• ITGIF – “IT-God” It’s Friday #15

    by  • 2 avril 2010 • ITGIF, Technologie • 1 Comment

    TGIF

    La semaine dernière j’ai découvert Skipfish, un outil de reconnaissance et détection de possibles failles de sécurité pour les applications web.

    Skipfish is an active web application security reconnaissance tool. It prepares an interactive sitemap for the targeted site by carrying out a recursive crawl and dictionary-based probes. The resulting map is then annotated with the output from a number of active (but hopefully non-disruptive) security checks. The final report generated by the tool is meant to serve as a foundation for professional web application security assessments.

    J’ai donc commencé à faire quelques tests sur l’application web que l’on développe au travail. J’aurais aimé vous en parler davantage mais je n’ai pas terminer ma première boucle complète d’exploration de l’outil que je fais à temps perdu.

    J’aimerais en venir à un point de bien comprendre son fonctionnement pour pouvoir simplifier l’exécution de l’outil sur une application web et être en mesure de faire les tests sur une base régulière comme en fin d’itération. Par la suite, il faudra que je comprenne le rapport que l’outil génère pour être capable d’appliquer des correctifs à l’application web.

    Pour tenter de rester actif sur le dossier et éviter que ça glisse entre 2 chaises, je vais faire ce qui est en mon pouvoir pour poster un résumé de la première partie de mon exploration la semaine prochaine. D’ici là, je continue de chercher de la documentation autre que le site officiel et des tutoriels pour augmenter ma compréhension.

    Semaine du 29 mars au 2 avril 2010

    GWT code split is awesome
    8 reasons for re-inventing the wheel as a programmer
    10 Properties of Kanban
    How to Build a Large Agile Organization
    The TDD checklist (Red-Green-Refactor in detail)
    What is “simplicity” in programming?
    How to Manage Programmers
    A frequently asked TDD question
    Scrum Gathering: Community of Practice
    Testing Exceptions in JUnit 4.7
    Top 10 PHP Techniques That Will Save You Time and Effort
    Build Web applications with HTML 5
    DIY Startup: Get a name – Part 1
    New MyEclipse IDE For Spring Claims To Revolutionize Spring Java Development
    Media Annotations Working Group Publishes Drafts
    Monetizing the Technical Debt
    I think I just got hit by cargo cult Scrum
    Getting Started with TDD in Java using Eclipse
    7 Awesome Features Coming Up in WordPress 3.0
    9 Reasons Why Many Smart People Go Nowhere
    Creating a Maven webapp from scratch
    Making Change Stick

    Semaine du 22 au 26 mars 2010

    Google Goodness: Using GWT With Guice
    How TDD/BDD Miss the Point: Introducing EDD
    Programming Paradigms; The Future of Software Development
    Skipfish: Google’s New Tool to Harden Web App Security
    Agile Documentation: Is There Clarity?
    8 Easy Tips for Creating Quality Code Every Day
    Getting a GWT Chat app with Comet running in less than 3 minutes
    How Java needs to become cleaner
    TDD: Consistent test structure
    5 Ways to Think Wisely in Development
    Temporary Code, Sustainable Code and Everything in Between
    Usability, RIA, and GWT – 6 Questions to Ask your Users

    Semaine du 15 au 19 mars 2010

    Top 10 best practices for front-end web developers
    My ten development principles
    Is the Agile Community Being Unreasonable?
    Scrum Gathering Musings
    How I Review Code
    A Badge of Honor
    Most Effective Team Structure
    Building a GWT Declarative Interface
    Top 10 Things That Annoy Programmers
    What’s Happening in the Java World?
    How to Speed up Maven
    Conflict is Human: Let’s Use It Well
    A Manifesto of Done
    Automated Unit Tests as Documentation

    Semaine du 8 au 12 mars 2010

    What’s a Tester without a QA Team?
    QA vs. Testing in Agile Projects
    Getting the Product Backlog Ready for Sprint Planning
    Managing the Transition to Agile
    The “Do Not Disturb” Team Member
    Nine Questions to Assess Team Structure
    Pair Programming: Some Thoughts
    Navigating The Rapids:Real-World Lessons in Adopting Agile
    GWT and Maven, Oh The Agony!!
    Setting up GWT2 project with gwt-maven-plugin
    GWT Best Practices
    5 Tips to get the most out of your coding time

    Semaine du 1er au 5 mars 2010

    Maven’s Strengths and Weaknesses as a Dependency Management System
    Rules for Better Retrospectives
    Working With Custom Maven Archetypes (Part 3)
    Uncovering Serious Flaws of Agile and Scrum
    New to agile? Watch an Intro to Scrum video in about 8 minutes
    Scrum Success in a Distributed Team Environment
    Developing a Google App Engine (GAE) app using Maven
    A Flash SEO Tool
    Top 10 Web Software Application Security Risks
    To Comment or Not to Comment
    IT job trends – Which technologies you should learn next
    How NOT to lead geeks
    How will Google search work with pages built with GWT?
    Architecture Lives Here
    What is Story Point? Are they Necessary?
    The Open UP Debate

    Semaine du 22 au 26 février 2010

    How I Stole an Office and Fixed our Daily Scrum
    How to sustain Adaptive planning
    From Concept to Product Backlog
    The Various Flavors of Unified Process
    History of Web Frameworks
    The One Skill You Need To Master To Succeed And Grow As A Developer
    A Critique of the Pomodoro Technique
    Agile Team Spaces: Do’s and Don’ts
    JUnit Testing Made Easier With Eclipse Templates
    The Maintainability of Unit Tests
    Experiment Driven Development – The Post-Agile Way
    What do you try to leave in your commit messages?
    Commit Comments: A Conversation with your Future Self

    About

    Je travaille principalement comme développeur Java au sein d'une équipe Agile pour des projets d'application web utilisant principalement les technologies Java, Spring, Hibernate et open-sources. Je me spécialise dans l'analyse, l'architecture, le développement (Test-Driven Development) et les méthodologies Agile.

    http://www.tapageur.org/

    One Response to ITGIF – “IT-God” It’s Friday #15

    1. Pingback: TapaGeuR » Palmarès des billets 2010

    Laisser un commentaire

    Votre adresse de messagerie ne sera pas publiée. Les champs obligatoires sont indiqués avec *