The document discusses test driven development (TDD). It covers the evolution of testing, automated testing, and the motivations and principles of TDD. The main points of TDD are covered, including writing a test first that fails, then writing code to make the test pass, and refactoring the code. An interactive session demonstrates applying TDD to developing a task list application, including tests for title, ID, completion status, and saving tasks to a database. The importance of covering variations with tests and the risks of focusing only on 100% test coverage are also discussed.
Xlab #1: Advantages of functional programming in Java 8XSolve
Presentation from xlab workshop about functional programming components introduced to the Java 8. How to operate the streams and lambdas in theory and practice.
Models and Service Layers, Hemoglobin and HobgoblinsRoss Tuck
As presented at ZendCon 2014, AmsterdamPHP, PHPBenelux 2014, Sweetlake PHP and PHP Northwest 2013, an overview of some different patterns for integrating and managing logic throughout your application.
How do you measure the quality of your code? Performance and testing are just one aspect of code, in order to meet deadlines and make maintenance quicker you also need your code to be readable, decoupled and generally easier to comprehend and work with. This talk will go over tips and exercises to help you identify trouble areas, refactor them and train you to write better code in future projects. Come make your code look and function better.
Presentation made at GTA meetup in 2012-02-07.
Object Calisthenics is a set of exercise rules to reach better code, maintainable, testable and readable.
As presented at Dutch PHP Conference 2015, an introduction to command buses, how to implement your own in PHP and why they're both useful but unimportant.
Xlab #1: Advantages of functional programming in Java 8XSolve
Presentation from xlab workshop about functional programming components introduced to the Java 8. How to operate the streams and lambdas in theory and practice.
Models and Service Layers, Hemoglobin and HobgoblinsRoss Tuck
As presented at ZendCon 2014, AmsterdamPHP, PHPBenelux 2014, Sweetlake PHP and PHP Northwest 2013, an overview of some different patterns for integrating and managing logic throughout your application.
How do you measure the quality of your code? Performance and testing are just one aspect of code, in order to meet deadlines and make maintenance quicker you also need your code to be readable, decoupled and generally easier to comprehend and work with. This talk will go over tips and exercises to help you identify trouble areas, refactor them and train you to write better code in future projects. Come make your code look and function better.
Presentation made at GTA meetup in 2012-02-07.
Object Calisthenics is a set of exercise rules to reach better code, maintainable, testable and readable.
As presented at Dutch PHP Conference 2015, an introduction to command buses, how to implement your own in PHP and why they're both useful but unimportant.
Closing keynote, as presented at Codemotion 2014, LaraconEU 2014, Redevelop 2014, CodeConnexx 2013 and PHP North East 2014.
This presentation makes a reference to a reading list I received. For those interested, the release consists of most of the general classics, such as Gang Of Four "Design Patterns", The Pragmatic Programmer, Structure and Interpretation of Computer Programs, Domain Driven Design and a few others. The actual list remains tucked away in a box somewhere.
This session introduces most well known design patterns to build PHP classes and objects that need to store and fetch data from a relational databases. The session will describe the difference between of the Active Record, the Table and Row Data Gateway and the Data Mapper pattern. We will also examine some technical advantages and drawbacks of these implementations. This talk will expose some of the best PHP tools, which ease database interactions and are built on top of these patterns.
Persistence is one of the most important part in a PHP project. Persisting data to a database came with PHP/FI and its MySQL support. From native extensions and PHP4 database abstraction libraries to PDO and modern ORM frameworks, you will (re)discover how persistence has evolved during the last decade. This talk will also introduce the future of data persistence with the growing success of alternative storage engines.
Design Patterns avec PHP 5.3, Symfony et PimpleHugo Hamon
Cette conférence présente deux grands motifs de conception : l'observateur et l'injection de dépendance. Ce sujet allie à la fois théorie et pratique. Le composant autonome EventDispatcher de Symfony ainsi que le conteneur d'injection de dépendance Pimple sont mis à l'honneur avec des exemples pratiques d'usage. Ces cas pratiques combinent du code de l'ORM Propel ainsi que le composant autonome Zend\Search\Lucene du Zend Framework 2
Adding Dependency Injection to Legacy ApplicationsSam Hennessy
Dependency Injection (DI) is a fantastic technique, but what if you what to use dependency injection in your legacy application. Fear not! As someone who as done this very thing, I will show how you can successful and incrementally add DI to any application. I will present a number of recipes and solutions to common problems and give a tour of the various PHP DI projects and how they can help.
