SlideShare a Scribd company logo

Code Forensics

Diego Pacheco, profile picture
Diego Pacheco

This document outlines techniques for debugging and investigating software issues like a code forensics expert. It recommends avoiding panicking and doing multiple things at once. Follow a scientific process by writing down facts, having theories, and getting a debugging partner. Use tools like observability, debug tricks, and Linux tools. Analyze code changes and previous working versions. Document investigations through post-mortems, root cause analyses, and retrospectives to prevent future issues.

Technology
1 of 29
Download to read offline
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
Code Forensics Diego Pacheco
@diego_pacheco ❏ Cat's Father ❏ Head of Software Architecture ❏ Agile Coach ❏ SOA/Microservices Expert ❏ DevOps Practitioner ❏ Speaker ❏ Author diegopacheco http://diego-pacheco.blogspot.com.br/ About me... https://diegopacheco.github.io/tinyurl.com/diegopacheco
Things we will talk about... Things you should avoid. DON'TS01 Science 101 How to run a investigation02 Observability, Debug Tricks, Linux Tools... Tools & Tricks03 Post Mortems, RCAs and Retrospectives Closing the Case04
Don'ts
Don't: FREAK OUT ❏ Avoid extra pressure on yourself ❏ Avoid worry about time. ❏ Avoid making comparisons like this should be done in 1h or so. ❏ As time pass is easy to Freak Out ❏ Making progress is your friend, don't nail it down only about solving the mystery. ❏ Your eyes can trick you, use tools. ❏ Make sure you do things properly. ❏ Comparing Strings ❏ Read Errors Carefully. ❏ Don't forget to Breath
Don't: Do two many things at time. ❏ Don't change 2 things at the time. ❏ Code ❏ Vars / Config ❏ Trys ❏ One Hypotesy at the time ❏ Otherwise how do you know what did what? ❏ You need to be: ❏ Methodical ❏ Boring ❏ Slow
How to Run a investigation Science 101 Have Theories Write Down Facts Have a Partner (Pair Programing) Minimize Investigation Efforts
Science 101
Science 101: Do we have a smoking gun?
Minimize Investigation Efforts 4% of code == 72% of defects (Code as Crime Scene)
Have Theories ❏ It's a like a guessing game, how the murder happen? ❏ Think on most likely thing it could be. ❏ There are classical Offenders like: ❏ NPE Lack of validation/test ❏ Code Change ❏ Config Change ❏ Credentials Change ❏ Typo somewhere ❏ Lack of Security groups ❏ Not enough Resources (memory, space) ❏ OOM Killer
Write down Facts ❏ Write down (paper, txt file, evernote, google docs) ❏ Write Important fact like: ❏ Class Names, Methods, Variables ❏ Make sure you don't get lots. ❏ It's easy to forget important pieces of information when you are worried and want to fix the issue fast.
Have a Partner (Pair Programing)
Have a Partner (Pair Programing)
Have a Partner (Pair Programing)
Tools & Tricks ❏ Observability ❏ Debug tricky's ❏ Linux Tools ❏ Write your own tools
Observability
—Filipe Fortes "Debugging is like being the detective in a crime movie where you are also the murderer." -
Debug tricks ❏ Know your IDE. ❏ Remote Debugging. ❏ Debug tricks like: ❏ Conditionals ❏ Log Expressions ❏ Runtime eval ❏ Exception Breakpoints ❏ Field Break points
Linux Tools
Write your own tools ❏ Help to nail down problems faster. ❏ Simple Utilitary. ❏ Program or scripts (Groovy, Python , Rust, Go). ❏ Quick diagnostics.
Could you compare with something else? ❏ It's very likely the issue is a code change, so maybe was working before. Some digging is needed. ❏ Not always possible (i.g new feature) ❏ Use diff tools. ❏ Compare previous versions that worked. ❏ Run previous tests that worked. ❏ Debug and write down differences.
Closing the Case Fix, Share & Improve ❏ Adding More Tests ❏ Post Mortems ❏ RCAs ❏ Retrospectives
Adding more Tests ❏ Boys Scout rules. ❏ Closing the Case means you found the issue. ❏ So we need to create test to simulate the issue. ❏ Having the test will proof we don't suffer again.
Closing the Case: Post Mortems
Closing the Case: RCA ❏ Similar to Post Mortems. ❏ Lean tool. Can be used with: 5 whys, fishbone and other system thinking tools. ❏ Excel file: ❏ Issue ❏ classification ❏ Why it happen ❏ How we make sure it does not happen again
Closing the Case: Retrospectives
Good Investigation Books
Code Forensics Diego Pacheco

