The document discusses different approaches for instrumenting Android apps to add network monitoring capabilities. It describes choosing to modify the app's dex file by disassembling it to Smali code, inserting instrumentation code, and reassembling it. This allows intercepting HTTP calls without requiring access to the app's source code or build process. The key benefits are that it works on any app and Android version without the app's code needing changes.
With growth in app market it is essential to guard our android apps against possible threats, in this presentation we will walk through various tools and techniques which some one can use to reverse engineer an android app, we will see how some one can get access to APP DB, CODE, API, PREFERENCES.
We will also see different tools and techniques to guard our app against possible threats from code obfuscation with tools like dexgaurd to newer methods like verification of api calls using google play services.
This session was taken in Barcamp 13 bangalore http://barcampbangalore.org/bcb/bcb13/reverse-engineering-an-android-app-securing-your-android-apps-against-attacks
and bangalore android user group meetup Jan meetup http://www.meetup.com/blrdroid/events/100360682/
During one of my personal projects I decided to study the internals of Android and the potential of altering the Dalvik VM (e.g. Xposed framework and Cydia) and application behaviour. Not going into detail about runtime hooking of constructors and classes like these two tools provide, I also explored the possibility of reverse engineering and modifying existing applications.
In the web you can find multiple tutorials on Android reverse engineering of applications but not many that do it with real applications that are often subject to obfuscation or with complex execution flows. So in order to learn I decided to pick a common application such as Skype and do the following:
decompile it
study contents and completely remove some functionality (e.g. ads)
change some resources (not described in presentation bellow)
recompile, sign and install.
Used tools include :
apktool – for (de)compiling android applications
jarsigner – for signing android applications
xposed – for intercepting runtime execution flow (will make public in future)
The following presentation describes the steps taken in order to completely remove the ads from skype. This includes any computation or data plan usage the ads consume. Please note the disclaimer of the presentation as this information is for educational purposes only.
Check my website : www.marioalmeida.eu
Esta presentación expone las principales herramientas y técnicas a utilizar para llevar a cabo un proceso de ingeniería inversa sobre una aplicación Android, con el objetivo de identificar código malicioso en la misma. En la exposición se presenta, desde el punto de vista de un analista de seguridad y de una forma práctica, el proceso de análisis de una aplicación existente en la Google Play Store.
ProbeDroid - Crafting Your Own Dynamic Instrument Tool on Android for App Beh...ZongXian Shen
The design memo and hack note of ProbeDroid
A dynamic binary instrumentation kit targeting Android(Lollipop) 5.0 and above
This is the first complete draft.
Improved version will be updated in a few days.
With growth in app market it is essential to guard our android apps against possible threats, in this presentation we will walk through various tools and techniques which some one can use to reverse engineer an android app, we will see how some one can get access to APP DB, CODE, API, PREFERENCES.
We will also see different tools and techniques to guard our app against possible threats from code obfuscation with tools like dexgaurd to newer methods like verification of api calls using google play services.
This session was taken in Barcamp 13 bangalore http://barcampbangalore.org/bcb/bcb13/reverse-engineering-an-android-app-securing-your-android-apps-against-attacks
and bangalore android user group meetup Jan meetup http://www.meetup.com/blrdroid/events/100360682/
During one of my personal projects I decided to study the internals of Android and the potential of altering the Dalvik VM (e.g. Xposed framework and Cydia) and application behaviour. Not going into detail about runtime hooking of constructors and classes like these two tools provide, I also explored the possibility of reverse engineering and modifying existing applications.
In the web you can find multiple tutorials on Android reverse engineering of applications but not many that do it with real applications that are often subject to obfuscation or with complex execution flows. So in order to learn I decided to pick a common application such as Skype and do the following:
decompile it
study contents and completely remove some functionality (e.g. ads)
change some resources (not described in presentation bellow)
recompile, sign and install.
Used tools include :
apktool – for (de)compiling android applications
jarsigner – for signing android applications
xposed – for intercepting runtime execution flow (will make public in future)
The following presentation describes the steps taken in order to completely remove the ads from skype. This includes any computation or data plan usage the ads consume. Please note the disclaimer of the presentation as this information is for educational purposes only.
Check my website : www.marioalmeida.eu
Esta presentación expone las principales herramientas y técnicas a utilizar para llevar a cabo un proceso de ingeniería inversa sobre una aplicación Android, con el objetivo de identificar código malicioso en la misma. En la exposición se presenta, desde el punto de vista de un analista de seguridad y de una forma práctica, el proceso de análisis de una aplicación existente en la Google Play Store.
