We have answers everywhere!

I have been experiencing lots of positive thoughts around me while I also create so. People have been asking me lots of questions which many of them have already spoke about it. And I believe the only reason they are unable to understand is because, they are not doing the way they wanted to. The moment we start encouraging people to put their own thoughts and start to help them improvise on that is the only way to align the goal.

Here is something interesting that I found when I was studying about CDT (Context Driven Testing).

I used “BING” search for the only reason that I was using Internet explorer and my default search engine was Bing. I tried the same phrase (Define Context) on various search engines, like Google, Ask etc.

I observed something interesting that no other search engine game me this result.

Bing Search Result for "Define context"

Bing Search Result for “Define context”

I am not trying to compare or test which one of the engine gives me a good result. I found something that I was looking for!

  • Structure
  • Framework
  • Context
  • Scheme
  • System
  • Plan
  • More

Right, now relate it to your work.




Context Synonyms itself defines the process. This is not the only process, this is also the way we can look and relate. Now that I found this result and I solved few questions of mine. I just wanted to share it with my readers.

Help Testers to learn about “How” and not “Here is how”.


Let’s think Non-Tester!

The below mentioned is not aligned in a specific manner. But just enjoy them.

strategy – Systematic plan of action
Plan – Steps to accomplish the goal
design – Arrangement and flow art
Credibility – Being believable and trustworthy
Bug – Term of any insect that crawls or creep
Defect – imperfect or unfinished object or machine
Triage – Arranging things according to importance or urgency
Exploration – Discovery or intention to serve
Context – The set of circumstances in and around the situation
Testing – Act of determining something to see how it works
Case – Occurrence of something
Boundary – Possible measurable limit of something
Analysis – Investigation of one part or whole of their activities to relate
Charter – Document specifying the rights, certificates and information of the services or product
Coverage – To an extent with which something is covered
Accountability – Responsibility for some activity or taking
Approach – Move towards
Session – Time assigned to a specific activity
Management – Act of taking charge of something (Positive way)
Quality – The important differentiating factor of something
Risk – Chance of getting damaged
Software – Computer language connecting humans with computer
Impact – Influencing factor or effect over something
priority – Understanding the importance or urgency
severity – Degree of pain
Transition – Act of changing from one phase to other
Sanity – Power of basics
System – Instrument that combines various inputs from sources
Computer – Artificial intelligence based on human thought
Hardware – An physical object considered a tool
Anticipate – prediction or likely happenings
practice – Learn by repeating
Techniques – Art applied to a particular task
Skills – Power to learn by taking help from various forms
Observation – Recording something into the mind, creating impression
Principles – Truth or law standards accepted widely
Artifact – Something you and I made
Equivalent – Being fundamentally equal to something
Case study – Study of attempts to determine the success and failure
Complexity – Too many components talking each other
Scope – The area in which the situation exists
Objective – The goal to be achieved
Assumption – The statement of not really truth
Pass – Went through
fail – Short of expectation
success – When the intended purpose is achieved
failure – Lack of success
Examine – Investigate to conclude its true
Oracle – Something that divines the future
Technology – The current world
Purpose – what is it used for
You – Addressing someone
others – people who are not specific
me – Look at the mirror
Design – Sketch representing something thats trying to solve the purpose
Scenario – Story of events
Idea – A personal view
Business – Act of providing goods and services

We always squeeze our head on different terminologies from experts but I wanted to share my thought on how things are really simple to understand and can be taken forward to share the complicated stuffs. That is it!


Few things a tester should say more often!

I planned to type it but then I would want to share how thoughts are written and looks in reality.

Here is 15 things testers should say more often: (credits : kid president)


We say many things often but there are always few which impact the day to day activities and those are the things that we usually don’t realize.

Ignore if formatting issue observed, I am posting this from my mobile app.

Reverse engineering :: Android App

Reverse engineering is a process of examining, analysing the structure, information and data being used by the software. We just don’t break software, we help our customers understand the risk of having information and details exposed. Let’s see how an android (.apk) file can be reverse engineered

Source code has it all, algorithms, API’s, Server configurations, Hint for the database, structure etc.

