Home
Login
Register
Examples
Projects
About
Contact
Donate
>AvatarXAvatarX
/>Not A RobotNot A Robot
Hack ProofHack Proof
Password ProtectionPassword Protection
Keylogger ProofKeylogger Proof

Welcome To Project AvatarX

Impossible Code Injection
Impossible Code Injection

Impossible Code Injection

Code injection is the exploitation of a computer bug that is caused by processing invalid data. Code injection techniques are popular in system hacking or cracking to gain information, privilege escalation or unauthorized access to a system. Code injection can be used malevolently for many purposes, including:Arbitrarily modifying values in a database through SQL injection. The impact of this can range from website defacement to serious compromise of sensitive data. Installing malware or executing malevolent code on a server by injecting server scripting code (such as PHP or ASP). Code Injection can only be achieved to attack a website application via the front end though a data input source, like a URL Href, a Button or a Form. Removing the ability to use a normal keyboard to input data and taking 100% control of what data can be entered using the AvatarX keyboard removes most of the possible threats. Then adding some security protocols to everything renders code injection impossible.

Protected Source Code
Protected Source Code

Protected Source Code

Leaving your source code exposed is an open invitation to hackers. The AvatarX system uses several techniques to protect its source code including the use of minimal functions and client side scripting. These scripts are reused with various values, some may or may not be dummy codes which change randomly each time a key is pressed on the keyboard. The AvatarX system is truly dynamic with all the important source code hidden. The pages that are served are only accessed after certain security protocols have been met. If an attempt to access data or code though any method other than how data was designed to be accessed will cause the system to perceive that it under attack and reject the request before it even begins to think about a connection to the requested page and its source code. No source code is even better than hidden source code.

Bot Proof
Bot Proof

Bot Proof

Bots do not care how popular your website is or who you are are what you do, if you are on the web then you are target. The stats tell us that about 29% of all your website visitors are there to attack your site. The AvatarX system is Bot Proof and can only be navigated by humans. Bot Proofing is achieved by the AvatarX system by the use several security protocols that reject the bots requests.

Therefore the AvatarX system has no need for any of those extra annoying security captcha scripts that pop up asking you to prove you are indeed a human operator.

Independent Input Device
Independent Input Device

Independent Input Device

The AvatarX system uses an independent input device. Being 100% independent from a users device the AvatarX keyboard can be configured to only display the keys that are applicable to the data being requested.

For instance if you require the user to input their data of birth, then only numbers need to be displayed. Further critera can be added to make sure the data requested is in the correct format, like the date format has to be yyyy-mm-dd (ie. 1967-02-02) the AvatarX system will only display the submit button when the correct format has been matched. The date format in this instance is forced by the fact that the dash(-) button is not available to the user and is automatically inserted as the 5th and 8th character.

The AvatarX keyboard is the only input method accepted for data input within the AvatarX systems framework. The advantages of this method of input are numerous both from a security point of view and the expanse of potential configuration options.

No Copy & Paste
No Copy & Paste

No Copy & Paste

Because of the fact that the AvatarX system only allows the use of its independent keyboard as the means of data input, copying and pasting is impossible. This has its advantages and disadvantages, The disadvantage of not allowing copy and pasting is the extra time it takes to input data. The advantages of disallowing copy and paste by far out weigh the disadvantages. Take the contact us page for instance, if someone wants to contact us using our contact us page they will take the time to manually complete the required input to gain their required response. However if a bot or a person is trying to send us spam or advertising then a bot can not use our system and its likely that a person will not take the time to manually enter something they would normally just paste into a from and send.

Looking at this concept it opens up a massive potential for many other applications, for instance virtual school rooms ,online exams, online quizzes etc. The AvatarX system can be configured to link the user to their IP address and the keystokes on the AvatarX keyboard can be timed or even timed out. The ability to capture these elements can be used to prove the validity of the user and who answered or entered the data the fastest etc. There are limitless possibilities to the use of the AvatarX keyboard.

Secured Links
Secured Links

Secured Links

The AvatarX system employs many security features to prevent unauthenticated data entry, this also includes protection of all of the URL ‘s and links. Code injection can be deployed via the use of query strings attached to the end of any URL.

The AvatarX system coding analyzes the query stings and rejects requests that do not match the required input format. This method is also backed up by other corresponding security measures for each page requested, this makes the use of code injection or system access impossible via a URL or link query strings.

Form Free
Form Free

Form Free

the AvatarX system is 100% form free. We consider forms a security risk which can be exploited using code injection, also forms can be recognised by the browser software and can retain data that has been entered. Typically form data that we save to our browsers are user names and passwords, this means anyone with access to your machine either locally or remotely, can access your browsers interface and gain access to all of your saved user names and passwords for all of your accounts you have stored. That's handing your private data over to hackers on a plate.

It may make life easier just clicking on a sign-in button where your details have already been stored, but you would not leave your keys in the lock of your front door because it saves you time looking for your keys later. The form free approach prevents these security risks, protects the users data and protects the system against code injection attacks.

Cookie Free
Cookie Free

Cookie Free

the AvatarX system is 100% Cookie Free. We consider Cookies as a security threat. They can be altered by malicious users since it is stored on the local machine.

Cookies can also be used to steal sessions of another user and hence can commit fraudulent acts. They can also be used for tracking the surfing history of a user. This data can be sold to advertising agencies, which in turn results in junk emails and advertisements.

Although Cookies stand as one of great inventions on the Internet, because of the security implications we see them as out dated and surplus to requirements within the AvatarX system.



Website Secured & Protected by AvatarX