ProbeDroid - Crafting Your Own Dynamic Instrument Tool on Android for App Beh...ZongXian Shen
The design memo and hack note of ProbeDroid
A dynamic binary instrumentation kit targeting Android(Lollipop) 5.0 and above
This is the first complete draft.
Improved version will be updated in a few days.
Gwt and JSR 269's Pluggable Annotation Processing APIArnaud Tournier
Slides for my presentation given during the GWTCon 2015 conference in Firenze about generating (boiler plate) code with the JSR 269 inside a GWT Project. This JSR can of course also be used in pure Java projects.
Why the Dark Side should use Swift and a SOLID ArchitectureJorge Ortiz
Everybody involved in a mid size project or bigger is concerned about architecture. We have all been told that a good architecture can help us to have a more agile, robust, and easier to work with application, but it is not always clear how nor the architecture everybody else is talking about. By establishing parallelisms with the very well known problems of the Death Stars and the Starkiller Base, I go through the most relevant problems, explain how a well thought out architecture can be valuable to us, and share some code that implements it. The talk includes only minor spoilers, it will focus on more than MVC. It uses Swift in all of the code examples, because it is very well suited to implement those advanced architectures.
Take away concepts:
Architectural concepts for mobile applications
How to use some common design patterns
How to improve the testability of your code
Take advantage of Swift features
Apache Cordova is a platform for building mobile apps using common Web technologies (HTML, CSS and JavaScript). Apache Cordova offers a set of APIs that allow the mobile app developers to utilize mobile native functions such as (Audio, Camera, Contacts …etc) using JavaScript. This session discusses and demonstrates the advanced aspects of Apache Cordova. Advanced aspects include extending Apache Cordova framework by creating custom plugins in order to access more device hardware features. Advanced aspects also include empowering Apache Cordova apps with Push notifications and Cloud services. Finally, this session demonstrates the power of automated JavaScript unit testing for producing quality Apache Cordova apps.
Exploring the power of Gradle in android studio - Basics & BeyondKaushal Dhruw
In this presentation we will explore the official build system of android studio. Gradle. We will discuss about Gradle basics, Gradle Wrapper and its usage in android studio. We will explore the possibilities with gradle by covering beginner and advanced level topics.
What you can expect:
1. Just enough gradle to get started.
2. Creating simple and custom gradle tasks.
3. Gradle in android studio
4. Exploring product flavors
5. Using product flavors to our advantage.
6. facebook's stetho debug bridge and configuration via flavors.
Functional Reactive Programming in the Netflix APIC4Media
Video and slides synchronized, mp3 and slide download available at http://bit.ly/XRdkqc.
Ben Christensen describes how Neflix has optimized their API using a functional reactive programming (modeled after Rx) in a polyglot Java stack. Filmed at qconlondon.com.
Ben Christensen is a software engineer on the Netflix API Platform team responsible for fault tolerance, performance, architecture and scale while enabling millions of customers to access the Netflix experience across more than 800 different device types. Prior to Netflix, Ben was at Apple in the iTunes division making iOS apps and media available to the world. Twitter: @benjchristensen
Antonio is a Java developer and knows nothing about user interfaces. He uses his Mac to develop Java EE micro-services, runs them with WildFly Swarm, packages in the Docker and exposes beautiful REST APIs.
Sébastien is a TypeScript developer and knows nothing about Java. Employed at Microsoft, he uses his PC to develop beautiful user interfaces with TypeScript and Angular to invoke the services REST exposed by Antonio.
This university is intended for Java and Angular developers who want to learn how to use a Angular / TypeScript front-end with a Java / MicroProfile back-end. It is composed of two parts:
1) More theoretical: presentation of the Enterprise Micro Profile, WildFly Swarm, the TypeScript syntax and Angular.
2) More practical: development of an Angular application using several REST back-ends (JAX-RS, JSon: API, Swagger, Cors, Hateoas, ETag, JWT, Traeffik).
It’s not easy to perform a good code review. Often done in a hurry just to get it done, it only makes things worse. People treat it as an obstacle, not a helpful thing. I am gonna tell you why code reviews are important and how they can help you maintain good quality code. I will not only tell who are the code reviews for, how to raise a useful code review, but also how to perform a good code review in the quickest time possible.