More Related Content

PDF
AWS IAM
Diego Pacheco
 
PDF
Reflections on SCM
Diego Pacheco
 
PDF
Architecture 101: Vision, Properties and Skills
Diego Pacheco
 
PDF
Dealing with dependencies
Diego Pacheco
 
PDF
CDKs
Diego Pacheco
 
PDF
Holacracy
Diego Pacheco
 
PDF
Architecture & Engineering : Doing the non-obvious!
Diego Pacheco
 
PDF
The Death of Microservices
Diego Pacheco
 
AWS IAM
Diego Pacheco
 
Reflections on SCM
Diego Pacheco
 
Architecture 101: Vision, Properties and Skills
Diego Pacheco
 
Dealing with dependencies
Diego Pacheco
 
CDKs
Diego Pacheco
 
Holacracy
Diego Pacheco
 
Architecture & Engineering : Doing the non-obvious!
Diego Pacheco
 
The Death of Microservices
Diego Pacheco
 

What's hot (17)

PDF
Design is not Subjective
Diego Pacheco
 
PDF
Sec 101
Diego Pacheco
 
PDF
Thoughts about Shape Up
Diego Pacheco
 
PDF
Design 101
Diego Pacheco
 
PDF
Lean 2020
Diego Pacheco
 
PDF
Dealing with dependencies in tests
Diego Pacheco
 
PDF
NoSQL
Diego Pacheco
 
PDF
Seven ways to be a happier JavaScript developer - NDC Oslo
Christian Heilmann
 
PDF
Lean/Agile/DevOps 2016 part 3
Diego Pacheco
 
PDF
Next.js and the pursuit of happiness (Dimitris Michalakos, Lead Developer at ...
GreeceJS
 
PDF
Sacrificing the golden calf of "coding"
Christian Heilmann
 
PDF
You learned JavaScript - now what?
Christian Heilmann
 
PPTX
2017 Facebook DevC SRS - JavaScript for beginners
Edy Segura
 
PDF
Web dev presentation
Domendra Sahu
 
PDF
Dynomite Eureka Registry With Prana
Diego Pacheco
 
PDF
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007
James Morris
 
PDF
How to become a domain expert in no time?
Yvan PHELIZOT
 
Design is not Subjective
Diego Pacheco
 
Sec 101
Diego Pacheco
 
Thoughts about Shape Up
Diego Pacheco
 
Design 101
Diego Pacheco
 
Lean 2020
Diego Pacheco
 
Dealing with dependencies in tests
Diego Pacheco
 
NoSQL
Diego Pacheco
 
Seven ways to be a happier JavaScript developer - NDC Oslo
Christian Heilmann
 
Lean/Agile/DevOps 2016 part 3
Diego Pacheco
 
Next.js and the pursuit of happiness (Dimitris Michalakos, Lead Developer at ...
GreeceJS
 
Sacrificing the golden calf of "coding"
Christian Heilmann
 
You learned JavaScript - now what?
Christian Heilmann
 
2017 Facebook DevC SRS - JavaScript for beginners
Edy Segura
 
Web dev presentation
Domendra Sahu
 
Dynomite Eureka Registry With Prana
Diego Pacheco
 
How and Why You Should Become a Kernel Hacker - FOSS.IN/2007
James Morris
 
How to become a domain expert in no time?
Yvan PHELIZOT
 
Ad

Similar to Code Forensics (20)

