Today I am very happy. What is so special about today?
I came 4th in the recently concluded security testing competition held at 99tests.
So, what? How does this make special? You are not even in top 3!
This competition is special for many reasons.
First Time - Security Testing
Competition ends on 16th April - 3 days and 6hrs left
I registered to this competition as I wanted to learn about Security Testing.
How can I miss this wonderful opportunity where testers compete and log some cool bugs. Then a thought struck: What is the fun in watching others log bugs? Why be a silent spectator?
A plan was drafted right there!
The BIG day - Friday April 15th!
I had not slept on 14th night as the build was released to us and I was on leave the next day. When I woke up at 11 AM IST, the body was happy after a well deserved rest of 4 continuous hours.
The book Web Security Testing Cookbook was easy to understand, to the point and very informative.
There were so many topics, each topic teaching me something very interesting. As I had applied leave to office, I had the time and the resources. No disturbances. It was easy to make my family understand about the leave [They are used to my strange ways of working by now].
Lunch Time: 12:20 PM IST
After many days, I had the chance to feast on home food. I love my mother's cooking and it had its own sweet effect. I was feeling sleepy and I had two choices:
Sleep now when there is no disturbance or sleep when there is noise/power cut
I did not want to waste time, motivated myself to concentrate, focussed my energy on the goal!
I did not sleep. Slowly but steadily, I was getting confident about my chances in this competition. Time was ticking by, I finished a major part of the book.
Break time: 06:00 PM IST
I took a break. I went for a bath and imagined finding bugs in the application and winning the competition.
Mind was fresh after the bath. I continued reading the book along with comparing notes from OWASP guide.
This continued till 11:00 PM IST. The only breaks were for lunch or drinking water or for toilet.
Trust in Alarm: 11:00 PM IST
I was tired. I wanted to sleep but again the 'What if' question came to my mind. What if I overslept and by the time I woke up, the competition ended? As I had not logged even a single bug by now, I was nervous to sleep. Should I stay awake or sleep for two hours?
I trusted the alarm and the alarm info popped up: 2 hrs 20 mins remaining.
Alarm was set to 01:30 AM IST
Final Push! 01:30 AM IST to 08:00 AM IST
I logged seven bugs - read about the topic, tested, investigated, read, logged.
I was not sure if I had done enough. Should I log three more? Should I log 30 more? No answer as my body was searching for the nearest bed!
To be frank, I was very tired and could not concentrate. I had to sleep. The battery of 2.5 hrs could last only 6.5 hrs. Though I would have loved to log more bugs, i was happy that I gave my best!
Results
I woke up at 12:30 PM IST and first task I did was to browse to the competition page to check out the results. This was the screen displayed:
I was so happy. I am still happy. This competition and the entire 4 days effort would motivate me to achieve my goals. And I want to dedicate this victory to one person who kept on encouraging me right from the moment I registered for this competition. Thanks Krishnaveni.
I have taken the first step - I have conquered my fears of Security Testing. What about you?
Leia Mais…
I came 4th in the recently concluded security testing competition held at 99tests.
So, what? How does this make special? You are not even in top 3!
This competition is special for many reasons.
First Time - Security Testing
I have been testing software officially close to five years now. I have found few bugs in every application based on different quality criteria - Functionality, Usability, Performance, Testability, Install-ability but never based on SECURITY.
There were many excuses for that:
- I don't know Security Testing.
- I am not skilled in Security Testing and I will never be skilled at Security Testing.
- I need to have strong programming skills. So, no security testing for me.
- No one asks me to perform Security Testing for this application. Why should I test for this criteria if the customer has not asked for it?
- The programmers will not fix the security bugs.
- The books & resources on Security Testing are many & very costly.
Looking back, I feel I wasted a lot of time!
As I believe in not taking guilt trips but learning from mistakes and moving forward, let us move on.
Date: 13th April 2011 Time: 05:44 AM IST
There was a security competition on 99tests website.
Date: 13th April 2011 Time: 05:44 AM IST
There was a security competition on 99tests website.
Myself and Krishnaveni registered for the security competition.
I registered to this competition as I wanted to learn about Security Testing.
How can I miss this wonderful opportunity where testers compete and log some cool bugs. Then a thought struck: What is the fun in watching others log bugs? Why be a silent spectator?
I am aware that I can't run as fast as the security experts but I can crawl if not walk!So, I decided that I will compete as an active competitor instead of being a silent spectator!
A plan was drafted right there!
- Convert the .chm to pdf [Converted on April 13th - 07:00 AM IST]
- Print the book [Printed on April 13th - 01:00 PM IST]
- Read the book [April 13th - 11:00 PM IST for half an hour]
- Apply leave for Friday [April 14th 05:30 PM IST]
- Sleep well [ 4 hours]
- Read the book [April 15th 11AM IST onwards]
- Update the computer software [April 15th 03:15 PM IST]
- Test & log bugs [April 16th 01:30 AM IST - 08:00 AM IST
With the goal in sight, passion inside, silence outside, I started security testing.
The BIG day - Friday April 15th!
I had not slept on 14th night as the build was released to us and I was on leave the next day. When I woke up at 11 AM IST, the body was happy after a well deserved rest of 4 continuous hours.
The book Web Security Testing Cookbook was easy to understand, to the point and very informative.
There were so many topics, each topic teaching me something very interesting. As I had applied leave to office, I had the time and the resources. No disturbances. It was easy to make my family understand about the leave [They are used to my strange ways of working by now].
Lunch Time: 12:20 PM IST
After many days, I had the chance to feast on home food. I love my mother's cooking and it had its own sweet effect. I was feeling sleepy and I had two choices:
Sleep now when there is no disturbance or sleep when there is noise/power cut
I did not want to waste time, motivated myself to concentrate, focussed my energy on the goal!
I did not sleep. Slowly but steadily, I was getting confident about my chances in this competition. Time was ticking by, I finished a major part of the book.
Break time: 06:00 PM IST
I took a break. I went for a bath and imagined finding bugs in the application and winning the competition.
Mind was fresh after the bath. I continued reading the book along with comparing notes from OWASP guide.
This continued till 11:00 PM IST. The only breaks were for lunch or drinking water or for toilet.
Trust in Alarm: 11:00 PM IST
I was tired. I wanted to sleep but again the 'What if' question came to my mind. What if I overslept and by the time I woke up, the competition ended? As I had not logged even a single bug by now, I was nervous to sleep. Should I stay awake or sleep for two hours?
I trusted the alarm and the alarm info popped up: 2 hrs 20 mins remaining.
Alarm was set to 01:30 AM IST
Final Push! 01:30 AM IST to 08:00 AM IST
I logged seven bugs - read about the topic, tested, investigated, read, logged.
I was not sure if I had done enough. Should I log three more? Should I log 30 more? No answer as my body was searching for the nearest bed!
To be frank, I was very tired and could not concentrate. I had to sleep. The battery of 2.5 hrs could last only 6.5 hrs. Though I would have loved to log more bugs, i was happy that I gave my best!
Results
I woke up at 12:30 PM IST and first task I did was to browse to the competition page to check out the results. This was the screen displayed:
I was so happy. I am still happy. This competition and the entire 4 days effort would motivate me to achieve my goals. And I want to dedicate this victory to one person who kept on encouraging me right from the moment I registered for this competition. Thanks Krishnaveni.
I have taken the first step - I have conquered my fears of Security Testing. What about you?