Code reviews are a powerful tool in ensuring and maintaining quality in your application, but they can be very difficult to get right. When they're misunderstood or poorly executed, they can even make a bad situation worse.
In this session I'll use my professional experience to give you some tactics for getting great benefit from code reviews. We'll talk about tools, about process and most importantly about attitude! Whether you're a developer or a technical lead, come along and find out how to perform a genuinely useful code review and provide constructive feedback in the quickest time possible.
1. Create React Native App
2. Implementazione del codice del gioco del memory
3. Expo: integrazione di funzionalità native
4. Eject del progetto: integrazione di Expo
5. Integrazione camera/libreria foto
Slides of the Java One 2015 talk "Apache DeltaSpike - the CDI Toolbox". It contains presentation of Apache DeltaSpike, the framework that extends CDI in Java or Java EE
Mechanical, Electrical and Instrumentation Engineering for Non-EngineersLiving Online
You will learn the basic applied concepts of mechanical, electrical and instrumentation engineering in this workshop. This will enable you to work more effectively with your engineering colleagues – no matter whether they are operators, tradespersons, technicians or engineers. There are three main threads running through this course – initially mechanical engineering, then electrical engineering best practice and concluded with instrumentation (or industrial automation).
Mechanical engineering in simple terms deals with any equipment that moves; this is what makes it perhaps the most broad and diverse of engineering disciplines. The mechanical discipline essentially derives its breadth from the need to design and manufacture everything from small, even nano, individual devices, such as measuring instruments, to large systems such as machine tools and power plants.
The focus in electrical engineering is on the building blocks of electrical engineering, the fundamentals of electrical design and integrating electrical engineering know-how into the other disciplines within an organisation. Unnecessary theory will be minimised. The dangers and risks from electrocution, shock, explosions and arc blast can never be eliminated but you can take definite steps to protect yourself and your co-workers. The topics in instrumentation engineering commence with an introduction to instrumentation and measurement ranging from pressure, level, temperature and flow devices followed by a review of process control including the all important topic of PID loop tuning.
WHO SHOULD ATTEND?
Administration staff
Civil, mechanical, chemical, mining engineers, technologists and technicians
Electrical contractors
Finance, IT and accounting managers
Human resources managers
IT personnel
Legal personnel
Managers who are involved with or work with staff and projects in electrical engineering
Non-electrical and mechanical engineers and technicians
Non-electrical and mechanical personnel who want to understand the broader picture
Non-engineering personnel
Operators
Plant and facility engineers
Procurement and buying staff
Project managers
Sales engineers
Senior managers
MORE INFORMATION: http://www.idc-online.com/content/mechanical-electrical-and-instrumentation-engineering-non-engineers?id=8057
Gwt and JSR 269's Pluggable Annotation Processing APIArnaud Tournier
Slides for my presentation given during the GWTCon 2015 conference in Firenze about generating (boiler plate) code with the JSR 269 inside a GWT Project. This JSR can of course also be used in pure Java projects.
Why the Dark Side should use Swift and a SOLID ArchitectureJorge Ortiz
Everybody involved in a mid size project or bigger is concerned about architecture. We have all been told that a good architecture can help us to have a more agile, robust, and easier to work with application, but it is not always clear how nor the architecture everybody else is talking about. By establishing parallelisms with the very well known problems of the Death Stars and the Starkiller Base, I go through the most relevant problems, explain how a well thought out architecture can be valuable to us, and share some code that implements it. The talk includes only minor spoilers, it will focus on more than MVC. It uses Swift in all of the code examples, because it is very well suited to implement those advanced architectures.
Take away concepts:
Architectural concepts for mobile applications
How to use some common design patterns
How to improve the testability of your code
Take advantage of Swift features
Apache Cordova is a platform for building mobile apps using common Web technologies (HTML, CSS and JavaScript). Apache Cordova offers a set of APIs that allow the mobile app developers to utilize mobile native functions such as (Audio, Camera, Contacts …etc) using JavaScript. This session discusses and demonstrates the advanced aspects of Apache Cordova. Advanced aspects include extending Apache Cordova framework by creating custom plugins in order to access more device hardware features. Advanced aspects also include empowering Apache Cordova apps with Push notifications and Cloud services. Finally, this session demonstrates the power of automated JavaScript unit testing for producing quality Apache Cordova apps.