Teaching Your Machine To Find FraudstersIan Barber
The slides from my talk at PHP Tek 11.
When dealing with money online, fraud is an ongoing problem for both
consumers and sellers. Researchers have been developing statistical
and machine learning techniques to detect shady sellers on auction
sites, spot fraudulent payments on e-commerce systems and catch click
fraud on adverts. While there is no silver bullet, you will learn to
flag suspicious activity and help protect your site from scammers
using PHP and a little help from some other technologies.
Silex is a brand new PHP 5.3 micro framework built on top of the Symfony2 de decoupled components. In this session, we will discover how to build and deploy powerful REST web services with such a micro framework and its embedded tools.
The first part of this talk will introduce the basics of the REST architecture. We fill focus on the main concepts of REST like HTTP methods, URIs and open formats like XML and JSON.
Then, we will discover how to deploy REST services using most of interesting Silex tools like database abstraction layer, template engine and input validation. We will also look at unit and functional testing frameworks with PHPUnit and HTTP caching with Edge Side Includes and Varnish support to improve performances.
The road to continuous deployment (PHPCon Poland 2016)Michiel Rook
As presented at PHPCon Poland 2016
It's a situation many of us are familiar with: a large legacy application, limited or no tests, slow & manual release process, low velocity, no confidence.... Oh, and management wants new features, fast.
But how to proceed? Using examples and lessons learned from a real-world case, I'll show you how to strangle the legacy application with a modern service architecture and build a continuous deployment pipeline to deliver value from the first sprint. On the way, we take a look at testing strategies and various (possibly controversial!) tips and best practices.
The IoC Hydra - Dutch PHP Conference 2016Kacper Gunia
Slides from my talk presented during Dutch PHP Conference in Amsterdam - 25 June 2016
More Domain-Driven Design related content at: https://domaincentric.net/
You must’ve heard of Unit testing… If not, then this talk is definitely for you! If you do know Unit testing, you probably ran at some point into a hurdle: “Where do I start?” And despite your best efforts, you end up not having enough tests for your application – Then that change request comes in, requiring you to change that very same complex piece of code for which you are lacking tests! How do you going refactor while maintaining all those ‘undocumented’ business rules? This talk will show how Codeception can be leveraged to refactor the visuals aspects of an application, maintaining backwards compatibility on API changes and even assist in moving to a whole different server infrastructure.
Closing keynote, as presented at Codemotion 2014, LaraconEU 2014, Redevelop 2014, CodeConnexx 2013 and PHP North East 2014.
This presentation makes a reference to a reading list I received. For those interested, the release consists of most of the general classics, such as Gang Of Four "Design Patterns", The Pragmatic Programmer, Structure and Interpretation of Computer Programs, Domain Driven Design and a few others. The actual list remains tucked away in a box somewhere.
This session introduces most well known design patterns to build PHP classes and objects that need to store and fetch data from a relational databases. The session will describe the difference between of the Active Record, the Table and Row Data Gateway and the Data Mapper pattern. We will also examine some technical advantages and drawbacks of these implementations. This talk will expose some of the best PHP tools, which ease database interactions and are built on top of these patterns.
Persistence is one of the most important part in a PHP project. Persisting data to a database came with PHP/FI and its MySQL support. From native extensions and PHP4 database abstraction libraries to PDO and modern ORM frameworks, you will (re)discover how persistence has evolved during the last decade. This talk will also introduce the future of data persistence with the growing success of alternative storage engines.
