justinbentley.dev



















Website Development

Switchboard, jbn.ai

.Net Core 8, MVC

HTML, CSS, JavaScript, SPA, WebGL (three.js), GLSL (C), glTF (.glb), Media Queries, Cookies

3D Frontend, Switchboard site

Large client-side JavaScript engine to operate multiple WebGL backgrounds and dynamically switch icons

Includes my own polymorphic JavaScript three.js Particle System with its own GLSL (C-like syntax) Particle Shader.

Unminified.

Aphid Attack (game), jbn.ai/aa

.Net Core 8, Blender

HTML, CSS, JavaScript, WebGL (three.js), glTF (.glb)

3D WebGL Game

WebGL Game Engine, Game, Keyboard / Mouse Control, everything in vanilla JavaScript.

Hope you like it!

pcuser.org, pcuser.org

.Net Core 8, MVC, Blender

HTML, CSS, JavaScript, WebGL (three.js), glTF (.glb), Cookies, Figma

PC (Personal Computer) issue site

Uses Cookies to store client last state on index page and theme preference

Arcane Woodwork, arcaneww.com

.Net Core 8, MVC, API Dynamic Image Viewer, ReCaptcha

HTML, CSS, JavaScript, Media Queries

Woodwork Showcase site

Contains a API to return how many images are present of a particular subject and returns an image address corresponding to the images index, called by Image Viewer (below).

I have a YouTube video of how I implemented ReCaptcha into this particular site too: < youtube >

Woden Laundromat & Dry Cleaners, wodenldc.com.au

.Net Core 8

HTML, CSS, Media Queries, SEO

Woden Laundromat & Dry Cleaners Website

Commercial site to display Opening Times and Details of a Laundromat in Woden (Phillip), Canberra, ACT

Was originallywodenlaundromat.com which is now a 308 (Permanent Redirect) towodenldc.com.au until renewal lapses.

justinbentley.net, justinbentley.net

.Net Framework 4.8, Transact SQL (Stored Procedures), MVC, Razor

HTML, CSS, JavaScript, Bootstrap 3

Personal, First & Largest site

React, react.justinbentley.net

.Net Core 8, NPM, React

HTML, CSS, JSX, SPA (Single Page Application), <helmet>, emotion

Justinbentley.net Tours, Christmas in SVG & alternate page for ImageViewer

Dennis Bentley Artworks, dennisbentley.net

.Net Framework 4.8, MVC, Razor

HTML, CSS, JavaScript, Bootstrap, React, JSX

Art Gallery

Originallydennisbentley.net/gallery/sydney  was written in react and JSX though due to a unavoidable vulnerable package was rewritten in vanilla javascript.

justinbentley.dev, justinbentley.dev

~ This Site ~

.Net Core 8

HTML, CSS, JavaScript, Media Queries, Intersection Observer API, Cookies

Light / Dark theme (using JavaScript) and Cookies to persist through sessions

Intersection Observer API for <button> management

Has a filter system that uses vanilla JavaScript and custom html 'keywords' attrib

Filter accepts url params:justinbentley.dev?JS

David Green Performances & Compositions, davidgreenmusician.com

.Net Core 8

HTML, CSS, JavaScript

Davidgreenmusician.com is a site that hosts the musical compositions, performances and videos of David W. Green.

Rendered Landscapes, renderedlandscapes.com

.Net Core 8, MVC, Blender

HTML, CSS, JavaScript, WebGL (three.js), glTF (.glb)

Renderedlandscapes.com is a site that hosts and can optionally have created a real-time 3D render of an architectural structure (such as a pergola) which users can immerse themselves in and can walk around and view from all angles.

The CAD render files (or mesh's) can and have been created from Architectural diagrams, cardboard models or really ones imagination.

Server & Cybersecurity

AWS / EC2 Windows Server

AWS, EC2 (Lightsail), CloudFront CDN, Windows Server, IIS, MS SQL Server

Lightsail (EC2), Microsoft© Windows Server host.
IIS (Internet Information Services) for setting up https, hosting and binding sites, SQL Server for hosting databases and most importantly executing the .Net Core runtime.