PDF
TDD in Python With Pytest
Eddy Reyes
 
PDF
Spaghetti gate
Jon Bachelor
 
PPTX
Notes on Debugging
Cotap Engineering
 
PDF
10 tips to save you time and frustration while programming
Hugo Shi
 
PDF
Become a Better Developer with Debugging Techniques for Drupal (and more!)
Acquia
 
PDF
Software Design Notes
Diego Pacheco
 
PDF
Pentester++
CTruncer
 
PPT
PHP - Introduction to PHP Bugs - Debugging
Vibrant Technologies & Computers
 
PPTX
Software Development Essential Skills
John Choi
 
PDF
Code Camp NYC 2017 - How to deal with everything... | Chris Ozog - Codesushi
Krzysztof (Chris) Ozog
 
PDF
Services, tools & practices for a software house
Paris Apostolopoulos
 
PDF
Scottish Ruby Conference 2014
michaelag1971
 
PPTX
"Introduction to Bug Hunting", Yasser Ali
HackIT Ukraine
 
PPTX
Preocupações Desenvolvedor Ágil
Paulo Igor Alves Godinho
 
PDF
Bug Hunting Safari
Janie Clayton
 
PPTX
Writing clean scientific software Murphy cleancoding
saber tabatabaee
 
PDF
Pigaios: A Tool for Diffing Source Codes against Binaries (Hacktivity 2018)
Joxean Koret
 
PDF
Learn to Code with MIT App Inventor ( PDFDrive ).pdf
NemoPalleschi
 
PPTX
Developing Better Software
Hean Hong Leong
 
PDF
The Fault In Our Code
Camilo Payan
 
TDD in Python With Pytest
Eddy Reyes
 
Spaghetti gate
Jon Bachelor
 
Notes on Debugging
Cotap Engineering
 
10 tips to save you time and frustration while programming
Hugo Shi
 
Become a Better Developer with Debugging Techniques for Drupal (and more!)
Acquia
 
Software Design Notes
Diego Pacheco
 
Pentester++
CTruncer
 
PHP - Introduction to PHP Bugs - Debugging
Vibrant Technologies & Computers
 
Software Development Essential Skills
John Choi
 
Code Camp NYC 2017 - How to deal with everything... | Chris Ozog - Codesushi
Krzysztof (Chris) Ozog
 
Services, tools & practices for a software house
Paris Apostolopoulos
 
Scottish Ruby Conference 2014
michaelag1971
 
"Introduction to Bug Hunting", Yasser Ali
HackIT Ukraine
 
Preocupações Desenvolvedor Ágil
Paulo Igor Alves Godinho
 
Bug Hunting Safari
Janie Clayton
 
Writing clean scientific software Murphy cleancoding
saber tabatabaee
 
Pigaios: A Tool for Diffing Source Codes against Binaries (Hacktivity 2018)
Joxean Koret
 
Learn to Code with MIT App Inventor ( PDFDrive ).pdf
NemoPalleschi
 
Developing Better Software
Hean Hong Leong
 
The Fault In Our Code
Camilo Payan
 
Ad

More from Diego Pacheco (16)

