Prashant Gupta

Writing secure python applications

Table of contents

  1. Injection Attacks
    1. SQL Injection
    2. XML Injection
    3. Command Injection
  2. Broken authentication & session management
    1. Session fixation
    2. Use of Insufficiently random values
  3. Cross site scripting
    1. Reflected XSS
    2. Persistent XSS
    3. Document Object Model (DOM) Based XSS
  4. Insecure direct object references
    1. Directory (Path) Traversal
  5. Security Misconfiguration
    1. Privileged Interface Exposure
    2. Leftover debug code
  6. Sensitive data exposure
    1. Authentication credentials in URL
    2. Session Exposure within URL
    3. User Enumeration
  7. Missing function level access control
    1. Horizontal Privilege Escalation
    2. Vertical privileage Escalation
  8. Cross site request forgery
    1. Cross site request forgery(POST)
    2. Cross site request forgery(GET)
    3. Click Jacking
  9. Unvalidated redirects & Forwards
    1. Insecure URL redirect
read more

System design

Table of contents

  1. Software Design Theoritical concepts - Introduction
    1. CRC Card
    2. Four concepts revolving around OOP
    3. Coupling & Cohesion
    4. Separation of concerns
    5. SOLID
      1. The Single Responsibility Principle
      2. The Open Closed Principle
      3. The Liskov Substitution Principle
      4. The Interface Segretation Principle
      5. The Dependency Inversion Principle
  2. Class Diagrams
    1. Tool to draw UML
    2. UML class diagram rules
  3. Sample UML Diagrams examples
  4. Object oriented cheat-sheet
  5. References
read more

Using Anaconda in CI/CD pipeline

To successfully build the pipeline, it was required to automate all the yes invocation while executing Anaconda sh file.

I did by invoking sh file with -b option bash -b

Shipping machine learning modules in a single executable

You have done all your research, prototyped it, optimize it and now you are ready to ship it. This post not only focusses on shipping machine learning modules but python based codebases in general.

How do you ship ?

  1. Expose an API
  2. Package your code in a single executable
read more

Feature Extraction

To start with

feature selection: select a subset of the original feature set.

feature extraction: build new set of features from original feature set.

Language Modelling in NLP

What is Language Modelling ?

Language modeling in very simple terms is the task of assigning a probability to sentences in a language. Besides assigning a probability to each sequence of words, the language models also assigns a probability for the likelihood of a given word (or a sequence of words) to follow a sequence of words.

read more

All you need to know about Word2vec

Feature Extraction from texts using Word2vec

To get a better semantic understanding of a word, word2vec was published for nlp community.

read more

All you need to know about BOW

Feature Extraction from texts using Bag of words

The bag of words model ignores grammar and order of words. ‘All my cats in a row’, ‘When my cat sits down, she looks like a Furby toy!’,

Breaking down the given sentences into words and assigning them each a unique ID

read more

Visual recognition

I am really fascinated by the subject of this broad research topic. So, I decided to play around things and this post is a serially arranged attempts of mine into visual recognition.

What inspired me ?

Dr. Fei Fei Li with her TED talk

read more

Basics of probability and stats

Data ?

Data are pieces of information about individuals organized into variables. By an individual, we mean a particular person or object. By a variable, we mean a particular characteristic of the individual.

Variables can be classified into one of two types: categorical or quantitative.

read more

Striving better at Competitive programming

I stepped into competitve programming in my college. I started from SPOJ attempted Life, the Universe, and Everything and wola got compilation errror :laughing:

Anyways, that was a learning curve and I continued with other platforms like Codechef and Codeforces along with SPOJ. Topcoder problems were tough then and now as well :wink:

In the spirit of making myself a better developer, I am releasing all my submitted solutions of various problems on all platforms. The main reason behind putting all my codes at one place read more

Git utility commands

  1. Ignore file/folder while commit

    For a File

         git add -u
         git reset -- main/dontcheckmein.txt
         git add .
         git commit -m "commit message"
         git push -u origin master

    For a folder

         git add -u
         git reset -- main/*
         git add .
         git commit -m "commit message"
         git push -u origin master
  2. Use these commands to revert/delete your last (only one) commit from the repo but keep in mind that if other contributors have pulled the code before you start reverting then it may cause problems.

read more

Linux utility commands

To monitor CPU Usage on any Linux distribution, use

read more

Play vocals #1

For me, It rolled out very tough, when it comes to singing with or without karaoke. I tried a mix of both in these three beautiful songs.

My first experience of singing with a recording? Out of key, out of time…Still, here are they. read more