Forem: Gudi Varaprasad

Day 1 as an Observer

Gudi Varaprasad — Mon, 13 Feb 2023 15:55:46 +0000

Sometimes I was surprised to figure out what CS interns or employees in a software company always code.
I found my answers today! Trust me; it was quite interesting.

We write Leetcode hard solutions. We write optimized code, We write automation scripts, and We write things that ChatGPT can't write or that an AI model can't predict!

Throughout my Engineering Life, I hated Leetcode problems the most. I always need clarification on why the whole Coder community is towards Cracking DSA, Solving Leetcode, Acing Hackerrank, etc. Also, in between, I never understood why "FAANG" picks candidates who can achieve O(1) complexity.

It was today I figured out all these things. As an intern, I was assigned a real-world optimization problem of a cruise scheduler to deliver goods at various ports across the globe. Some constraints are provided, and we have to derive the schedule as output. It was when I remembered the concepts of Linear Programming, Greedy Method, and Dynamic Programming while writing an algorithm on a rough paper. Yes! I found this task interesting, engaging and challenging. It was my first experience putting all the algorithms into existence. Finally, after figuring it out, I could build a code with O(n^2) complexity. Yayy! It sounds cool, right? But then my Team Leader was ready to blow me up for making the code more worse.

The entire day I drank more cups of coffee to write fewer lines of code. Hahaha! Jokes apart! Anyways thanks for reading for so long. To all the aspiring coders, engineers, and developers out there, a single piece of advice... work on improving the logic you write in so-called "Hard Level problems"! Leetcode sucks!
Don't worry if you can't fix Hard Code problems because you will be laid off soon :)

WEB BASED BILLING SOFTWARE

Gudi Varaprasad — Fri, 10 Dec 2021 09:14:24 +0000

About Project :

The aim of this project is to make Billing management much easier for Business Enterprises. In this project, we have developed a “ Web-based Billing Software ” which is an application to automate the process of billing and managing a departmental store.

Objective :

The main objective of this project is to generate and manage invoices in a matter of few seconds in order to avoid a lot of paperwork and Time consuming process by managing huge data manually. This project benefits owners of enterprises as well as customers. This software allows to maintain all the products with their shorthand notation by providing summary reports to the owner, which gives a convenient solution to the billing pattern with a Secured User Authentication and Validation. And also user Giveaway generator whenever offers or discounts are available.

Click here to learn more about this.

Required Files :

Project Report : Click Here

SRS Document : Click Here

Project Presentation : Click Here

UML Diagrams : Click Here

Source Code : Click Here

Tools/ Technology needed	Description and uses
HTML 5	Appearance of website.
CSS 3	Adding style and presentation to the web-pages.
JavaScript	Adding interactive user behavior to web pages.
Lucidchart	A web-based proprietary platform to collaborate on drawing charts and diagrams.
Bootstrap v4.0	Front-end framework used for UI.
PHP	Server side programming and interactive with phpMyAdmin.
MySQL	For the purpose of a web database and logging application.
phpMyAdmin	Management of databases, tables, indexes, permissions.
GITHUB	Web-based platform used for working with our Team; Team collaboration.
Visual Studio Code	A code editor redefined, optimized for building, debugging web apps.
XAMPP	A local web server on PC.
Chrome	A cross-platform web browser
Windows 10	An operating system for building apps
PC / Laptop	Intel based processor-run computer system, which have keyboard and mouse as input devices.

PROJECT DEMO : Click here

This is not called Hacking ?

Gudi Varaprasad — Mon, 08 Feb 2021 08:12:08 +0000

Is it really how hacking looks ?

You have probably seen many movies where hacking is portrayed like this..

Wait... what does it actually mean ?
Let's understand what hacking actually is!

From the point where you are casually browsing the web to the point where your social media accounts were hacked, Hacking happened. The hacker was able to take over your digital life but how did he manage to do that. He might have done one of these 3 things.

Let's talk about them in detail...

1. BREACHES :

Believe me or not, your passwords are probably already out there, publicly available on the internet without even your knowledge. This might feel a bit unconvincing but it's true that there is a chance. But how is this actually possible that your credentials are publicly available on the internet..? This is because of the data breaches.

When hackers manage to hack a website and get access to the website database, they leak/sell all this data like (user's credentials and details) on the internet, on hacker's forum, Dark web, PasteWin; it's the hacker's choice of course. So, if you are user of the website that got breached, your data is leaked too.

