** The views in this post are my own and do NOT represent or reflect the views of my employer or any organizations **

In this post we will build an insecure web application. The goal is to share some of my learnings building AWS serverless apps. At the same time, I am hoping this would start a discussion that increases the awareness around security when architecting or developing software.

This came to mind as I went through the “Secure development training” programme at https://academy.safestack.io/ lately, so thought that could be an opportunity to introduce a couple of security vulnerabilities…

In this post, we will write infrastructure as code, using Cloud Formation, to setup a web server on an EC2 instance on AWS.

We will be covering the following items:

  • Create an EC2 instance manually using AWS console
  • Automate the creation of EC2 instance with Cloud Formation
  • Add a name to the instance and create a tag
  • Connect to the EC2 instance through SSH
  • Setup a web server on the EC2 instance (manually then through Cloud Formation as a startup script)

As the goal of this post is mainly infrastructure, we will just create a web app that displays “Hello…

As with any website, I wanted to add a navigation menu to my personal website (built with ReactJS) when I was developing it — https://ahaydar.github.io

In this post, I will go through my thought process and document my learnings about the tech used. I hope this will be helpful for anyone starting with React and React Router.

The navigation menu includes the following items:

  • The “home” menu item gives accessibility to the current personal site
  • The “now” menu item takes the user to a new page where I list what I am currently doing (inspired by “Now” page, which I…

Below are a few statements / assumptions that would help me explain the idea and the goal of this post:

  • We build software to solve problems for our customers or for people in general
  • It is important that the software is built and delivered in a reasonably short time
  • It is important that the software is built and delivered with a reasonable quality
  • There are lots of methods and ways of working to develop software, and there is no single way that is correct for all organisations
  • It is difficult to deliver software with both speed and quality

The goal…

Image for post
Image for post

If you’ve built a website, whether for personal or commercial use, you probably researched web hosting options. Lots of companies provide this kind of services. In this post, we will build a very simple website, and host it on Amazon S3 (Amazon storage service), which can be used to host a static website (a site that contains static content and client-side scripts).

The interesting part is that we will use AWS CDK to define the infrastructure we’re using. I’ve learned about this a couple of weeks ago, and thought to document my learnings through a blog post.

Below are a…

Lots of applications have a set of processes or operations that include sending emails to customers. This could be related to registration, resetting passwords, or notifications… Sometimes, teams choose to avoid the automation testing of emails verifications, and stick to testing it manually at the implementation time. This might be a fair choice if the area that is being tested isn’t going to be updated in the future, or isn’t impacting the business progress or success.

To automate or not to automate? Ask yourself the following couple of questions:

  • Is this an important part of the business, would it cost…

Most of the times, when we develop software, we rely on third party services to accomplish a certain outcome so that we don’t have to re-invent the wheel. However, this introduces a new level of complexity, especially around testability.

This post is based on a presentation I gave at the “Ministry of testing - Auckland” meetup. Mocking isn’t new, and there are lots of articles on the internet about it, but it is less frequent to see content about mocks in the context of a system testing or end to end testing. …

When selecting a tool to perform API testing, it’s natural to pick one that’s built for this purpose, such as Postman, SoapUI, RestAssured, etc. There are many other similar tools in the market. Also, it’s possible to leverage Http Client libraries to perform API testing. Here are some of these libraries: Axios, Request, Supertest, etc.

Today is the 13th day of the API testing challenge, organized by The Ministry Of Testing - Auckland. The challenge for the day is to contribute to the list of API Automation tools at the club. …

Today is the 7th day in the API Testing challenge organized by WeTest Auckland. The challenge for the day is to complete the first exercise posted at The Club (Ministry of Testing).

The goal of the exercise is to execute some simple API calls (e.g. GET / POST requests) using as many tools as possible.

The first step is to find a publicly available API that we can utilize to practice API testing (This was covered in day 5 of the challenge). Here is a list to choose from:

Few days ago, WeTest Auckland kicked off the “30 days API Testing Challenge”, which is a great way to learn as individuals or teams. I will participate in this challenge and drive a few tasks. This would give me the opportunity to do some research, refresh my knowledge and get exposed to different tools and testing techniques.

I hope to achieve the following through this documentation:

  • Share my knowledge with people who have the same passion about testing. This includes discussing solutions and opinions
  • Get a feedback about the state of my knowledge and improve it. …

Ali Haydar

Software engineer (JS | REACT | Node | AWS | Test Automation)

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store