Tools required:

1. Dex2Jar (Dalvik executable to .jar)

2. JD-GUI (Java decompiler with Graphical user interface)


What are we going to investigate:

1. Investigate whether the app uses 9 patch images (Learn about 9 patch images here)

2. Source code encryption

3. 3rd party API’s and version (People don’t have a habit of updating the 3rd party API’s) – check the latest API’s here:

  1. Facebook
  2. Twitter
  3. Google

4. Pro-guard – Encryption tool for android apps.


Firstly, a brief about what APK is and what it consists off.

APK (Application package) and when any app is downloaded from play store, it would be stored as apk in the filesystem. The system files, resources and data are placed appropriately in the android system and executed when the app is used.

Step 1:

Get the apk of the app that you need to work on. There are several way that you can extract the apk. However, the simplest way is to download (APK extractor)

from play store and select the app to extract the apk and copy it to you local system.

Step 2:

Extract the apk. Use 7zip to extract the apk and place the folder to the place where it is easily accessible (We have real good habit of clicking “next” and don’t worry about any messages that software is try convey us)

Step 3:

To verify whether 9 Patch images are being used.

Open the extracted folder and you would find a folder named “res” (Resources)
Resources will have all the icons / images / Graphical elements. Here is an example.

Read about different image density, image resolution to be used here: Supporting different screen size

When 9 patch images are used, resources will contain 9 patch images (Folder) with few of the above folders eliminated.

9 Patch images can be recommended to decrease the size of the application and this is more helpful when we project the use of the resources by the competitors.



Android being open-source, there are several screen sizes and situations where 9 patch images might not work. Request technical team reason behind the 9 patch images not being used and if we could help them understand the effort, time and problem that could be solved using 9 patch images, boom! Value…

Source-code encryption:

Android uses DVM (Dalvik virtual machine) to execute the program. When any android code is compiled, they create appropriate images for the system to detect and execute. While for the source code .dex (Dalvik executable) file will be created.


Check out some information here: Design and structure, code / wiki / other documentation


Please proceed with step 1 and 2.

When the extracted folder is opened, a DEX File has it all.

Copy the dex file, Open DEX 2 JAR  place the .dex file into dex2jar folder.

Finding classes.dex

Finding classes.dex

Open command prompt:

Navigate directory to the dex2jar folder

Tip: Hold ctrl + shift and right click, you could open command prompt directly from the folder.

Enter the below command:


dex2jar.bat classes.dex


The decompiling has started and you would see success at the end. Now there are several scenarios it would fail (Example: The dex file may be huge with several classes of them may be encrypted or unlinked from the actual source). Please share the failures with me or google, we could fix it together.

Opening the .jar file.

A jar file with classes_dex2jar.jar will be created inside dex2jar folder.



It’s time to look at the source…

Open JD-GUI and just drag and drop the .jar file

You would see all the classes name and the source with the API’s thats being used and several information. Please dig more about the understanding the source.

Encrypted source: If the source is already encrypted, you would see “a, b, c, 1, 2, 3” as the main class names and subclasses, abstracts, public class would hit “A, b and c” or desired classes.


Hey wait, are we done? We got the source, should we just report them?

We could recommend a possible and available answer, Pro-guardwhich optimizes by removing unwanted code, obfuscates making it hard for someone to understand, shrinks by removing methods, fields and fuddles the code. It’s just few lines of code injection and crackers!


Verify third party APIs for the versions and other details.



The build properties may vary from SDK to SDK. For facebook, it’s just on the top most layer named, Facebook SDK version. It’s similar to most of the SDK’s.


The current facebook version can be verified with respective to what was being used. When we are recommending them to use the latest version, we would also be responsible for telling the stakeholders “Why”. We could just project the changelog or fixes for the latest facebook SDK version comparing it with previous one. Moreover, we don’t have to do it, we just have to copy paste the link in which the SDK’s are released.

Share your thoughts and we could discuss more about it.  I will write more about testing android apps in the coming days.

Have a great day ahead!


Google Shames Apple’s iOS For Adding What Android Did Years Ago


Apple’s Tim Cook insulted Google at WWDC earlier this month saying “Android dominates the market in malware”, and quoted an article calling the fragmented open operating system a “toxic hellstew of vulnerabilities.” Well Google punched back this morning at its I/O conference when Sundar Pichai put up a slide showing Android’s progess over the years, noting “If you look at what other platforms are getting now, widgets, custom keyboards, many of these things came to Android four, maybe five years ago.”

And the Google fanboys and fangirls went wild.

View original post