Most of the websites, pre-hash your passwords before they store it in the database with a fast hashing algorithm (such as SHA-256, Argon2id, PBKDF2, etc..). But most of the data breaches on internet contain plain text passwords. Many famous websites like LinkedIn, Twitter, 000webhost, etc.. already suffered major data breaches and all these breaches are publicly available on the internet.

If you want to check whether your credentials are included into any data breach, visit click here and enter your email. Even though your results are positive on this site, your data might be still in one of the breaches which is not popularly known but still exists.

The best way to stay away from data breaches is to use different passwords for different websites.

2. SOCIAL ENGINEERING :

This is literally, you giving away your login credentials to a stranger on the internet. Hackers can pretend to be someone else to try to extract your crucial information directly from you.

A hacker can still install a Remote Access Trojan (RAT) through social engineering by linking it to the cracked software, phishing attacks, etc.. which gives remote access to the hacker. With this, the hacker will be able to control your system from a remote server.

3. MAN IN THE MIDDLE :

Now this type of hacking is not very likely to occur but there is a chance that you might get hacked by Man in the middle Attacks. In this attack, the hacker puts himself as man in the middle between you and the internet you are browsing.

Targets are typically the users of financial application sites, businesses, e-commerce sites, and other websites where logging in are required. Information obtained during an attack could be used for many purposes, including identity theft, unapproved fund transfer, or an illicit password change.

Broadly speaking, a man in the Middle attack is the equivalent of a mailman opening your bank statement, writing down your account details, and then reselling the envelope and delivering it to your door.

There are some practical tips to prevent the man in the middle attack, such as
a. Avoid Wi-Fi connections that are not password protected.
b. The next one is, to log out immediately from a secure application when it is not in use.
c. The third one, Avoid using public networks such as coffee shops and hotel WIFI when conducting sensitive transactions, etc...

Wanna know more about some of such similar and famous Cyber Attacks ?
Check out this

Written by -- Gudi Varaprasad

MITs Tactics, Techniques

Gudi Varaprasad — Wed, 03 Feb 2021 19:27:54 +0000

What is ATT&CK ?

MITRE (Massachusetts Institute of Technology Research and Engineering) ATT&CK stands for Adversarial Tactics, Techniques, & Common Knowledge.

The goal is to develop specific threat models and methodologies by bringing communities together to solve problems for a safer world.

In this blog, I will explain all the techniques and tactics matrix in a easier way. This blog is written as a crux of MITRE ATT&CK.

ATT&CK has 14 Techniques that make up an attack chain:

1. Reconnaissance :

Attackers try to collect information of the victim organization, infrastructure, or staff/personnel in order to plan and execute Initial Access and other tactics.

Before compromising a victim, attackers perform :

Active scan the victim infrastructure via network traffic.
Attackers collect every hardware and software detail, configuration, architecture, network information, Personal data, credentials, etc..

2. Resource Development :

After gathering details, Attackers try to establish resources they can use to support and perform attack/operations or exploit it.

Before compromising a victim, attackers perform :

Acquire required infrastructure that can be used during targeting in order to exploit vulnerabilities.
Compromise the victim's social media accounts.
Build a malware and automation stuff to perform exploitation.

3. Initial Access :

After establishing resources, Attackers try to get into the network exploiting those security weakness and gain initial access.

Before compromising a victim, attackers use techniques and gain a foothold includes these attacks.

Malware Attacks
Phishing Attacks
Man in the Middle Attack
Dos/DDos Attacks
SQL Injection
Cross-site Scripting
Business email compromise

4. Execution :

After having initial access into systems, Attackers try to execute malicious code and compromises system/network and also emerge a backdoor in order to have repeated access into system.

Before compromising a victim, attackers perform :

Run command and script interpreters to execute commands, scripts, or binaries to compromise.
Disturb the regular functioning of Scheduled Task/Job
Abuse System services like changing admin controls, run malicious codes, etc...

5. Persistence :

After compromising the victim's system, Attackers try to maintain their foothold in the victim's network. This is the toughest job for the attackers to stay in the victim's network.

Before compromising a victim, attackers perform :

Keep access to systems across restarts, changed credentials, and other interruptions that could cut off their access
Account Manipulation, Create an Account, Create or Modify System Process, Perform some [attacks.](https://dev.to/varaprasad_gudi/common-cyber-attacks-i9n)

6. Privilege Escalation :

After successful Persistence in the victim's network, Attackers then try to gain higher-level permissions by exploring a network with unprivileged access.