Design Patterns avec PHP 5.3, Symfony et PimpleHugo Hamon
Cette conférence présente deux grands motifs de conception : l'observateur et l'injection de dépendance. Ce sujet allie à la fois théorie et pratique. Le composant autonome EventDispatcher de Symfony ainsi que le conteneur d'injection de dépendance Pimple sont mis à l'honneur avec des exemples pratiques d'usage. Ces cas pratiques combinent du code de l'ORM Propel ainsi que le composant autonome Zend\Search\Lucene du Zend Framework 2
Adding Dependency Injection to Legacy ApplicationsSam Hennessy
Dependency Injection (DI) is a fantastic technique, but what if you what to use dependency injection in your legacy application. Fear not! As someone who as done this very thing, I will show how you can successful and incrementally add DI to any application. I will present a number of recipes and solutions to common problems and give a tour of the various PHP DI projects and how they can help.
Teaching Your Machine To Find FraudstersIan Barber
The slides from my talk at PHP Tek 11.
When dealing with money online, fraud is an ongoing problem for both
consumers and sellers. Researchers have been developing statistical
and machine learning techniques to detect shady sellers on auction
sites, spot fraudulent payments on e-commerce systems and catch click
fraud on adverts. While there is no silver bullet, you will learn to
flag suspicious activity and help protect your site from scammers
using PHP and a little help from some other technologies.
Silex is a brand new PHP 5.3 micro framework built on top of the Symfony2 de decoupled components. In this session, we will discover how to build and deploy powerful REST web services with such a micro framework and its embedded tools.
The first part of this talk will introduce the basics of the REST architecture. We fill focus on the main concepts of REST like HTTP methods, URIs and open formats like XML and JSON.
Then, we will discover how to deploy REST services using most of interesting Silex tools like database abstraction layer, template engine and input validation. We will also look at unit and functional testing frameworks with PHPUnit and HTTP caching with Edge Side Includes and Varnish support to improve performances.
The road to continuous deployment (PHPCon Poland 2016)Michiel Rook
As presented at PHPCon Poland 2016
It's a situation many of us are familiar with: a large legacy application, limited or no tests, slow & manual release process, low velocity, no confidence.... Oh, and management wants new features, fast.
But how to proceed? Using examples and lessons learned from a real-world case, I'll show you how to strangle the legacy application with a modern service architecture and build a continuous deployment pipeline to deliver value from the first sprint. On the way, we take a look at testing strategies and various (possibly controversial!) tips and best practices.
The IoC Hydra - Dutch PHP Conference 2016Kacper Gunia
Slides from my talk presented during Dutch PHP Conference in Amsterdam - 25 June 2016
More Domain-Driven Design related content at: https://domaincentric.net/
You must’ve heard of Unit testing… If not, then this talk is definitely for you! If you do know Unit testing, you probably ran at some point into a hurdle: “Where do I start?” And despite your best efforts, you end up not having enough tests for your application – Then that change request comes in, requiring you to change that very same complex piece of code for which you are lacking tests! How do you going refactor while maintaining all those ‘undocumented’ business rules? This talk will show how Codeception can be leveraged to refactor the visuals aspects of an application, maintaining backwards compatibility on API changes and even assist in moving to a whole different server infrastructure.
Erros têm de fazer parte do dia a dia do desenvolvedor, porém a maioria prefere ignorá-los ou simplesmente não sabem como lidar com os mesmos. Nesta palestra de 50min vamos passar por duas diferentes formas de lidar com eles: procedural/imperativo e Exceptions além de ver como manter e utilizar mensagens de erros a fim de serem úteis no seu dia a dia.
Uma breve evolução dos paradigmas de programação até a Orientação a Objetos, assim como apresentação de alguns recursos da mesma dentro do contexto de programação.
Códigos Utilizados: https://github.com/augustohp/palestra-orientacao-objetos
Avaliações:
- VII Congresso Uniararas: https://joind.in/6692
This talk will look at the features and changes in the Node Access system for Drupal 7.
Out of the box, Drupal is a great system for creating and managing content. However, there are cases where your needs require additional requirements for which users can create, view, edit and delete content. To solve this problem, Drupal provides its Node Access system.
