Daily Learning - Day 21

Date: 19th February 2017

Below are the topics i learnt today..

Topic 1: Did a Course on "Fiddler" Tool.

Course: https://www.pluralsight.com/courses/fiddler

Why did i do this course?


  • To Understand, what happens between a client browser and web server.
  • To Use the tool as base to capture the website and know about Request Headers, Response Headers, Status Codes, Source Code
  •  For Security Testing: Changing the Cookies and data and Executing, to see if the application allows it or not.
  • Finally, to learn one tool so that i can use it anytime.





Topic 2: Is Your Website Secured? - Line of Death in Browser

Even if the form submits over SSL, loading the form without SSL means it can be modified by somebody before it's submitted.


The "jetairways.com" website asks to provide sensitive info whilst the browser warns them about your security.




Topic 3:  Basics before testing

The learning about:

  • How World Wide Web Came in Picture
  • How client and server are connected
  • How data gets transmitted from Client to Server
  • Different Types of Protocols used to Transfer the Data 



Topic 4: Weekend Testing Europe 

Today, we had Weekend Testing Europe WTEU-73 Session.

Brainstorming session with attendees to build a university testing course, and home work tasks, book reading recommendations for students.


Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 20

Date: 18th February 2017

Below are the topics i learnt today..

Topic 1: How to Encode the Script using Notepad++

Enter the Script in the Notepad++ 



Then Navigate to Plugins -> MIME Tools 



Then Select FULL URL Encode or URL Encode.

This will Encode the Script.



Topic 2: Exploratory Testing with Test & Feedback Chrome Extension


Now everyone on the team can own quality. Capture findings, create issues, and collaborate with the team, directly from the browser on any platform: Windows, Mac, or Linux. Available for Google Chrome and Mozilla Firefox (required version 50.0 or above) 

I have used Chrome Extension, Although it takes time to understand. We can use it and export the Report and Attach the HTML File.

Topic 3: Line of Death in Browser

Learn about "Line of Death" in the Browser Window.


Topic 4: Security - State of the Net
Nordic Testing Days: https://youtu.be/k_uOdUYbIUA

In this video - Mikko Hypponen Advices , Not to Click on "Enable Content" even its from trusted person to avoid ransomware.



Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India

Daily Learning - Day 19

Date: 16th February 2017

Below are the topics i learnt today..

Topic 1: Read about Yahoo's Another Security Breach 


This week, Yahoo sent another wave of emails to users warning their accounts may have been breached as recently as last year. A flaw in Yahoo's mail service could have allowed a hacker to use a forged "cookie" created by software stolen from within Yahoo's systems to access accounts without a password.

Read  more:  http://www.wired.co.uk/article/yahoo-verizon-deal


Topic 2: Fiddler Exercise on Composer Tab

Using Fiddler Composer Option to Drag and Drop the session from view panel 





  • Delete the Cookie and Execute the POST Method
-- Test:  Whether you can still access application or not.
Expected: It should send 302 Error and Session Expiry.



  • Copy the Cookie 1 to the Cookie 2 and Execute the GET Method
-- Test: whether you can still access application or not.
Expected: It should session expire and application should not be accessed via Cookie 1.

Posted in | Leave a comment Location: Mysuru, Karnataka 570001, India