Alik Levin's

Clarity, Technology, and Solving Problems | PracticeThis.com

Browse by Tags

Tagged Content List
  • Blog Post: File Upload In A Web Test: The Case Of Submitting A Form With JavaScript

    This post documents steps we have taken to simulate file upload with Web Test when the form is submitted via JavaScript [vs. simple postback]. Credits go directly to Shai Raiten , MVP, brilliant young man, and the mind behind the workaround. Quick Resource Box How to upload a file in a Web test Shai...
  • Blog Post: Sysinternals ProcMon New & Improved – Captures Both System & Application Events

    This post inspired by fantastic news I heard over at John Robbins blog of Wintellect. John collaborated with Mark Russinovich . Mark made it possible for Process Monitor [ProcMon] to collect events reported by an application and John wrapped a nice API that can be used either from native or managed code...
  • Blog Post: Fiddler Extensibility: Flagging ASP.NET Performance Problems

          Although Fiddler PowerToy - Part 2: HTTP Performance is quite dated article about Fiddler , I constantly find very useful and practical gems in it. Flagging performance problems by coloring outstanding requests is one of them. Quick Resource Box Fiddler PowerToy - Part 2: HTTP...
  • Blog Post: ASP.NET Performance Toolset

    Any consultant can streamline ASP.NET Application performance troubleshooting process when he has a good toolset handy. By “good” I mean the tools are well known and it is free. These two attributes usually help passing security department smoothly and never meet procurement department too. These departments...
  • Blog Post: Free Web Performance Tools From Microsoft, Google, Yahoo, And IBM

          This post is a quick overview of free performance tools available from Microsoft, Yahoo, Google, and IBM. It also contains a pointers to related articles that go deeper regarding the best practices and how the tools can help in identifying compliance to the best practices. Quick...
  • Blog Post: Security Code Review – String Search Patterns For Finding Input Validation Vulnerabilities

    Well defined set of search patterns helps significantly reduce time (cost) when performing security code inspections. This post focuses on input validation vulnerabilities commonly found in ASP.NET web applications. SQL Injection and Cross Site Scripting (XSS) String search patterns SQL Injections and...
  • Blog Post: ASP.NET Performance Sin - Serving Images Dynamically (Or Another Reason To Love Fiddler)

    Serving images dynamically may cause performance hit. Dynamically served images require more HTTP requests which violates Steve Souders' performance rule #1 - Make Fewer HTTP Requests . The latency is also caused by parallelism (or parallel downloading) limitations as described in detail here Performance...
  • Blog Post: Free Performance Tool - Analyze IIS Logs Like A Pro With Funnel Web Analyzer

    These free performance tools will save you time and money identifying performance bottlenecks. Your customers will thank you for building fast and responsive applications. Funnel Web Analyzer 5.0 for Windows Download the tool here. Analyzer gives insight into everything from server load and...
  • Blog Post: Quickly Find And Fix Cross Site Scripting (XSS) Vulnerabilities In Your ASP.NET Application.

    Want to quickly check your ASP.NET Web application for Cross Site Scripting (XSS) vulnerability ? It is pretty easy with the knowledge and tools you already have. This post describes how to quickly find and fix most of XSS vulnerabilities in your code. Why XSS vulnerabilities are possible XSS...
  • Blog Post: Performance Development Lifecycle (PDL) Session Materials

    Yesterday I gave a talk about the subject during Performance Open House First off, thanks for attending my talk. The materials are published here . Enjoy.
  • Blog Post: Stress Test ASP.NET Web Application With Free WCAT Tool

    Building ASP.NET web applications? Plan to serve thousands of users? Would you like to see how your application would behave [misbehave] under stress? Use simple-to-use and freely available WCAT tool to generate the load and get detailed report for expected throughput (requests/sec) and other important...
  • Blog Post: Performance Sin - Using Exceptions To Control Flow

    Want to spot coding anti-patterns from performance perspective without actually looking in the code? One of the common performance coding anti-patterns I’ve noticed lately is using Exception Handling to control program flow. The anti-patterns Most common anti-pattern is just using exception handling...
  • Blog Post: Security Code Review – Use Visual Studio Bookmarks To Capture Security Findings