Node Access provides an API for determining the grants, or permissions, that a user has for each node. By understanding how these grants work, a module developer can create and enforce complex access rules.
We will cover some (or all) of the following topics.
- Node Access compared to user_access() and other permission checks.
- How Drupal grants node permissions.
- The node_access() function.
- hook_node_access() compared to {node_access}.
- Controlling permission to create content.
- Using hook_node_access().
- When to write a Node Access module.
- The {node_access} table and its role.
- Defining your moduleâs access rules.
- Using hook_node_access_records().
- Using hook_node_grants().
- Rebuilding the {node_access} table.
- Modifying the behavior of other modules.
- Using hook_node_access_records_alter().
- Using hook_node_grants_alter().
- Testing and debugging you module.
- Using Devel Node Access
- Roadmap for Drupal 8
Ken Rickard is the maintainer of the Domain Access module and wrote several of the patches for Node Access in Drupal 7.
Introduction of Clean Code
~ What is Bad Code and Good Code ~
Presented by Jeremiah Caballero on June 26, 2019.
It's an introduction of "Clean Code" referring to the Robert C.Martin's "Clean Code".
Software should be perfect, but it isn't! Bugs in the software ranges from small "inoffensive ones" to the ones that makes the news when a bunch of credit card data is stole.
On this talk we will review different testing methodologies and tools, and we will focus on using PHPUnit to assert how your software works and how to exterminate your bugs.
4Developers 2015: Be pragmatic, be SOLID - Krzysztof MenżykPROIDEA
Krzysztof Menżyk
Language: Polish
Wiemy jak projektować dobry kod obiektowy? Ilu z nas zna 5 zasad SOLID? Ilu z nas przestrzega ich w codziennej pracy z kodem? Nie tylko wyjaśnię co to SOLID, ale również pokażę, że to nie sucha teoria a praktyczne rady, które warto aplikować w naszych projektach.
Podczas prezentacji szczegółowo omówię każdą z pięciu zasad. Pokażę konkretne przykłady, które naruszają ww. zasady. Zaprezentuję przykładowe rozwiązania i techniki refaktorowania kodu. Omówię również, w jakich sytuacjach można pominąć niektóre z zasad oraz jaki może to mieć wpływ na projekt.
The presentation was created in the Apple Pages, and then converted to a MS PowerPoint format, due to that, on some slides may apper poor quality and ugly look.
What should you test with your unit tests? Some people will say that unit behaviour is best tested through it's outcomes. But what if communication between units itself is more important than the results of it? This session will introduce you to two different ways of unit-testing and show you a way to assert your object behaviours through their communications.
Logs: O que comem, onde vivem e como se reproduzem.Augusto Pascutti
Como utilizar os arquivos de log (servidor web, PHP) e como gerá-los, quais as configurações que afetam o comportamento da geração de log no PHP, como gerar mensagens melhores e arquiteturas comuns para manter e utilizar melhor o potencial dessas mensagens.
O vídeo da apresentação: https://www.youtube.com/watch?v=pGPyKxuUAAo
Breve introdução a TDD, expondo uma aplicação simples - visível somente via controle de versão - escrita em PHP, exercitando os ciclos propostos pela metologia.
Gravação da apresentação: http://youtu.be/M5f32O-Afq0
Repositório do projeto: http://github.com/augustohp/gravata
Escalabilidade em um sistema é planejada desde a sua concepção ou as consequências deverão ser aceitas. Como entender a arquitetura de uma aplicação web, como usar essa arquitetura a seu favor e quais são as práticas mais comuns será o conteúdo dessa palestra. Nada de teoria, você leva pra casa um conjunto de VMs pra exprimentar e aprender o que foi apresentado.
Acredito sem dificuldade ao ver e escutar de um engenheiro que uma ponte terá tantos metros, tantos pilares e que ela ficará exatamente daquele jeito quando pronta mas me recuso a acreditar em alguém que me diz que um software será entregue exatamente do jeito que foi pedido inicialmente. Eu não sou um engenheiro, sou um jardineiro!
Qual o estado dos frameworks atualmente no PHP, assim como a situação atual da linguagem. Como você pode escolher seu framework e um comparativo entre os 4 principais frameworks do mercado.
