I’ve had some things queuing up for a bit, and rather than spam people’s readers with lots of little posts I’ll roll some of them up.

  • A list of the Top 15 Free SQL Injection Scanners — Why do manually what a tool can do for you. This is exactly the sort of scenario you should be automating.
  • Is Dedicated Hosting for Critical DTDs Necessary? – Does your application do xml validation via DTD or Schema? How is it referenced? Would your application work if suddenly it went away?
  • Seth Godin> introduces us to the concept of Trusted Ears. Who are your trusted ears when you are writing articles / reviews / test cases / test plans / other test artifacts?
  • There are a couple ways to do web services these days. I line up with those who think they should be architected around REST. With that in mind, O’Reilly have just released a book on RESTful Web Services which should likely be on people’s reading lists if you are in such an environment. Note: I haven’t read it yet, but it’s title is right, and it is from O’Reilly
  • Code Converter – Convert VB to C# (or vice-versa)
  • Java Script Hijacking — because we don’t have enough things to worry about already. Oh, here is some commentary on it by Bruce Schneier
  • In case your requirements have BPMN diagrams in them, this Poster will be of interest
  • Over the past decade, the number of applications that ship with printed documentation has decreased rapidly. However, html based documentation generally sucks when printed. You can combine the two using CSS as illustrated here
  • Chris McMahon is a regular contributer to the Agile Testing list. Apparently I had his blog bookmarked, but not in my rss reader.
  • Part of what I do as QA, in addition to pure testing, is to look at the processes around how the software was built and is deployed. One aspect of this is backup and recovery. Here is an article on recoving a RAID setup.