Mailtrap.io for Email Testing

Testing applications and web sites that send email can be difficult. During testing you might generate many email notifications and you don’t want to flood a real mailbox. Or you might not want email from a development system being confused for production email. And especially when using production data during development, you might want to […]

Read more
Cucumber-JVM Setup
Cucumber

Introduction As a software tester with Java experience, generally working with Java applications, the release of the cucumber-jvm really excited me. I have been thinking about trying out Behavioral Driven Development for some time, and this tool (along with a new project) finally gave me the push I needed to try it out. I find […]

Read more
Using Sequences of System Events to Identify Users

In my last post on the Active Authentication project I described how to use Microsoft Detours to collect a trace of system calls (also known as system events) for a single process.  At Coveros Labs we leveraged an example program provided with Detours in order to create our own prototype system that validates the identity of a […]

Read more
Integrating CAT.NET into Hudson for Continuous Security Analysis

I recently published an article about using CAT.NET security scanner on your .NET web application. Once you get it running, it’s fairly simple to integrate it into your continuous integration process. Our strategy here will be to use a down-stream job in Hudson to run static security analysis on our application build after the main compilation/packaging […]

Read more
Teaching Firefox to use a CAC

Some of the sites I use require a CAC smart card to establish SSL access. (Forge.mil is an example of this.) Chrome and IE (shudder) are both smart enough to use a smart card for certificates out of the box on Windows. Unfortunately, Firefox doesn’t seem to be set up to do it without some […]

Read more
Setting start up position for Windows RDP Windows

I have an annoying situation where I create RDP windows and they seem to always start the same (but wrong) size. For example, one of my sessions starts “maximized” but only 1280×1024 sized so it ends up having scrollbars inside my 1920×1200 monitor. I then have to de-maximize it, move the window somewhere, and drag […]

Read more
Subversion load and performance testing in 10 lines or less?

I needed a quantifiable test that can measure svn performance during a check out. This script take 2 arguments, number of checkouts and parallelism. For example, if I want to run 100 checkout 2 at a time ./load.sh 100 2 or 100 checkouts 50 at a time ./load.sh 100 50   #!/bin/bash i=0;  url=”<a href=”http://mysvnrepo” while”>http://mysvnrepo” while</a> [ $i -lt $1 ]; […]

Read more
Monitoring System Calls for Active Authentication with Detours

Coveros Labs recently received funding from the Defense Advanced Research Projects Agency (DARPA) through the Active Authentication program.  The goal of this program is to develop “novel ways of validating the identity of [a] person … that focus on the unique aspects of the individual through the use of software-based biometrics.” Traditional authentication techniques require […]

Read more
X