vulnerabilities. Indeed, we have reached that point — Remote Exploitation. This term means finding a way to access the content you don’t have access to. Once found, just wait for the AHHHH moment! Step 3: Exploiting vulnerabilities After acquiring
Easy Security Escapes in a Network by sniffing
Step 3: Sniffing across a network Most hacking Netflix series show scenes about hacking a building network or a Wi-Fi. Would you like to know how that actually happens? If yes, let’s do it then. We’ll learn about various techniques to sniff traffic across a network. Btw, have
Nessus - a sensational vulnerability scanner and beyond
What if a tool automatically tells you about the vulnerabilities of a system? I bet you would love this. You have already explored various manual ways to do information gathering. It’s time to present you with a swiss army knife for information gathering: Nessus Vulnerability Scanner. Ohh! Have you
How to check the open ports of a server?
Whether you are troubleshooting for a network, creating one, or finding faults in a server, the first thing will be to check for its open ports because when you are looking for the security of a house, you would check the doors. Isn’t it? Without wasting time, let’s