    How to streamline the process of capturing security flaws during security code review? How to save time and avoid switching between the tools? How to stay focused? In this post I will show my simple technique to capture security flaws using Bookmarks in Visual Studio. Create bookmark folders. Hit Ctrl...
  • Blog Post: Performance Code Review Tool – Practices Checker

    Care about performance? Do you write your code with performance in mind? Want little help to spot performance bottlenecks automatically? Practices Checker to the rescue. The goal of the tool is “Help you perform a manual code inspection by analyzing your application for potential coding and configuration...
  • Blog Post: Profiling JavaScript With Ajax View Tool: Spot Poor Performance Client Script In No Time

    Ever wondered why your application unreasonably slow? You have it all - most powerful hardware, your database is tuned, SQL queries are optimized, network is barely utilized, and .Net code is super efficient. So why on earth response time is so slow? The answer might lie in recently developing area –...
  • Blog Post: Create Your Own Guidance Explorer Items Inside Outlook 2007

    Want to create your own nuggets of wisdom? Want it to look and feel like patterns&practices nuggets of wisdom look and feel? Want to reuse it, mix and match with existing ones? It is easy and fast with Outlook 2007. I will show how I extend my knowledge base with a snap using Outlook 2007’s...
  • Blog Post: Consume patterns&practices Guidance Explorer Via RSS Using Outlook 2007

    patterns&practices recently released new version of Guidance Explorer [GE]. One of the most important addition was enabling RSS on the online GE store. What does that mean? It means you can consume distilled security, performance, and Visual Studio wisdom in any RSS reader of your choice. It means...
  • Blog Post: Identify ASP.NET, Web Services, And WCF Performance Issues By Examining IIS Logs

    Simple examination of IIS logs can reveal potential performance issues related to ASP.NET web applications, ASP.NET web services, and IIS hosted WCF services. Fast, easy, cheap. These are the simple steps I take: Time-Taken & W3C Logs: Turn it on... Collect the data in the IIS logs Open IIS logs...
  • Blog Post: Security Tools From Microsoft ACE Team

    Mark covers arsenal of security tools available from Microsoft ACE team . The tools are: Threat Analysis & Modeling Enterprise (TAM-E) CAT.NET (Code Analysis Tool) Spider TCM (Assessment and compliance tool)
  • Blog Post: XSSDetect Public Beta now Available!

    XSSDetect public beta is now available for download on MSDN. Overview XSSDetect is a static code analysis tool that helps identify Cross-Site Scripting security flaws found within Web applications. It is able to scan compiled managed assemblies (C#, Visual Basic .NET, J#) and analyze dataflow paths from...
  • Blog Post: Examining WCF Diagnostic Traces Using Service Trace Viewer Tool (SvcTraceViewer.exe)

    Service Trace Viewer Tool (SvcTraceViewer.exe) tool comes with Microsoft® Windows® Software Development Kit for Windows Vista™ and .NET Framework 3.0 Runtime Components . It allows to view WCF diagnostics traces in very convenient way. " Using Service Trace Viewer for Viewing Correlated Traces and Troubleshooting...
  • Blog Post: Use Sysinternals DebugView To Diagnose The Application

    "Unspecified error", "Catastrophic failure", "Object reference not set to an instance of an object" and other "self explanatory" errors promise no easy debugging. Good instrumentation of the application to the rescue! The techniques described in the paper explores on very often overlooked healthmonitoring...
  • Blog Post: Visual Studio 2005 As General Code Search Tool

    Visual Studio 2005 has powerful search capabilities. One of my favorites is "Find in Files". Just hit Ctrl+Shift+F (more shortcuts - My Favorite Shortcuts ). Essentially it uses FindStr utility that sits in System32 folder and comes for free with Windows OS. FindStr is a command line utility and those...
  • Blog Post: Who Access My File?

    In my post File Access Auditing - I Am Not Afraid Of GPO I've digested technet documentation on how to set Active Directory Group Policy Object (AD GP) to enable file access auditing as security measure to prevent repudiation. It is heavy weight techniques for scenarios where developer just needs to...
  • Blog Post: patterns & practices Guidance Explorer - The New Wave

    Guidance Explorer is not only very powerful security (and performance) guidance tool - recently it met VSTS guidance launched on CodePlex . To make the long story short, Guidance Explorer seems to serve as the solid framework to build and extend guidance on topics like Security and Performance Engineering...
Page 1 of 2 (33 items) 12