Before compromising a victim, attackers perform :

Abuse System services like changing admin controls, run malicious codes, etc... and bypass User Access Controls.
Hijacking Execution Flow, Abuse credentials of existing accounts as a means of gaining Initial Access, Persistence, Privilege Escalation, or Defense Evasion.

7. Defense Evasion :

After having access to higher-level permissions, Attackers try to avoid being detected by uninstalling/disabling security software or obfuscating/encrypting data and scripts. This is the important step for the attackers to stay stable and active in the victim's network.

Before compromising a victim, attackers perform :

Take advantage of built-in control mechanisms in order to escalate privileges on a network and Modify Authentication Process.
Exploit a system or application vulnerability to bypass security features. Hide artifacts, users, files, etc..

8. Credential Access :

After surviving themselves in the network, Attackers now try to steal the credentials like account names and passwords . This is the actual reason/step for their entry into the victim's network.

Before compromising a victim, attackers perform :

Brute force attack, extract credentials from saved data, Forced Authentication, keylogging, Man-in-the-Middle attack, Modify Authentication Process, Network Sniffing, etc..
They also perform some famous [cyber attacks.](https://dev.to/varaprasad_gudi/common-cyber-attacks-i9n)

9. Discovery :

After successful hack of credentials, now attackers will be trying to figure out victim's system and internal network. This is the similar step like reconnaissance but it is examined inside the victim's network after initial access.

Before compromising a victim, attackers perform :

Get a listing of accounts on a system or within an environment.
Active scan the victim infrastructure via network traffic.
Attackers collect every hardware and software detail, configuration, architecture, network information, Personal data, credentials, etc..

10. Lateral Movement :

Lateral Movement consists of techniques that adversaries use to enter and control remote systems on a network.

Before compromising a victim, attackers perform :

Remote access in the network/system.
Emerge a backdoor in order to have repeated access into system.

11. Collection :

After successful hack of credentials, now attackers will try to gather information and the sources information is collected from that are relevant for the attacker's plan of objectives. The next goal after collecting data is to steal (exfiltrate) the data.

Before compromising a victim, attackers perform :

Archive Collected Data
Audio Capture, Video Capture, keylogging, Relevant Data from Local System, Email Collection, etc..

12. Command and Control :

After the attacker collects all the required data, now attacker tries to communicate with compromised systems to control them.

Before compromising a victim, attackers perform :

Using application layer protocols to avoid detection/network filtering by merging in with existing network traffic.
Communication Through Removable Media.
Use a connection proxy to direct network traffic between systems or act as an intermediary for network communications to a command and control server to avoid direct connections to their infrastructure.

13. Exfiltration :

The next goal after collecting data is to steal (exfiltrate) the data.

Before compromising a victim, attackers perform :

Steal data using network attacks like weak authorization, weak DOS, weak intrusion detection systems.
Exploring via software attack surface, perform physical attacks like using hardware devices.
Digital attack surface that is accessed from remote access location.
Social Engineering / Human attack surface.

14. Impact :

This is the last step for the attacker. After performing all these stages, now attacker tries to manipulate, interrupt, or destroy your systems and data.

Before compromising a victim, attackers perform :

Account Access Removal/deletion.
Data Manipulation/deletion.
Disk Wipe, System Shutdown/Reboot.

IN SHORTS :

There are a number of ways an organization can use MITRE ATT&CK matrix and get benefited.

-- Written by Gudi Varaprasad

A Simple Arduino Project

Gudi Varaprasad — Sun, 31 Jan 2021 06:27:51 +0000

Why this ?

We are now living in the 21st century. Now, smart phone has become the most essential thing in our daily life.
Android application based smart phones are becoming each time more powerful and equipped with several accessories that are useful for Robots.
This project describes how to control a robot car using mobile through Bluetooth communication, some features about Bluetooth technology, components of the mobile and robot.

Working of the Project ?

The working principle is kept as simple as possible. The working principle of the circuit has been elaborated with the help of a block diagram, of the system interconnection. A DC power supply is required to run the system. The DC power supple feeds the Microcontroller and the Bluetooth module.

The Bluetooth module receives the signal sent from an android smart-phone, where the application software coded in C language is installed. The microcontroller, thereby, sends instructions, which when executed, helps in functioning of the motor driver.

When a key is pressed, the corresponding data is transmitted to the Bluetooth Module from the Phone over Bluetooth Communication. The movement and functioning of the motor can be controlled by using the android based application software.