PDF
Naming Things Book : Simple Book Review!
Diego Pacheco
 
PDF
Continuous Discovery Habits Book Review.pdf
Diego Pacheco
 
PDF
Encryption Deep Dive
Diego Pacheco
 
PDF
Management: Doing the non-obvious! III
Diego Pacheco
 
PDF
Management doing the non-obvious II
Diego Pacheco
 
PDF
Testing in production
Diego Pacheco
 
PDF
Nine lies about work
Diego Pacheco
 
PDF
Management: doing the nonobvious!
Diego Pacheco
 
PDF
AI and the Future
Diego Pacheco
 
PDF
Kanban 2020
Diego Pacheco
 
PDF
Hardening
Diego Pacheco
 
PDF
Sidecars
Diego Pacheco
 
PDF
SRE 101
Diego Pacheco
 
PDF
Making sense of streaming
Diego Pacheco
 
PDF
SOA.2020
Diego Pacheco
 
PDF
Understand the system
Diego Pacheco
 
Naming Things Book : Simple Book Review!
Diego Pacheco
 
Continuous Discovery Habits Book Review.pdf
Diego Pacheco
 
Encryption Deep Dive
Diego Pacheco
 
Management: Doing the non-obvious! III
Diego Pacheco
 
Management doing the non-obvious II
Diego Pacheco
 
Testing in production
Diego Pacheco
 
Nine lies about work
Diego Pacheco
 
Management: doing the nonobvious!
Diego Pacheco
 
AI and the Future
Diego Pacheco
 
Kanban 2020
Diego Pacheco
 
Hardening
Diego Pacheco
 
Sidecars
Diego Pacheco
 
SRE 101
Diego Pacheco
 
Making sense of streaming
Diego Pacheco
 
SOA.2020
Diego Pacheco
 
Understand the system
Diego Pacheco
 

Recently uploaded (20)

PPT
Teaching material agriculture food technology
LiaRayya
 
PPTX
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
PDF
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
PDF
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
PDF
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
PDF
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
PPTX
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
PDF
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
PDF
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
PDF
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
PPTX
MYSQL Presentation for SQL database connectivity
Swati270511
 
PDF
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
PDF
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
PPTX
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
PDF
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
PDF
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
PDF
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
PDF
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
PPTX
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
PDF
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 
Teaching material agriculture food technology
LiaRayya
 
VMware vSphere Foundation How to Sell Presentation-Ver1.4-2-14-2024.pptx
blackmambaettijean
 
Empathic Computing: Creating Shared Understanding
Mark Billinghurst
 
Electronic commerce courselecture one. Pdf
OmerMohamed64
 
Advanced methodologies resolving dimensionality complications for autism neur...
IAESIJAI
 
Spectral efficient network and resource selection model in 5G networks
IAESIJAI
 
20250228 LYD VKU AI Blended-Learning.pptx
DatVoNgoc
 
Profit Center Accounting in SAP S/4HANA, S4F28 Col11
Libreria ERP
 
NewMind AI Weekly Chronicles - August'25 Week I
NewMind AI
 
Reach Out and Touch Someone: Haptics and Empathic Computing
Mark Billinghurst
 
MYSQL Presentation for SQL database connectivity
Swati270511
 
How UI/UX Design Impacts User Retention in Mobile Apps.pdf
SynapseIndia
 
Mobile App Security Testing_ A Comprehensive Guide.pdf
flufftailshop
 
Detection-First SIEM: Rule Types, Dashboards, and Threat-Informed Strategy
ReZa AdineH
 
Encapsulation_ Review paper, used for researhc scholars
gurumoop
 
Chapter 3 Spatial Domain Image Processing.pdf
Getnet Tigabie Askale -(GM)
 
Diabetes mellitus diagnosis method based random forest with bat algorithm
IAESIJAI
 
Peak of Data & AI Encore- AI for Metadata and Smarter Workflows
Safe Software
 
KOM of Painting work and Equipment Insulation REV00 update 25-dec.pptx
muhammadmuneebnaeem7
 
Build a system with the filesystem maintained by OSTree @ COSCUP 2025
Jian-Hong Pan
 