Exploring the power of Gradle in android studio - Basics & BeyondKaushal Dhruw
In this presentation we will explore the official build system of android studio. Gradle. We will discuss about Gradle basics, Gradle Wrapper and its usage in android studio. We will explore the possibilities with gradle by covering beginner and advanced level topics.
What you can expect:
1. Just enough gradle to get started.
2. Creating simple and custom gradle tasks.
3. Gradle in android studio
4. Exploring product flavors
5. Using product flavors to our advantage.
6. facebook's stetho debug bridge and configuration via flavors.
Functional Reactive Programming in the Netflix APIC4Media
Video and slides synchronized, mp3 and slide download available at http://bit.ly/XRdkqc.
Ben Christensen describes how Neflix has optimized their API using a functional reactive programming (modeled after Rx) in a polyglot Java stack. Filmed at qconlondon.com.
Ben Christensen is a software engineer on the Netflix API Platform team responsible for fault tolerance, performance, architecture and scale while enabling millions of customers to access the Netflix experience across more than 800 different device types. Prior to Netflix, Ben was at Apple in the iTunes division making iOS apps and media available to the world. Twitter: @benjchristensen
Antonio is a Java developer and knows nothing about user interfaces. He uses his Mac to develop Java EE micro-services, runs them with WildFly Swarm, packages in the Docker and exposes beautiful REST APIs.
Sébastien is a TypeScript developer and knows nothing about Java. Employed at Microsoft, he uses his PC to develop beautiful user interfaces with TypeScript and Angular to invoke the services REST exposed by Antonio.
This university is intended for Java and Angular developers who want to learn how to use a Angular / TypeScript front-end with a Java / MicroProfile back-end. It is composed of two parts:
1) More theoretical: presentation of the Enterprise Micro Profile, WildFly Swarm, the TypeScript syntax and Angular.
2) More practical: development of an Angular application using several REST back-ends (JAX-RS, JSon: API, Swagger, Cors, Hateoas, ETag, JWT, Traeffik).
It’s not easy to perform a good code review. Often done in a hurry just to get it done, it only makes things worse. People treat it as an obstacle, not a helpful thing. I am gonna tell you why code reviews are important and how they can help you maintain good quality code. I will not only tell who are the code reviews for, how to raise a useful code review, but also how to perform a good code review in the quickest time possible.
Code reviews are a powerful tool in ensuring and maintaining quality in your application, but they can be very difficult to get right. When they're misunderstood or poorly executed, they can even make a bad situation worse.
In this session I'll use my professional experience to give you some tactics for getting great benefit from code reviews. We'll talk about tools, about process and most importantly about attitude! Whether you're a developer or a technical lead, come along and find out how to perform a genuinely useful code review and provide constructive feedback in the quickest time possible.
1. Create React Native App
2. Implementazione del codice del gioco del memory
3. Expo: integrazione di funzionalità native
4. Eject del progetto: integrazione di Expo
5. Integrazione camera/libreria foto
Slides of the Java One 2015 talk "Apache DeltaSpike - the CDI Toolbox". It contains presentation of Apache DeltaSpike, the framework that extends CDI in Java or Java EE
Mechanical, Electrical and Instrumentation Engineering for Non-EngineersLiving Online
You will learn the basic applied concepts of mechanical, electrical and instrumentation engineering in this workshop. This will enable you to work more effectively with your engineering colleagues – no matter whether they are operators, tradespersons, technicians or engineers. There are three main threads running through this course – initially mechanical engineering, then electrical engineering best practice and concluded with instrumentation (or industrial automation).
Mechanical engineering in simple terms deals with any equipment that moves; this is what makes it perhaps the most broad and diverse of engineering disciplines. The mechanical discipline essentially derives its breadth from the need to design and manufacture everything from small, even nano, individual devices, such as measuring instruments, to large systems such as machine tools and power plants.
The focus in electrical engineering is on the building blocks of electrical engineering, the fundamentals of electrical design and integrating electrical engineering know-how into the other disciplines within an organisation. Unnecessary theory will be minimised. The dangers and risks from electrocution, shock, explosions and arc blast can never be eliminated but you can take definite steps to protect yourself and your co-workers. The topics in instrumentation engineering commence with an introduction to instrumentation and measurement ranging from pressure, level, temperature and flow devices followed by a review of process control including the all important topic of PID loop tuning.
WHO SHOULD ATTEND?
