Hyperstella

The cloud-based Computer Vision API provides developers with access to advanced algorithms for processing images and returning information. By uploading an image or specifying an image URL, Microsoft Computer Vision algorithms can analyze visual content in different ways based on inputs and user choices. With the Computer Vision API, you can analyze images to: Tag images based on content Categorize images Identify the type and quality of images Detect human faces and return their coordinates Recognize domain-specific content Generate descriptions of the content Use optical character recognition to identify printed text found in images Recognize text Distinguish color schemes Flag adult content Crop photos to be used as thumbnails Requirements Supported input methods: Raw image binary in the form of an application/octet stream or image URL. Supported image formats: JPEG, PNG, GIF, BMP. Image file size: Less than 4 MB. Image dimension: Greater than 50 x 50 pixels...

DDoS attack  What is DDoS attack? DDoS  is short for  D istributed  D enial  o f  S ervice.  DDoS is a type of   DOS attack  where multiple compromised systems, which are often infected with a  Trojan , are used to target a single system causing a  Denial of Service  (DoS) attack. Victims of a DDoS attack consist of both the end targeted system and all systems maliciously used and controlled by the hacker in the distributed attac k. The different between DoS & DDoS? The difference between a DoS and DDoS attack is quite simple. A  DoS attack  usually targets a victim at the application layer, with the same intentions of rendering a website unusable. A DoS attack is accomplished by  a single user  using a single internet connection. How the attack works? In a DDoS attack, the incoming traffic flooding the victim originates from many different sources – potentially hundr...

What is OAuth 2.0? OAuth 2 is an authorization framework that enables applications to obtain limited access to user accounts on an HTTP service, such as Facebook, GitHub, and DigitalOcean. It works by delegating user authentication to the service that hosts the user account, and authorizing third-party applications to access the user account. OAuth 2 provides authorization flows for web and desktop applications, and mobile devices. This informational guide is geared towards application developers, and provides an overview of OAuth 2 roles, authorization grant types, use cases, and flows. This specification and its extensions are being developed within the  IETF OAuth Working Group . How does Social Login work? Social Login is a simple process, with the following steps. The user enters your application and selects the desired social network provider. A login request is send to the social network provider. Once the social network provider confirms the user’s ide...

Implementation of the Double Submit Cookie Pattern is bit similar to the implementation of the Synchronizer Token Pattern. So before reading this post, It is better to read the last post about the "implementation of Synchronizer Token Pattern". The link for the previous post is as fallows https://hyperstella.blogspot.com/2018/05/cross-site-request-forgery-protection.html Double submit cookie pattern does not store the token value in the server side.It store the token value inside the cookie in the client side. In this post we are going to show the implementation process of  Double Submit Cookie Pattern , You can see a sample project (Github) :-  https://github.com/MalikDilsh/Cross-site-Request-Forgery-protection-in-web-applications-via-Double-Submit-Cookies-Patterns Step 1: First of all you have to  Create a web application similar to the Synchronizer Token Pattern. Because the implementation process of the double submit cookie pattern is mostly equal, ther...

What is Cross-site request forgery?   Cross-site request forgery , also known as  one-click attack  or  session riding  and abbreviated as  CSRF  or  XSRF , is a type of malicious  exploit  of a  website  where unauthorized commands are transmitted from a  user  that the web application trusts. Let’s take a look at a concrete example to get a better understanding. Assume that your bank’s website provides a form that allows transferring money from the currently logged in user to another bank account. For example, the HTTP request might look like: POST /transfer HTTP/1.1 Host: bank.example.com Cookie: JSESSIONID=randomid; Domain=bank.example.com; Secure; HttpOnly Content-Type: application/x-www-form-urlencoded amount=100.00 & routingNumber=1234&account=9876 Now pretend you authenticate to your bank’s website and then, without logging out, visit an evil website. The evil website contains an HTML page...