Code Forensics

  • 2. @diego_pacheco ❏ Cat's Father ❏ Head of Software Architecture ❏ Agile Coach ❏ SOA/Microservices Expert ❏ DevOps Practitioner ❏ Speaker ❏ Author diegopacheco http://diego-pacheco.blogspot.com.br/ About me... https://diegopacheco.github.io/tinyurl.com/diegopacheco
  • 3. Things we will talk about... Things you should avoid. DON'TS01 Science 101 How to run a investigation02 Observability, Debug Tricks, Linux Tools... Tools & Tricks03 Post Mortems, RCAs and Retrospectives Closing the Case04
  • 5. Don't: FREAK OUT ❏ Avoid extra pressure on yourself ❏ Avoid worry about time. ❏ Avoid making comparisons like this should be done in 1h or so. ❏ As time pass is easy to Freak Out ❏ Making progress is your friend, don't nail it down only about solving the mystery. ❏ Your eyes can trick you, use tools. ❏ Make sure you do things properly. ❏ Comparing Strings ❏ Read Errors Carefully. ❏ Don't forget to Breath
  • 6. Don't: Do two many things at time. ❏ Don't change 2 things at the time. ❏ Code ❏ Vars / Config ❏ Trys ❏ One Hypotesy at the time ❏ Otherwise how do you know what did what? ❏ You need to be: ❏ Methodical ❏ Boring ❏ Slow
  • 7. How to Run a investigation Science 101 Have Theories Write Down Facts Have a Partner (Pair Programing) Minimize Investigation Efforts
  • 9. Science 101: Do we have a smoking gun?
  • 10. Minimize Investigation Efforts 4% of code == 72% of defects (Code as Crime Scene)
  • 11. Have Theories ❏ It's a like a guessing game, how the murder happen? ❏ Think on most likely thing it could be. ❏ There are classical Offenders like: ❏ NPE Lack of validation/test ❏ Code Change ❏ Config Change ❏ Credentials Change ❏ Typo somewhere ❏ Lack of Security groups ❏ Not enough Resources (memory, space) ❏ OOM Killer
  • 12. Write down Facts ❏ Write down (paper, txt file, evernote, google docs) ❏ Write Important fact like: ❏ Class Names, Methods, Variables ❏ Make sure you don't get lots. ❏ It's easy to forget important pieces of information when you are worried and want to fix the issue fast.
  • 13. Have a Partner (Pair Programing)
  • 14. Have a Partner (Pair Programing)
  • 15. Have a Partner (Pair Programing)
  • 16. Tools & Tricks ❏ Observability ❏ Debug tricky's ❏ Linux Tools ❏ Write your own tools
  • 18. —Filipe Fortes "Debugging is like being the detective in a crime movie where you are also the murderer." -
  • 19. Debug tricks ❏ Know your IDE. ❏ Remote Debugging. ❏ Debug tricks like: ❏ Conditionals ❏ Log Expressions ❏ Runtime eval ❏ Exception Breakpoints ❏ Field Break points
  • 21. Write your own tools ❏ Help to nail down problems faster. ❏ Simple Utilitary. ❏ Program or scripts (Groovy, Python , Rust, Go). ❏ Quick diagnostics.
  • 22. Could you compare with something else? ❏ It's very likely the issue is a code change, so maybe was working before. Some digging is needed. ❏ Not always possible (i.g new feature) ❏ Use diff tools. ❏ Compare previous versions that worked. ❏ Run previous tests that worked. ❏ Debug and write down differences.
  • 23. Closing the Case Fix, Share & Improve ❏ Adding More Tests ❏ Post Mortems ❏ RCAs ❏ Retrospectives
  • 24. Adding more Tests ❏ Boys Scout rules. ❏ Closing the Case means you found the issue. ❏ So we need to create test to simulate the issue. ❏ Having the test will proof we don't suffer again.
  • 25. Closing the Case: Post Mortems
  • 26. Closing the Case: RCA ❏ Similar to Post Mortems. ❏ Lean tool. Can be used with: 5 whys, fishbone and other system thinking tools. ❏ Excel file: ❏ Issue ❏ classification ❏ Why it happen ❏ How we make sure it does not happen again
  • 27. Closing the Case: Retrospectives