Administration staff
Civil, mechanical, chemical, mining engineers, technologists and technicians
Electrical contractors
Finance, IT and accounting managers
Human resources managers
IT personnel
Legal personnel
Managers who are involved with or work with staff and projects in electrical engineering
Non-electrical and mechanical engineers and technicians
Non-electrical and mechanical personnel who want to understand the broader picture
Non-engineering personnel
Operators
Plant and facility engineers
Procurement and buying staff
Project managers
Sales engineers
Senior managers
MORE INFORMATION: http://www.idc-online.com/content/mechanical-electrical-and-instrumentation-engineering-non-engineers?id=8057
Emerging Trends in Electrical, Electronics & Instrumentation Engineering: An ...eeiej
Emerging Trends in Electrical, Electronics & Instrumentation Engineering: An international Journal aims to bring together researchers and practitioners from academia and industry to focus on recent systems and techniques in the broad field of electrical, instrumentation and communication Engineering. Original research papers, state-of-the-art reviews are invited for publication in all areas of Electrical Electronics & Instrumentation Engineering.
Authors are solicited to contribute to this journal by submitting articles that illustrate research results, projects, surveying works and industrial experiences that describe significant advances in the following areas, but are not limited to
I'm Abdullah have Experience in the field of Instrumentation so for this utilities of others i am uploading my cv format so that anyone could take help,,,,,,
Dive deep into the internals of Android in this two-part, 150-minute class. You will explore the wonders of Dalvik bytecode, smali syntax, decompilation tools, patching techniques, and common methods you can use to (try to) protect your apps.
Extremely hands-on, you'll be downloading a very popular app, modifying it, and messing around with its behavior. Even if you're not that interested in APK hacking, you'll leave this class with the sort of deep appreciation for Dalvik that makes good Android developers great.
Hedland offers a complete line of over 15,000 variable area flow meters to measure oil, hydraulic oil, phosphate esters, water and water-based fluids, as well as air and other compressed gases.
Overview of the range of turbine meters available from Blancett including sanitary turbine meters for food, beverage and pharmaceuticals. This presentation also explains the operating principle of turbine flow meters.
Tools/Processes for serious android app developmentGaurav Lochan
I've managed a team that developed serious android apps, and ended up dabbling with tools out there and processes/systems. Here is a quick summary of the various things to think about if you're serious about android development, and in some cases, my recommendations.
This covers:
IDE
Build
Source Control
Bug/Task tracking
Crash reporting
Analytics
Test Automation
Continuous Integration
Device Matrix testing
Performance testing
Beta testing
A/B testing
Backend-as-a-Service
Javascript Frameworks Comparison - Angular, Knockout, Ember and BackboneDeepu S Nath
Introduction and Comparison of polpular JS Frameworks Knockout, Ember, Angular and Backbone. The presentation descrobes How and when to select each framework.
Talk at RubyKaigi 2015.
Plugin architecture is known as a technique that brings extensibility to a program. Ruby has good language features for plugins. RubyGems.org is an excellent platform for plugin distribution. However, creating plugin architecture is not as easy as writing code without it: plugin loader, packaging, loosely-coupled API, and performance. Loading two versions of a gem is a unsolved challenge that is solved in Java on the other hand.
I have designed some open-source software such as Fluentd and Embulk. They provide most of functions by plugins. I will talk about their plugin-based architecture.
Performance comparison on java technologies a practical approachcsandit
Performance responsiveness and scalability is a make-or-break quality for software. Nearly
everyone runs into performance problems at one time or another. This paper discusses about
performance issues faced during one of the project implemented in java technologies. The
challenges faced during the life cycle of the project and the mitigation actions performed. It
compares 3 java technologies and shows how improvements are made through statistical
analysis in response time of the application. The paper concludes with result analysis.
PERFORMANCE COMPARISON ON JAVA TECHNOLOGIES - A PRACTICAL APPROACHcscpconf
Performance responsiveness and scalability is a make-or-break quality for software. Nearly everyone runs into performance problems at one time or another. This paper discusses about
performance issues faced during one of the project implemented in java technologies. The challenges faced during the life cycle of the project and the mitigation actions performed. It compares 3 java technologies and shows how improvements are made through statistical analysis in response time of the application. The paper concludes with result analysis.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Transcript: Selling digital books in 2024: Insights from industry leaders - T...BookNet Canada
The publishing industry has been selling digital audiobooks and ebooks for over a decade and has found its groove. What’s changed? What has stayed the same? Where do we go from here? Join a group of leading sales peers from across the industry for a conversation about the lessons learned since the popularization of digital books, best practices, digital book supply chain management, and more.
