[Bug bounty | mail.ru]Access to the admin panel of the partner site and the disclosure of data of 2 million users

 [Bug bounty | mail.ru]Access to the admin panel of the partner site and the disclosure of data of 2 million users  
 
Relatively recently, I switched from searching for vulnerabilities on random sites to Bug Bounty sites, and for many such a choice seems obvious - in such programs, a researcher in 90% of cases will receive not only good experience, but also a guaranteed reward for valid vulnerability, while random site can stumble upon misunderstanding and threat. Actually, in order to gain reputation and “acceleration” on the largest Bug Bounty - HackerOne, it was decided to focus on finding vulnerabilities on one of the major bugbounty programs - mail.ru.
 
 
This article will deal with several bugs at mail.ru itself...
+ 0 -

8 interesting beta bugs iOS 12 and how we searched for them

 3r33434. 3r3-31. 8 interesting beta bugs iOS 12 and how we searched for them
3r3013.  3r33434.  3r33434. 3r3013.  3r33434. 3r33333.  3r33434.
changing the position of the “Remind me later” button so that some inattentive users accidentally click on the update button; 3r3013.  3r33434. 3r33380.  3r33434.
not allowing downgrade version ; 3r3013.  3r33434. 3r33380.  3r33434.
showing a red marker on the settings icon; 3r3013.  3r33434. 3r33380.  3r33434.
Finally, my favorite move is the daily display of update messages. 3r3013.  3r33434. 3r33380.  3r33434. 3r33382. 3r3013.  3r33434.
3r3409. 3r3013.  3r33434...
+ 0 -

UI testing: checking the system at different resolutions

UI testing: checking the system at different resolutions 3r33655. 3r3-31. Testing of long web-forms in various browsers and in permissions is not only extremely necessary, but also for the third or fourth - an extremely tedious and concentration-intensive process. So, this is exactly the area that itself asks for automation. This is what we do. 3r33625.  3r33655. 3r33625.  3r33655. In this article on Habr we will tell about our experience in testing large screens with Protractor, Zalenium and Selenium-grid tools. How we gradually introduced these automatic UI testing tools and what difficulties we had to go through. 3r33625.  3r33655. 3r33625.  3r33655...
+ 0 -

Development of loading scripts for browser /mobile games. Part 1

Development of loading scripts for browser /mobile games. Part 1Hello, Habr. In last article I told about the automation of the process of load testing in the gaming company, in which I work. Now it's time to stop at some specific tasks that we had to face in preparation for the testing process of the games themselves.
 
 
There is a big difference between testing different banking /retail processes and games. In the first case, users perform their tasks almost in isolation from each other and use only those data and elements that they see in the window of their browsers or other clients at the moment, which facilitates the development of load scripts...
+ 0 -

How to perform many UI tests in parallel using the Selenium Grid?

How to perform many UI tests in parallel using the Selenium Grid?Hello! I work at Avito and am developing tools for testing. When we had a lot of UI tests, we were faced with the problem of scaling Selenium servers, and now I will tell you how we solved it.
 
And how do you perform many UI tests in parallel using the Selenium Grid? Unfortunately - in any way.
 
Selenium Grid is not able to perform a large number of tasks in parallel.
 
Do you want to register a really large number of nodes? Well, try it.
 
Want speed? It will not be - the more nodes are registered on the grid, the less stable each test is executed. As a consequence - restart.
 
Do you want fault ...
+ 0 -