Application Security Testing: An Integral Part of DevOps
Often while developing an application, programmer needs an information about a value of specific variable, time needed to execute a piece of code or just plain info that some function/module has been entered/exited. Most of these information can be collected using a debugger but, debugger interrupts normal program execution (critical for communication programs) and doesn't give any time related info (for example, how long does it take to execute an SQL statement or what is the time difference between sending a command and receiving a response from a device connected to a serial port). Also, once you build a release version, you lose any debugging capabilities unless they are hard-coded into the program.
Most often, programmers use dump to file as a way to collect info but it has several limitations. You cannot view info while program is running, you lose some or all data if program crashes and it's very difficult to find something in a mass of data collected in this way.
Agent is a separate, stand-alone process which uses Win32 inter process communication facilities to receive programmer defined messages coming from a client process via an Agent DLL loaded into the client process. Agent has an Explorer like user interface. One of the requirements we set for the Agent was that it can be used with programming environments other then C++ (for example, Delphi). This is the reason why the Agent is statically linked with MFC and C++ runtime library (programmer doesn't need anything else but the Agent itself to run it on a target computer). Agent DLL is a non-MFC DLL with a very small footprint. It is used for programming environments like Delphi. For convenience and for Visual C++ projects, there is also a C++ Agent LIB library which takes care of dynamically loading the Agent DLL. It is also very small and will enable a process to work even if Agent DLL is not found or Agent is not running.
Agent monitors a System -- set of executable modules which are part of a project programmer is working on. Module is either an executable file or a DLL. Within a System, programmer defines processes. Process is equivalent to a module (executable or DLL). Process can also be a part of a module if it is convenient for a programmer (for example a special worker thread). Each process contains one or more fibers. Fiber is related to one function, algorithm or any other piece of code programmer can think of. Each fiber contains one or more messages. Message is at the lowest level and contains a user defined text (usually built with a sprintf or CString in order to contain current values of program variables) and optionally a Win32 error code. It can also contain a source code file name and a line number from which a message is sent. Agent DLL automatically adds a timestamp when the message is sent.
Some of the features of the Agent are:
Zip file (Agent.zip) contains the following:
Download Files The zip file is 248K.