In our android application base Bluetooth controlled robotic car, the user interacts with the system with a smart phone. In this method user must be present within in range (< 15 meters) to control the system.

Demo ?

This is how it works, this can be further developed in order to use for different purposes.

We can interface sensors to this robot so that it can monitor some parameters. We can add wireless camera to this robot.
Can be developed to provide an easier life for the disabled. They can be used by Physically Challenged people to helm their robot around their space.
The basic advantage of this system is its wide interface that can be controlled with help of Android Mobile from a few feet away, and also that the whole system syncs itself with the driver’s electronic devices, thus giving him/her greater accessibility.

Need more details ?

As a student developer, I would like to share this whole project at free of cost including the project reports, PPTs, code and related guidelines.

For more details : Click Here

Written by - GVP

Common Cyber Attacks

Gudi Varaprasad — Sat, 23 Jan 2021 17:47:52 +0000

What are Cyber Attacks ?

A cyber attack is any type of offensive action that targets a computer system, infrastructure, computer networks, or professional computer devices by using various methods to steal or destroy data or information systems.

I know it is quite difficult to understand this in the first attempt.

Let me break down into simple words.

A cyber attack is a malicious and deliberate attempt by an individual or organization to breach the information system of another individual or organization.

Usually, the attacker seeks some type of benefit from disrupting the victims' network.

A cyberattack is also known as a Computer Network Attack (CNA), if you have ever studied a famous battle in history, you will know that " No Two are exactly alike. "

Still, there are similar strategies and tactics often used in battle because they are time-proven to be effective.

Similarly, when a criminal is trying to hack an organization, they won't reinvent the wheel unless they absolutely have to.

They will draw upon common types of hacking techniques that are known to be highly effective, such as malware, phishing or cross sites scripting, etc...

Some common Cyber Attacks

Here, we will discuss some of the common types of cyber attacks such as :

Malware Attacks
Phishing Attacks
Man in the Middle Attack
Dos/DDos Attacks
SQL Injection
Cross-site Scripting
Business email compromise

We will discuss each type of cyber attack briefly.

1. Malware Attacks :

If you have ever seen antivirus alerts pop up on your computer
screen or if you have mistakenly clipped a malicious e-mail attachment, then you have had a close call with malware.

Attackers love to use malware to gain a foothold in a user's computer and consequently the office they work in because it can be very effective.
Malware refers to various forms of harmful software such as viruses, ransomware, and Trojans.

Once malware is in your computer, it can break all shots of havoc. From taking control of your machine to monitoring your actions and keystrokes to silently send all shorts of confidential data from your computer or network to the attackers' computer network.

Attackers will use a variety of methods to get malware into your computer, but at some stage, it often requires a user to take any action to install the malware.

This action can include clicking a link to download a file or opening an attachment that may look no harmless, like a word document or PDF attachment but actually, it has malware installed hidden.

2. Phishing Attacks :

Of course, there are chances that you would not just open a random
attachment or click on a link in any e-mail that comes your way. There has to be a compelling reason for you to take action. Attackers know these too.

When an attacker wants you to install malware or divulge sensitive information. They often turn to phish tactics or pretending to be someone or something else to get you to take any action that you normally would not.

Since they rely on human curiosity and impulse phishing attacks can be difficult to stop. In a phishing attack, an attacker may send you an email that appeared to be from someone you trust, like your boss or a company you do business with. The email will seem legitimate and it will have some urgency to it.

For example, attackers may send you an email about a fraudulent activity that has been detected on your social media account or any other platform. In the email, there will be an attachment to open or a link to click on.
Upon opening the malicious attachment, you will thereby install the malware on your computer. If you click the link, it may send you to a legitimate-looking website that asks for you to log in to access the important file.

This legitimate-looking website is actually a trap used to capture your credential when you try to log in. To combat phishing attempts, understanding the importance of verifying email-sender attachments and links is very essential.

3. Man in the Middle Attack :

Now, let's talk about session hijacking and man in the middle attack. When you are connected to the Internet, your computer has a lot of small back and front transactions with servers around the world, letting them know who you are and what type of specific websites or services you are requesting.

If everything goes as it should, the Web server should respond to your request by giving you the information you are accessing. This process or session happens whether you are simply browsing or when you are logging into a website with your username and password.

The session between your computer and the remote web server is given a unique session ID which should stay private between the two parties. However, an attacker can hijack the session by capturing the session ID and posing as the computer making a request which allows them to log in as an unsuspecting user and gain access to unauthorized information on the Web server.