Link to video recording: https://bnctechforum.ca/sessions/selling-digital-books-in-2024-insights-from-industry-leaders/
Presented by BookNet Canada on May 28, 2024, with support from the Department of Canadian Heritage.
Securing your Kubernetes cluster_ a step-by-step guide to success !KatiaHIMEUR1
Today, after several years of existence, an extremely active community and an ultra-dynamic ecosystem, Kubernetes has established itself as the de facto standard in container orchestration. Thanks to a wide range of managed services, it has never been so easy to set up a ready-to-use Kubernetes cluster.
However, this ease of use means that the subject of security in Kubernetes is often left for later, or even neglected. This exposes companies to significant risks.
In this talk, I'll show you step-by-step how to secure your Kubernetes cluster for greater peace of mind and reliability.
Neuro-symbolic is not enough, we need neuro-*semantic*Frank van Harmelen
Neuro-symbolic (NeSy) AI is on the rise. However, simply machine learning on just any symbolic structure is not sufficient to really harvest the gains of NeSy. These will only be gained when the symbolic structures have an actual semantics. I give an operational definition of semantics as “predictable inference”.
All of this illustrated with link prediction over knowledge graphs, but the argument is general.
Accelerate your Kubernetes clusters with Varnish CachingThijs Feryn
A presentation about the usage and availability of Varnish on Kubernetes. This talk explores the capabilities of Varnish caching and shows how to use the Varnish Helm chart to deploy it to Kubernetes.
This presentation was delivered at K8SUG Singapore. See https://feryn.eu/presentations/accelerate-your-kubernetes-clusters-with-varnish-caching-k8sug-singapore-28-2024 for more details.
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
DevOps and Testing slides at DASA ConnectKari Kakkonen
My and Rik Marselis slides at 30.5.2024 DASA Connect conference. We discuss about what is testing, then what is agile testing and finally what is Testing in DevOps. Finally we had lovely workshop with the participants trying to find out different ways to think about quality and testing in different parts of the DevOps infinity loop.
UiPath Test Automation using UiPath Test Suite series, part 4DianaGray10
Welcome to UiPath Test Automation using UiPath Test Suite series part 4. In this session, we will cover Test Manager overview along with SAP heatmap.
The UiPath Test Manager overview with SAP heatmap webinar offers a concise yet comprehensive exploration of the role of a Test Manager within SAP environments, coupled with the utilization of heatmaps for effective testing strategies.
Participants will gain insights into the responsibilities, challenges, and best practices associated with test management in SAP projects. Additionally, the webinar delves into the significance of heatmaps as a visual aid for identifying testing priorities, areas of risk, and resource allocation within SAP landscapes. Through this session, attendees can expect to enhance their understanding of test management principles while learning practical approaches to optimize testing processes in SAP environments using heatmap visualization techniques
What will you get from this session?
1. Insights into SAP testing best practices
2. Heatmap utilization for testing
3. Optimization of testing processes
4. Demo
Topics covered:
Execution from the test manager
Orchestrator execution result
Defect reporting
SAP heatmap example with demo
Speaker:
Deepak Rai, Automation Practice Lead, Boundaryless Group and UiPath MVP
JMeter webinar - integration with InfluxDB and GrafanaRTTS
Watch this recorded webinar about real-time monitoring of application performance. See how to integrate Apache JMeter, the open-source leader in performance testing, with InfluxDB, the open-source time-series database, and Grafana, the open-source analytics and visualization application.
In this webinar, we will review the benefits of leveraging InfluxDB and Grafana when executing load tests and demonstrate how these tools are used to visualize performance metrics.
Length: 30 minutes
Session Overview
-------------------------------------------
During this webinar, we will cover the following topics while demonstrating the integrations of JMeter, InfluxDB and Grafana:
- What out-of-the-box solutions are available for real-time monitoring JMeter tests?
- What are the benefits of integrating InfluxDB and Grafana into the load testing stack?
- Which features are provided by Grafana?
