Posts

CSRF: High-Tech Hypnotism

Image
[https://www.hobbyconsolas.com/noticias/simpson-lanzaran-episodio-escrito-hace-mas-20-anos-homer-cree-ser-nino-105672] Who are you CSRF? Cross-Site Request Forgery is known as CSRF in short. This is an attack that tricks an end-user to perform unintended tasks on a web application in which they are currently authenticated. The malicious tasks that the victim performs will be based on the attacker's interest. This is something similar to a hypnotist hypnotizing another individual to do something according to the hypnotist's wish. CSRF attacks are also known as Session Riding, XSRF, Sea Surf, and Hostile Linking. Microsoft name these types of attacks as "One-Click Attacks". What really happens in CSRF? CSRF attack is not something like stealing someone's session cookie and viewing their profile or updating their status and playing around with it. This attack is not about the data but rather changing the state and make the end-user do some malicious tas

Encryption to take secure programming a step forward

Image
[http://blog.trendmicro.com/wp-content/uploads/2012/03/Cartoon-2.jpg] What is "Encryption"? Why is it associated with secure programming? What are the benefits of encryption? These are questions to be evaluated in this blog post along with some interesting facts about encryption. As we all know hashing is a one-way process in which the plain text/input cannot be retrieved from the hash value. What if we want to get the plain-text from the hash value? What could be the solution? The solution is Encryption . Encryption Encryption is a technique used to convert a plain text into an encoded format or cipher-text which could be reversed back to the original plain text. Unlike hashing, encryption is a two-way technique. Fig 1: The flow of encryption Fig 2: Encryption/Decryption related details for the Fig 1 Since encryption is a two-way process it allows the users to retrieve the encrypted value back to its original text. This is very useful in terms

Hashing... First Step to Secure Software Programming

Image
Where it all started? Anyone in the field of programming wouldn't have missed the chance of implementing a login page. This login page might look very simple and straightforward. But in reality, it is not. What most of us would have done for our first login page is a simple string comparison for both username and password which might have already been hard-coded in the program. Some might have retrieved the username and password from the database and compared it with the user entering credentials based on roles. If we think about this scenario in a real-world enterprise or corporate level applications, the authentication procedure will not take place as simple as that. Authentication Authentication is all about ensuring that the system is being accessed by the correct user. Authentication plays a very important role in most of the systems or applications. The reason is to prevent the system from unauthorized access. Authentication methodologies 1. Username Password authentic

Introduction to Selenium

Image
Hi Friends................ :) Today we are going to look a famous testing tool Selenium.  Selenium is a popular open-source web based automation tool. It is used fir automating web-based applications. It consists of, 1. Selenium Integrated Development Environment (IDE) 2. Selenium Remote Control (RC) 3. WebDriver 4. Selenium Grid Advantages Selenium is a suite of tools that helps in automating only web applications. You should have a basic understanding of Java or any other object-oriented programming language for using Selenium.It has capabilities to operate across different browsers and operating systems. Selenium IDE -a Firefox plugin that lets testers to record their actions as they follow the workflow that they need to test. Selenium RC-was the flagship testing framework that allowed more than simple browser actions and linear execution. It makes use of the full power of programming languages such as Java, C#, PHP, Python, Ruby and PERL to create more complex tests

Algorithm Simulation Application

Image
Hi Friends...... :) Today I'm going to share my 2nd year 1st semester project with you, an algorithm simulation Application. As we all know simulator is a substitution of something, which will do the same functionalities with less performance or with less features but won't omit the important functionalities. This algorithm simulator will handle 2 algorithms, Selection sort and Bubble sort. So let's start the game.  Algorithm Simulator is an application created for the users who are new to algorithm and sorting. When it comes to algorithm there are so many algorithms such as insertion, selection, bubble, heap, quick sort etc. In this application, selection sort and bubble sort have been demonstrated with the aid of animation, dry run and pseudo code. The user will get a basic yet clear idea of selection sort and bubble sort. 1. Selection Sort Selection sorting is conceptually the simplest sorting algorithm. This algorithm first finds the smallest element in the

JUnit Basic Testing

Image
Hi everyone !!! Today let's take a look at the very popular testing tool, JUnit. As the name suggests JUnit is a unit testing tool for Java. Without further a do let's jump into JUnit testing. Step 01 : Create a simple Java code in Eclipse. I have created a simple add and subtract method         inside Calculator class. This Calculator class lays inside Calculator package. Fig 1: Step 01 Step 02: Next create a JUnit test case by right clicking and selecting the JUnit test case under new option. Inside the test case implement method to assert (check) the expected outcome and the actual outcome of the methods which were implemented inside Calculator class. Fig 2: Step 02-a In CalculatorTest class I have created an object of Calculator class(the class which has the methods I'm going to test). Next I have implemented 2 methods to test the addNumbers and subtractNumbers methods in Calculator class. To make this as testing methods I have used @Test annotatio

RMI - Weather station

Image
Hi friends !!!! :) Today I like to share one of my projects with you..... It's basically a weather station  where weather readings are gathered and updated using RMI technology, Java Remote Method Invocation. The Java Remote Method Invocation (RMI) system allows an object running in one Java virtual machine to invoke methods on an object running in another Java virtual machine. RMI provides for remote communication between programs written in the Java programming language. Fig 1: RMI method invocation Since we have the theory background of RMI I thought of sharing my project in which I have implemented a very basic client-server program using RMI to pass information from server to the monitoring station. As we all know in a weather forecasting station we have to gather the weather readings and send them in a periodic manner to all the stations connected to the server. Through this we can invoke methods running in one Java virtual machine through an object running in anothe