There are numbers of methods an attacker can use to steal the session ID, for example, a cross-site scripting attack can also be used to hijack a session I.D. An attacker can also opt to hijack the session to insert themselves between the requesting computer and the remote server by pretending to be the other party in the session.

This allows them to encrypt information in both directions. This method is commonly called A Man in the middle attack.

A man in the middle attack is a general term for when an attacker positions himself in a conversation between a user and application by making it appear as if a normal exchange of information is underway. The goal of an attack is to steal personal information such as login credentials, account details, and credit card numbers, etc ...

4. Dos/DDos Attacks :

I. Denial of service (DoS) – Attacker will try to prevent the normal use of server or application or database or network or communication facilities.

II. Distributed DoS attack – Attack is done from multiple and various systems at the same time. This is prevented by blocking an IP address from which you get too many requests.

5. SQL Injection :

Now let's discuss SQL injection Attack. As known, SQL ( also pronounced as sequel) is a programming language that is used to communicate with database. Many of the servers that store critical data for websites and services use SQL to manage the data in their database.

SQL injection attack specifically targets this kind of server using malicious codes to get the server to extract information. This is especially problematic if the server stores private customer information from the websites, such as credit card numbers, usernames, and passwords like other credentials or other personally identifiable information which are tempting and lucrative targets for an attacker.
A SQL injection attack works by exploiting any one of the known SQL vulnerabilities that allow the SQL server to run malicious codes.

For example, if a SQL server is vulnerable to an injection attack, it may be possible for an attacker to go to a website search box and type in code that would force these sites SQL server to dump all of its stored private data for this site.

6. Cross-site Scripting :

Now we will discuss cross-site scripting attacks. In an SQL injection attack, an attacker goes after a vulnerable website to target its stored data such as user credentials or sensitive financial data.

But if an attacker would rather directly target a Web site user, they may opt for a cross-site scripting attack. Similar to SQL injection attack, this attack also involves injecting malicious code into a website, but in this case, the website itself is not being attacked.

Instead, the malicious code the attacker has injected only runs in the user's browser when they visit the attack website. And it goes after the visitor directly, not the website. One of the most common ways an attacker can deploy a cross-site scripting attack is by injecting malicious code into a comment or a script that could automatically run.

For example, they could embed a link to a malicious JavaScript in a comment on a blog. Cross-site scripting attacks can significantly damage a website for reputation by placing the user's information at risk without any indication that anything malicious even occurred. Any sensitive information a user sent to a site such as their credential, credit card information, or other private data can be hijacked via cross-site scripting without the website's owners realized that there was even a problem in the first place.

You can easily understand a Cross-site Scripting attack by this below image mentioned in five simple steps.

7. Business e-mail compromise :

Now we will discuss the Business email compromise attack. A business email compromises when an attacker hacks into a corporate email account and impersonates the real owner to defraud the company, its customer, partners, and employees into sending money or sensitive data to the attackers' account. A business email compromise is also a type of man in the middle attack.

This is derived from the man in the middle attack where two parties think that they are talking to each other directly, but in reality, an attacker is listening in and possibly altering the communication.

The attacker will try to gain access to the executive's email account. To remain undetected, He/She might use inbox rules or change the reply-to address so that when the scam is executed, the executive will not be alert. Another trick is to create an email with a spoofed domain.

For example, the attacker might use john.smith@samp1e.com instead of john.smith@sample.com {OR} use john.smith@believeme.com instead of john.smith@beleiveme.com. If you do not pay close attention, it is easy to get fooled by this slight difference.

One of the most famous spoofed domain tricks ever was PayPal.com, where the attacker changed the spelling from PayPa1.com.

How to stay away ?

Note: These are not the solutions to completely escape from these attacks, but it will help you up to some extent.
" PREVENTION IS BETTER THAN CURE "

Use an Internet Security Suite.
Use Strong Passwords.
Keep Your Software Up-to-Date.
Avoid Identity Theft.
Always Browse in Anonymous Mode.
Use End-to-End Encrypted Messaging Apps.
Use a VPN to Protect Yourself From Service Providers.
Stay Private on Wi-Fi Networks.
Stay away from clicking/opening unknown files/links.
Take appropriate actions if you have been a Victim.

Written by - Gudi Varaprasad

Start using Brave Today!