Apresentação feita no Latinoware dando uma breve introdução sobre os conceitos de Integração contínuo e seus resultados de implementação no dia a dia num projeto fictício que está disponível para qualquer pessoa ver, executar e modificar.
Todas as ferramentas utilizadas são livres e as metodologias ou conceitos independente de linguagens e já estabelecidos no mercado.
PHPSC Conference 2010 - Testar é bom, integrar é melhor ainda!Augusto Pascutti
Palestra de integração contínua dada no PHPSCConf de 2010 em Joenville.
"Testar é bom, integrar é ainda melhor"
O código utilizado nesta apresentação, pode se encontrado no github: http://github.com/augustohp/ManoWars
GraphRAG is All You need? LLM & Knowledge GraphGuy Korland
Guy Korland, CEO and Co-founder of FalkorDB, will review two articles on the integration of language models with knowledge graphs.
1. Unifying Large Language Models and Knowledge Graphs: A Roadmap.
https://arxiv.org/abs/2306.08302
2. Microsoft Research's GraphRAG paper and a review paper on various uses of knowledge graphs:
https://www.microsoft.com/en-us/research/blog/graphrag-unlocking-llm-discovery-on-narrative-private-data/
Why You Should Replace Windows 11 with Nitrux Linux 3.5.0 for enhanced perfor...SOFTTECHHUB
The choice of an operating system plays a pivotal role in shaping our computing experience. For decades, Microsoft's Windows has dominated the market, offering a familiar and widely adopted platform for personal and professional use. However, as technological advancements continue to push the boundaries of innovation, alternative operating systems have emerged, challenging the status quo and offering users a fresh perspective on computing.
One such alternative that has garnered significant attention and acclaim is Nitrux Linux 3.5.0, a sleek, powerful, and user-friendly Linux distribution that promises to redefine the way we interact with our devices. With its focus on performance, security, and customization, Nitrux Linux presents a compelling case for those seeking to break free from the constraints of proprietary software and embrace the freedom and flexibility of open-source computing.
PHP Frameworks: I want to break free (IPC Berlin 2024)Ralf Eggert
In this presentation, we examine the challenges and limitations of relying too heavily on PHP frameworks in web development. We discuss the history of PHP and its frameworks to understand how this dependence has evolved. The focus will be on providing concrete tips and strategies to reduce reliance on these frameworks, based on real-world examples and practical considerations. The goal is to equip developers with the skills and knowledge to create more flexible and future-proof web applications. We'll explore the importance of maintaining autonomy in a rapidly changing tech landscape and how to make informed decisions in PHP development.
This talk is aimed at encouraging a more independent approach to using PHP frameworks, moving towards a more flexible and future-proof approach to PHP development.
In his public lecture, Christian Timmerer provides insights into the fascinating history of video streaming, starting from its humble beginnings before YouTube to the groundbreaking technologies that now dominate platforms like Netflix and ORF ON. Timmerer also presents provocative contributions of his own that have significantly influenced the industry. He concludes by looking at future challenges and invites the audience to join in a discussion.
Alt. GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using ...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
Generative AI Deep Dive: Advancing from Proof of Concept to ProductionAggregage
Join Maher Hanafi, VP of Engineering at Betterworks, in this new session where he'll share a practical framework to transform Gen AI prototypes into impactful products! He'll delve into the complexities of data collection and management, model selection and optimization, and ensuring security, scalability, and responsible use.
The Art of the Pitch: WordPress Relationships and SalesLaura Byrne
Clients don’t know what they don’t know. What web solutions are right for them? How does WordPress come into the picture? How do you make sure you understand scope and timeline? What do you do if sometime changes?
All these questions and more will be explored as we talk about matching clients’ needs with what your agency offers without pulling teeth or pulling your hair out. Practical tips, and strategies for successful relationship building that leads to closing the deal.
