Hack Manchester 2018 UrlPeek


Posted on November 01, 2018

Last weekend I once again attended Hack Manchester. An annual 25 hour hackathon at the Museum of Science and Industry. Perhaps my 7th time attending.

Being solo, having not been able to raise a team again I decided to attempt one of the sponsors challenge. Avecto's challenge to promote or educate cyber security.

The hack that I planned on doing was ambitious. There was a lot of moving parts, some of which I had never done before and was unsure how to do.

I had the idea of developing a mobile app that would give the user the ability to check the safety of a url before visiting it, and being able to crawl it and show generated screenshots in a 3d augmented reality space.

  1. Create a Xamarin.ios mobile application in Visual Studio for Mac / c#
  2. Have the app use the Tesseract library identify a url through the camera from a block of text
  3. Check the url against the Google Safe Browsing API and show the results
  4. At the same time save send the url to a WebApi I created which stores the url in an Azure Table Storage.
  5. Have another .NET Core console application checking the ATS and when using HTML Agility pack to crawl the page for other Urls and list them also in ATS.
  6. Have the .NET Core application make Selenium Web Driver go to the url and save a screenshot to Azure Blob Storage.
  7. The mobile app would then call the WebApi, retrieve all the screenshots for pages for the website and show them in a 3D augmented reality using ARKit / SceneKit.

And I would call it UrlPeek. Registered UrlPeek.com last week.

Architecture

Soon into the hack I found I struggled with the Tesseract OCR and calling the Google Safe Browsing API so I concentrated on the website crawling, screenshot generating and augmented reality mobile app side. Which went rather well.

So while I didn't get the useful part of the idea working, I got the cool part working.

In any case, the project was good enough to be shortlisted for the challenge award but understandedly didn't win as the useful part was incomplete.

 

I can't wait until Hack Manchester next year and have got Lincoln hack in 2 weeks time.