Gudi Varaprasad — Wed, 09 Dec 2020 15:10:49 +0000

Blockchain based browser :

In this blog, we will talk about a blockchain-based browser called Brave browser.
This came to revolutionize the world of today's advertising.

How does advertising work ?

There is an advertiser (a large company) who wants to market their products. They give their advertisements to a particular channel (say YouTube/Facebook). Now, as users watch the ads, and they don't get any money out of it. But YouTube gets it (a small half is paid to content creators) and, it earns a big amount out of this. This is how today's digital marketing works.

How Brave works ?

To get hold of this situation, Brave browser comes into the picture and, it eliminated all the advertising mediators (like YouTube/Facebook).
What it does is - it directly takes the advertisements from large companies and then asks users whether they want to watch ads, and users get paid for their view time (money is split to users coming from the large company). Suppose if any user likes the content, he can send tips to the content creators.

This is a direct market between advertiser and consumers.
Incentivized customers to view ads.
Advertiser pays customer directly.
Incentivizes content creators to create more content.
Similar Application : STEEM

You will be amazed to know that, It will filter and block all annoying ads because brave uses such a good privacy algorithms to block whatever ads in YouTube, Facebook, Google, etc.

If you see the homepage of brave, It shows stats - how many ads trackers have been blocked, so many security measures like HTTP to HTTPS upgrades have been done, Bandwidth saved.

It doesn't show the regular ads paid by any large companies but you will get paid for watching ads (The Basic Attention Token (BAT) is a blockchain-based system for tracking media consumers' time and attention on websites )

Learn More :
Brave rewards
Steemit
DTube

Written by - GVP

OOPS made easy

Gudi Varaprasad — Sun, 29 Nov 2020 07:33:15 +0000

What is OOP ?

Talking in technical terms, Object-oriented programming System(OOPs) is a programming paradigm based on the concept of “objects” that contain data and methods. … Object-oriented programming brings together data and its behavior(methods) in a single location(object) makes it easier to understand how a program works.

Okay only 20 % of people can understand this term in this language so lets simplify this :

This was hard for me in the beginning but when I started implementing the concepts I learned, reading blogs, exploring real-life scenarios, it became easy for me. In this blog, I will make the concepts clear for everyone by giving real-life examples.

1. Objects

Objects are identified by their unique name. An object represents a particular instance of a class. There can be more than one instance of an object. Each instance of an object can hold its own relevant data. An Object is a collection of data members and associated member functions also known as methods.

2. Classes

Objects with similar properties and methods are grouped together to form a Class. Thus a Class represents a set of individual objects.

Example 1 : A House

An architect will have the blueprints for a house….those blueprints will be plans that explain exactly what properties the house will have and how they are all laid out. However it is just the blueprint, you can’t live in it. Builders will look at the blueprints and use those blueprints to make a physical house. They can use the same blueprint to make as many houses as they want….each house will have the same layout and properties. Each house can accommodate its own families…so one house might have the Prasad live in it, one house might have the Jack live in it.

1. Class = The blueprint of house
2. Object = The house
3. Data stored = Jack, Prasad, people living in house

3. Abstraction

Abstraction means showing essential features and hiding non-essential features to the user.

Example 2 : A T.V Remote

Remote is a interface between user and TV.. which has buttons like 0 to 9 ,on/off etc. but we don’t know circuits inside remote. User does not need to know. Just he is using essential thing that is remote.

4. Encapsulation

It is done for security purposes.

Encapsulation = Abstraction + Data Hiding.

Example 3 : A Car

A car is having multiple parts..like steering, wheels, engine…etc.. which binds together to form a single object that is a car. So, Here multiple parts of cars encapsulate themselves together to form a single object that is Car.

5. Inheritance

Deriving a new class from the existing class is called Inheritance. Derived(sub class) class is getting all the features from Existing (super class\base class) class and also incorporating some new features to the sub class.

6. Polymorphism

Ability to take more than one form that an operation can exhibit different behavior at different instance depend upon the data passed in the operation.

Example 4 : A Woman

If a girl is married and mother of 2 children doing a teaching job then she is a woman first, a teacher in a school when she is in school, wife of someone at home, mother of her children, and obviously daughter of someone.

Summary :

We have talked about OOPs fundamentals Like Polymorphism, Encapsulation, Inheritance and classes with their respective examples.

Thanks For Reading !