Dr. Sean Tan, Head of Data Science, Changi Airport Group
Discover how Changi Airport Group (CAG) leverages graph technologies and generative AI to revolutionize their search capabilities. This session delves into the unique search needs of CAG’s diverse passengers and customers, showcasing how graph data structures enhance the accuracy and relevance of AI-generated search results, mitigating the risk of “hallucinations” and improving the overall customer journey.
Observability Concepts EVERY Developer Should Know -- DeveloperWeek Europe.pdfPaige Cruz
Monitoring and observability aren’t traditionally found in software curriculums and many of us cobble this knowledge together from whatever vendor or ecosystem we were first introduced to and whatever is a part of your current company’s observability stack.
While the dev and ops silo continues to crumble….many organizations still relegate monitoring & observability as the purview of ops, infra and SRE teams. This is a mistake - achieving a highly observable system requires collaboration up and down the stack.
I, a former op, would like to extend an invitation to all application developers to join the observability party will share these foundational concepts to build on:
A tale of scale & speed: How the US Navy is enabling software delivery from l...sonjaschweigert1
Rapid and secure feature delivery is a goal across every application team and every branch of the DoD. The Navy’s DevSecOps platform, Party Barge, has achieved:
- Reduction in onboarding time from 5 weeks to 1 day
- Improved developer experience and productivity through actionable findings and reduction of false positives
- Maintenance of superior security standards and inherent policy enforcement with Authorization to Operate (ATO)
Development teams can ship efficiently and ensure applications are cyber ready for Navy Authorizing Officials (AOs). In this webinar, Sigma Defense and Anchore will give attendees a look behind the scenes and demo secure pipeline automation and security artifacts that speed up application ATO and time to production.
We will cover:
- How to remove silos in DevSecOps
- How to build efficient development pipeline roles and component templates
- How to deliver security artifacts that matter for ATO’s (SBOMs, vulnerability reports, and policy evidence)
- How to streamline operations with automated policy checks on container images
GDG Cloud Southlake #33: Boule & Rebala: Effective AppSec in SDLC using Deplo...James Anderson
Effective Application Security in Software Delivery lifecycle using Deployment Firewall and DBOM
The modern software delivery process (or the CI/CD process) includes many tools, distributed teams, open-source code, and cloud platforms. Constant focus on speed to release software to market, along with the traditional slow and manual security checks has caused gaps in continuous security as an important piece in the software supply chain. Today organizations feel more susceptible to external and internal cyber threats due to the vast attack surface in their applications supply chain and the lack of end-to-end governance and risk management.
The software team must secure its software delivery process to avoid vulnerability and security breaches. This needs to be achieved with existing tool chains and without extensive rework of the delivery processes. This talk will present strategies and techniques for providing visibility into the true risk of the existing vulnerabilities, preventing the introduction of security issues in the software, resolving vulnerabilities in production environments quickly, and capturing the deployment bill of materials (DBOM).
Speakers:
Bob Boule
Robert Boule is a technology enthusiast with PASSION for technology and making things work along with a knack for helping others understand how things work. He comes with around 20 years of solution engineering experience in application security, software continuous delivery, and SaaS platforms. He is known for his dynamic presentations in CI/CD and application security integrated in software delivery lifecycle.
Gopinath Rebala
Gopinath Rebala is the CTO of OpsMx, where he has overall responsibility for the machine learning and data processing architectures for Secure Software Delivery. Gopi also has a strong connection with our customers, leading design and architecture for strategic implementations. Gopi is a frequent speaker and well-known leader in continuous delivery and integrating security into software delivery.
GraphSummit Singapore | The Future of Agility: Supercharging Digital Transfor...Neo4j
Leonard Jayamohan, Partner & Generative AI Lead, Deloitte
This keynote will reveal how Deloitte leverages Neo4j’s graph power for groundbreaking digital twin solutions, achieving a staggering 100x performance boost. Discover the essential role knowledge graphs play in successful generative AI implementations. Plus, get an exclusive look at an innovative Neo4j + Generative AI solution Deloitte is developing in-house.