- Demonstration of InfluxDB and Grafana using a practice web application
To view the webinar recording, go to:
https://www.rttsweb.com/jmeter-integration-webinar
Epistemic Interaction - tuning interfaces to provide information for AI supportAlan Dix
Paper presented at SYNERGY workshop at AVI 2024, Genoa, Italy. 3rd June 2024
https://alandix.com/academic/papers/synergy2024-epistemic/
As machine learning integrates deeper into human-computer interactions, the concept of epistemic interaction emerges, aiming to refine these interactions to enhance system adaptability. This approach encourages minor, intentional adjustments in user behaviour to enrich the data available for system learning. This paper introduces epistemic interaction within the context of human-system communication, illustrating how deliberate interaction design can improve system understanding and adaptation. Through concrete examples, we demonstrate the potential of epistemic interaction to significantly advance human-computer interaction by leveraging intuitive human communication strategies to inform system design and functionality, offering a novel pathway for enriching user-system engagements.
Key Trends Shaping the Future of Infrastructure.pdfCheryl Hung
Keynote at DIGIT West Expo, Glasgow on 29 May 2024.
Cheryl Hung, ochery.com
Sr Director, Infrastructure Ecosystem, Arm.
The key trends across hardware, cloud and open-source; exploring how these areas are likely to mature and develop over the short and long-term, and then considering how organisations can position themselves to adapt and thrive.
3. Motivation?
Little Eye Measures, Analyzes and helps optimize app
resource usage on Android. But network stats are
aggregates only
Friday 13 December 13
4. Motivation (2)
Needed granular network stats - each endpoint/URL,
Latency, Data transferred
Considered different approaches
Implement a VPN client app
Use a proxy
Looked at OS stats - didn’t find anything
Java debug wire protocol (JDWP)
Instrumentation
Friday 13 December 13
5. Instrumentation
ie, Rewriting parts of a binary (in this case, android app)
Allows us to intercept HTTP calls, with code-level
context (parameters, errors) for each call
Works on any app
Works on practically any android version/device
Opens up a lot of exciting possibilities...
Friday 13 December 13
6. Instrumentation (2)
Can be: Static or Runtime
Examples
Android Traceview (startMethodTracing)
Android test automation framework
iOS instruments
Purify (Rational / IBM)
JVM -javaagent option
AspectJ
Friday 13 December 13
8. classes.dx
Dalvik is the custom android VM (different from JVM)
Dex = Dalvik EXecutable format. It’s a custom
bytecode format designed for android
Build process:
compile .java code into .class files
dx converts each .class file into .dx representation,
and stores them in the single classes.dx
all ref’d library code also goes into classes.dex
Friday 13 December 13
9. Reverse engineering tools
Smali (by JesusFreke) - dex disassembler
ApkTool - decodes resources, repackage app
dex2jar - disassembles dex to .class format
JD-GUI - Decompiles .class into .java
Androguard - Tool for deep analysis of android app
ApkAnalyzer - Tool for analysis of app, also supports
instrumentation of the app.
Friday 13 December 13
14. Instrumentation Approaches
Explored the following approaches on android
Runtime
Instrument .class files during build process
Instrument .dex file
Friday 13 December 13
15. Runtime instrumentation
A JVM allows this - pass in a java.lang.instrumentation
(using the -javaagent flag) which can transform class at
class-load time
Dalvik doesn’t support this
It supports passing in a android.app.instrumentation,
but that has a limited set of methods, mostly for
automated testing
Friday 13 December 13
16. Instrumenting .class files
Considered modifying .class files, in two ways:
Using the JavaAssist tool/library
AspectJ
Both are well understood tools, but need to be done at
build time
Requires a process change, plus not all of our users
have access to the build (e.g. 3rd party QA team)
Friday 13 December 13
17. Instrumenting .dex file
Found some tools - none of these looked solid enough
dexpler - research project
redexer - research project
apkil - google summer of code project
Tried dex2jar to convert .dx into .class - but this is not a
reliable method. Fine for reading code (skip the failed
conversions), but not for this use case.
Friday 13 December 13
18. Instrumenting .dex file (2)
Smali
A simple tool that decompiles the .dx into an
intermediate format (also known as smali)
This is well-used (e.g. ApkTool, ApkAnalyzer, and
apkil use it)
Active project, well supported by JesusFreke
I disassemble an app, modified the smali code, and reassembled and repackaged, and it just worked!
Friday 13 December 13
19. Automating instrumentation
Challenges:
Need a way to find all the appropriate calls in the app
to replace
Need to do it without side-effects.
Tried many approaches, JesusFreke pointed me to
MutableMethod which did what i needed
Called my approach Umbreyta (icelandic for transform).
https://github.com/LittleEyeLabs/smali
Friday 13 December 13