Written by - GVP

Create your own Virtual Writing Board - p5.js

Gudi Varaprasad — Sat, 21 Nov 2020 10:40:09 +0000

My Writing Board

This is a simple writing board created using concepts of keyframes, mouse events in computer graphics ( p5.js - a JavaScript library for drawing functionality ).

How to use ?

Click & Drag to Draw with the help of mouse.
If it is a touch screen, draw slowly with your fingers or stylus pen.
Hit key 'r' on keyboard to Replay your sketch and to Continue drawing.
Hit key 'e' on keyboard to Erase / reset everything.

Give it a try here

Source Code :


const drawing = [];
const recorded = [];
let frames = 0;

function setup() {
  createCanvas(windowWidth, windowHeight);
}

function mousePressed() {
  drawing.push(new Path());
}

function mouseDragged() {
  drawing[drawing.length - 1].points.push(new Point(mouseX, mouseY));
}

function keyPressed() {
  if (key == "r") {
    recorded.push(...drawing);
    drawing.splice(0);
    frames = 0;
  } else if (key == "e") {
    recorded.splice(0);
    drawing.splice(0);
    frames = 0;
  }
}

function draw() {
  background(255, 255, 153);
  for (const path of drawing) {
    stroke(0);
    strokeWeight(2);
    noFill();
    beginShape();
    for (const v of path.points) {
      vertex(v.x, v.y);
    }
    endShape();
  }
  for (const path of recorded) {
    if (frames >= path.time) {
      stroke(0);
      strokeWeight(2);
      noFill();
      beginShape();
      for (const v of path.points) {
        if (frames >= v.time) vertex(v.x, v.y);
      }
      endShape();
    }
  }
  frames++;
}

class Point {
  constructor(x, y) {
    this.x = x;
    this.y = y;
    this.time = frames;
  }
}

class Path {
  constructor() {
    this.points = [];
    this.time = frames;
  }
}

// Gudi Varaprasad

Hotel Key Management

Gudi Varaprasad — Tue, 20 Oct 2020 17:02:26 +0000

Hotel Room Locking System - Affine Hotels

Security is one of the primary concerns for customers in a hotel. Traditional lock and key systems are exposed to a lack of safety to our belongings.

This project aims at creating a hotel room locking system for the guests who wish to have a secure stay. Access control is the basis for the automation of hotels and apartments in the current time. An efficient method of generating a unique encrypted password for each guest ensures tight security and reduces the risk of robbery. It is implemented as a graphical user interface system that involves locking and unlocking of the hotel room door through room-key security swiping machine.

Access to the room is granted only if the guest swipes his key and enters the password which was generated uniquely for him. The generation of this particular password is done for the first time when he books the hotel room. It involves the concepts of affine cipher encryption. And when it comes to this type of encryption system we can assure the customers of a higher level of security, because hacking of the mathematical function used in generating the password is very tedious and time-consuming.

How to use Security Swiper?

Dear Guest, Please kindly follow these security guidelines for your safety.
You have reached your room and you will find your hotel room key in the security swiper.
Initial access is granted to enter your room.
Now, Please enter your name for the first time only.
Click on Generate Password and kindly wait for 5 seconds.
Now, an encrypted password is generated using Encryption algorithms.
To lock your room, close the door properly and pull your hotel room key out of the swiper.
Kindly donot share your password and please remember this for next unlock of your hotel room.
When you want to unlock and enter back into your room, Slide the room key into the swiper machine.
Enter your last generated Password and click on Unlock the Door.
Kindly, Accept our terms & conditions by clicking on the below button.
Have a Secured Stay !!
Thank you for choosing Affine Hotels !

Project Demo

Source Code

Youtube Tutorial

How to earn with Coding ?

Gudi Varaprasad — Sat, 27 Jun 2020 16:44:23 +0000

Let's find out, how ?

Coding has become an important aspect in today's trend. It would be interesting to know how these skills can be implemented in order to earn our Livelihood. There are several ways to earn with your coding skills. Let's find out, how ?

Freelancing :

This is no.1 way to earn with any skill. Freelancing is basically a different way to work. Rather than being employed by a company in one specific job, freelancers are self-employed and find work via a variety of sources. Clients hire a freelancer to complete a task, project, or service for them.

Platforms to start -

Blogging :

Blogging refers to writing, photography, and other media that's self-published online. Blogging started as an opportunity for individuals to write diary-style entries, but it has since been incorporated into websites for many businesses. The hallmarks of blogging include frequent updates, informal language, and opportunities for readers to engage and start a conversation. Write blogs and earn a good amount, many bloggers around the globe are earning millions too.