Removing Uninteresting Bytes in Software FuzzingAftab Hussain
Imagine a world where software fuzzing, the process of mutating bytes in test seeds to uncover hidden and erroneous program behaviors, becomes faster and more effective. A lot depends on the initial seeds, which can significantly dictate the trajectory of a fuzzing campaign, particularly in terms of how long it takes to uncover interesting behaviour in your code. We introduce DIAR, a technique designed to speedup fuzzing campaigns by pinpointing and eliminating those uninteresting bytes in the seeds. Picture this: instead of wasting valuable resources on meaningless mutations in large, bloated seeds, DIAR removes the unnecessary bytes, streamlining the entire process.
In this work, we equipped AFL, a popular fuzzer, with DIAR and examined two critical Linux libraries -- Libxml's xmllint, a tool for parsing xml documents, and Binutil's readelf, an essential debugging and security analysis command-line tool used to display detailed information about ELF (Executable and Linkable Format). Our preliminary results show that AFL+DIAR does not only discover new paths more quickly but also achieves higher coverage overall. This work thus showcases how starting with lean and optimized seeds can lead to faster, more comprehensive fuzzing campaigns -- and DIAR helps you find such seeds.
- These are slides of the talk given at IEEE International Conference on Software Testing Verification and Validation Workshop, ICSTW 2022.
Sudheer Mechineni, Head of Application Frameworks, Standard Chartered Bank
Discover how Standard Chartered Bank harnessed the power of Neo4j to transform complex data access challenges into a dynamic, scalable graph database solution. This keynote will cover their journey from initial adoption to deploying a fully automated, enterprise-grade causal cluster, highlighting key strategies for modelling organisational changes and ensuring robust disaster recovery. Learn how these innovations have not only enhanced Standard Chartered Bank’s data infrastructure but also positioned them as pioneers in the banking sector’s adoption of graph technology.
Pushing the limits of ePRTC: 100ns holdover for 100 daysAdtran
At WSTS 2024, Alon Stern explored the topic of parametric holdover and explained how recent research findings can be implemented in real-world PNT networks to achieve 100 nanoseconds of accuracy for up to 100 days.
30. • Lista de tarefas
• Título
Saturday, June 23, 2012
31. 1 <?php
2 class TaskTest extends PHPUnit_Framework_TestCase
3 {
4 public function testTitle()
5 {
6 $task = new SfConTask;
7 $title = 'Teste';
8 $task->setTitle($title);
9 $this->assertEquals($title, $task->getTitle());
10 $this->assertEquals($title, (string) $task);
11 }
12 }
Saturday, June 23, 2012
32. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3
4 Fatal error: Class 'SfConTask' not found in /Users/
augustopascutti/Desktop/tdd/TaskTest.php on line 6
Saturday, June 23, 2012
33. 1 <?php
2 namespace SfCon;
3
4 class Task
5 {
6 protected $title;
7
8 public function setTitle($string)
9 {
10 $this->title = $string;
11 return $this;
12 }
13
14 public function getTitle()
15 {
16 return $this->title;
17 }
18
19 public function __toString()
20 {
21 return (string) $this->getTitle();
22 }
23 }
Saturday, June 23, 2012
34. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 .
4
5 Time: 0 seconds, Memory: 2.75Mb
6
7 OK (1 test, 2 assertions)
Saturday, June 23, 2012
35. • Lista de tarefas
• Título
• ID
Saturday, June 23, 2012
36. 1 <?php
2 require 'SfCon/Task.php';
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 // ...
7 public function testId()
8 {
9 $task = new SfConTask();
10 $id = 1;
11 $task->setId($id);
12 $this->assertEquals($id, $task->getId());
13 }
14 }
Saturday, June 23, 2012
37. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 .
4 Fatal error: Call to undefined method SfConTask::setId
() in /Users/augustopascutti/Desktop/tdd/TaskTest.php on
line 19
Saturday, June 23, 2012
38. 1 <?php
2 require 'SfCon/Task.php';
3
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 // ...
7 public function testId()
8 {
9 $task = new SfConTask();
10 $id = 1;
11 $task->setId($id);
12 $this->assertEquals($id, $task->getId());
13 }
14 }
Saturday, June 23, 2012
39. • Lista de tarefas
• Título
• ID
• Completa?
Saturday, June 23, 2012
40. 1 <?php
2 require 'SfCon/Task.php';
3
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 // ...
7 public function testDone()
8 {
9 $task = new SfConTask();
10 $this->assertFalse($task->isDone());
11 $task->setDone(); // Default: true
12 $this->assertTrue($task->isDone());
13 $task->setDone(false);
14 $this->assertFalse($task->isDone());
15 }
16 }
Saturday, June 23, 2012
41. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 ..
4 Fatal error: Call to undefined method SfCon
Task::isDone() in /Users/augustopascutti/Desktop/tdd/
TaskTest.php on line 26
Saturday, June 23, 2012
42. 1 <?php
2 namespace SfCon;
3
4 class Task
5 {
6 // ...
7 protected $done = false;
8
9 // ...
10 public function setDone($bool=true)
11 {
12 $this->done = (boolean) $bool;
13 return $this;
14 }
15
16 public function isDone()
17 {
18 return $this->done;
19 }
20 }
Saturday, June 23, 2012
43. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 ...
4
5 Time: 0 seconds, Memory: 2.75Mb
6
7 OK (3 tests, 6 assertions)
Saturday, June 23, 2012
44. • Lista de tarefas
• Título
• ID
• Completa?
• Salvar tarefa
Saturday, June 23, 2012
45. 1 <?php
2 require 'SfCon/Task.php';
3
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 // ...
7 public function testInsert()
8 {
9 $pdo = new Pdo('sqlite::memory:');
10 $pdo->exec('CREATE TABLE tasks (
11 id INTEGER PRIMARY KEY,
12 title TEXT,
13 done INTEGER
14 )');
15 $task = new SfConTask($pdo);
16 $expectId = 1;
17 $task->setTitle('Test');
18 $task->insert(); // Insert defines ID
19 $this->assertEquals($expectId, $task->getId());
20 }
21 }
Saturday, June 23, 2012
47. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 ....
4
5 Time: 0 seconds, Memory: 2.75Mb
6
7 OK (4 tests, 9 assertions)
Saturday, June 23, 2012
48. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 Task
4 [x] Title
5 [x] Id
6 [x] Done
7 [x] Insert
Saturday, June 23, 2012
49. 1 <?php
2 require 'SfCon/Task.php';
3
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 public function testSetterGetterForTitle()
7 {
8 // ...
9 }
10
11 public function testSetterGetterForId()
12 {
13 // ...
14 }
15
16 public function testSetterGetterForDone()
17 {
18 // ...
19 }
20 }
Saturday, June 23, 2012
50. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 Task
4 [x] Setter getter for title
5 [x] Setter getter for id
6 [x] Setter getter for done
7 [x] Insert
Saturday, June 23, 2012
65. 1 <?php
2 require 'SfCon/Task.php';
3
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 public function testInsert()
7 {
8 // ...
9 $mockIns->expects($this->once())
10 ->method('execute')
11 ->will($this->returnValue(true));
12 // ...
13 }
14 }
Saturday, June 23, 2012
66. 1 <?php
2 require 'SfCon/Task.php';
3
4 class TaskTest extends PHPUnit_Framework_TestCase
5 {
6 public function testInsert()
7 {
8 // ...
9 $this->pdo->expects($this->once())
10 ->method('lastInsertId')
11 ->will($this->returnValue(1));
12
13 $task = new SfConTask($this->pdo);
14 $task->setTitle($title);
15 $task->insert();
16 $this->assertEquals($expectId, $task->getId());
17 }
18 }
Saturday, June 23, 2012
67. 1 PHPUnit 3.6.10 by Sebastian Bergmann.
2
3 ...............
4
5 Time: 0 seconds, Memory: 3.25Mb
6
7 OK (15 tests, 45 assertions)
Saturday, June 23, 2012
68. • Lista de tarefas • Cobrir variações
• Título • Mocks / Stubs
• ID •
tas?
Bugs regressivos
u n
• Completa?
e rg
• Salvar tarefa
p
Saturday, June 23, 2012