Platforms to start -

Work for locals : :

Everyone wants to upgrade their business with website/app/software. But not everyone knows how to develop these. Take the opportunity and develop websites for locals.

Teaching :

Online teaching typically refers to courses that are delivered completely online, meaning there are no physical or on-campus class sessions. Online courses can be designed for a handful of enrolled students or can be made open and accessible to a wide variety of participants, such as with a MOOC. If you have relevant skills, you can teach with organisations and earn good amount as a part time job.

Platforms to start -

Coding Contests :

You can participate in coding contests happening around the world and earn exciting prizes.

Platforms to compete -

Bug Bounty or Penetration Testing :

A bug bounty program is a deal offered by many websites, organizations and software developers by which individuals can receive recognition and compensation for reporting bugs, especially those pertaining to security exploits and vulnerabilities. This is not an easy to crack, you need lot of skills. Bug hunters can earn a lot of money by reporting security vulnerabilities to companies and government agencies that run bug bounty programs. HackerOne has paid out over $40,000,000 in bounties to whitehat hackers around the world. The most well-paid hacker on h1 has earned $1 million.

Platforms to try -

Write an e-book :

People are earning hefty amounts by writing e-books. Just start and show your skills.

How to start ???????
Interested in Learning Programming or Confused to start which programming language. We are here for you. This Tool will help you to choose which programming language to start and it will guide you accordingly.

THANKS FOR READING..... Please Like it.

Building a Programming Language Recommendation Tool

Gudi Varaprasad — Tue, 09 Jun 2020 06:11:26 +0000

Programming Language Recommender

This Javascript based web tool will help you to choose the best programming language that suits you, If you are struck in your life or starting as a beginner, this web tool is perfect for you. Programming has become a vital element in every CSE Student's Life. When you want to start your career as a Web Developer or Software Developer or an Ethical Hacker, but you don't know how to choose, We are here for you. Just simply follow the instructions.

How to use this Tool ?

Explore different fields in Computer Science.
Come back again to this website and think to choose an option listed below.
Choose the best option that suits your goal.
Now, Click on Continue..
Your result is displayed below Recommender :
If you like this, share this link to your friends...

For more details :

Liked it, watch out a video on this - here
The link to the tool is here
Get Source code at GITHUB

-An unrecognized creative Web designer @GVP

Forem: Gudi Varaprasad

Day 1 as an Observer

WEB BASED BILLING SOFTWARE

About Project :

Objective :

Click here to learn more about this.

Required Files :

PROJECT DEMO : Click here

This is not called Hacking ?

Is it really how hacking looks ?

1. BREACHES :

2. SOCIAL ENGINEERING :

3. MAN IN THE MIDDLE :

MITs Tactics, Techniques

What is ATT&CK ?

ATT&CK has 14 Techniques that make up an attack chain:

1. Reconnaissance :

2. Resource Development :

3. Initial Access :

4. Execution :

5. Persistence :

6. Privilege Escalation :

7. Defense Evasion :

8. Credential Access :

9. Discovery :

10. Lateral Movement :

11. Collection :

12. Command and Control :

13. Exfiltration :

14. Impact :

IN SHORTS :

A Simple Arduino Project

Why this ?

Working of the Project ?

Demo ?

Need more details ?

Common Cyber Attacks

What are Cyber Attacks ?

Some common Cyber Attacks

1. Malware Attacks :

2. Phishing Attacks :

3. Man in the Middle Attack :

4. Dos/DDos Attacks :

5. SQL Injection :

6. Cross-site Scripting :

7. Business e-mail compromise :

How to stay away ?

Start using Brave Today!

Blockchain based browser :

How does advertising work ?

How Brave works ?

OOPS made easy

What is OOP ?

1. Objects

2. Classes

3. Abstraction

4. Encapsulation

Encapsulation = Abstraction + Data Hiding.

5. Inheritance

6. Polymorphism

Create your own Virtual Writing Board - p5.js

My Writing Board

How to use ?

Give it a try here

Source Code :

Hotel Key Management

Hotel Room Locking System - Affine Hotels

How to use Security Swiper?

How to earn with Coding ?

Let's find out, how ?

Freelancing :

Blogging :

Work for locals : :

Teaching :

Coding Contests :

Bug Bounty or Penetration Testing :

Write an e-book :

This page is contributed by © GVP

THANKS FOR READING..... Please Like it.

Building a Programming Language Recommendation Tool