AWS Route 53 for (some) domain registrations, network records and nameserver setup.

CloudFront Distribution (AWS CDN) & AWS Certificate Manager (ACM) for very fast or high demand delivery of secure files.

IIS Configuration

Windows Server, IIS, URL Rewrite, Failed Request Tracing

IIS (Internet Information Services) is the heart of Windows Web Publishing. Its the engine behind serving websites and content to the public on a Windows Server via the Web Server role.

There is an amount of configuration that needs to be done within IIS itself such as linking urls to hosts (Bindings), mapping directories within the server, configuring recycling/idle timers and amount of workers for each Application Pool process.

URL Rewrite is where all the URL magic happens. Here is where you can perform functions like redirection or denial on URL requests using absolute values or wildcards/regex.

Implements a vast array of black and white lists which has cut nefarious bots (such as looking for my .env files, not that they would be returned, if I even have them) by atleast 95%, this was eventually merged into GateKeeper (below).

Valid requests (such as .well-known/security.txt, a standardised link for security researchers) which I don't provide, a 404 is returned at the server level as opposed to having the Application try to process it, preventing a eventual 404 from waking the process.

Failed Request Tracing is where you can view failed URL requests (generally 404's, though sometimes 503 if you try and view a website in a state of publishing, oof). Using these traces you can monitor what requests are not being fullfilled and redirect dead links, swat bots and gently guide the SEO crawlers to their proper target.

GateKeeper.dll,
GateKeeperAPI,
GateKeeperUpLink.exe

Firewall, Headless Class Library/.dll IIS Module, ASP.NET Core, .NET Framework, Windows Programming, C#, COM (Component Object Model), API, AbuseIPDB

After swatting bots in IIS UrlRewrite it became increasingly clear that I would need to write something dedicated to handle higher level request-filtering in C# and I also wanted to implement IP verification from the AbuseIPDB API.

GateKeeper.dll (Custom .NET IIS Module);
The purpose of the GateKeeper IIS Module is to intercept URL requests at a particular point in time within the IIS pipeline, after the main firewall, rate-limiter and URL Rewrite but before being served by the web server. Its a IIS module just like URL Rewrite and similarly it runs inline for each Application Pool.

At this point of interception it halts the request while it sends its details to GateKeeperAPI (below) which validates the IP using the AbuseIPDB records.

If the request makes it to this stage the GateKeeper Module will perform a variety of tests such as keyword blacklist. If the request passes then it continues up the IIS Pipeline to the Web Server and if it fails the connection is dropped and the IP is reported, providing high quality reports (think zero-day IPs) to AbuseIPDB.

If the connection is dropped be it present in the Deny Table, filtered locally or by AbuseIPDB the GateKeeper Module will implement tarpitting but if the request is allowed the entire process easily takes less than 1/10th of a second, especially if the IP is an allow entry in the GateKeeper module onboard cache.

GateKeeperAPI (ASP.NET Core API);
Orignally planned as a Windows Service using Named Pipes, for certain reasons (mainly named pipe permission escalation as I would have to add permissions and open pipes to outside the IIS virtualized environment and thats not a risk I need) it became a very-lightweight ASP.Net Core API site that transmits only on localhost.

GateKeeperAPI's primary purpose is to store and maintain Black and Whitelisted IP Tables, this leads to blocking IP's that spam websites.

As the GateKeeper modules recycle and are inherantly short-lived they lack the ability to maintain IP Tables and as they are run parallel in isolated Application Pools an IP that requests multiple sites would have to be reverified for each.

GateKeeperAPI solves this by maintaining a cache of IP's stored in memory and being always-on can store them for an arbitrary length of time.

It populates these tables from the AbuseIPDB databases via an API (luckily situated 1ms at the same AWS datacenter as the server) and also IP reports from the GateKeeper Modules.

GateKeeperUpLink.exe (.NET Console);
Thanks to pure serendipity, having the IP Tables made making a real time monitor of server activity an elementary task.

GateKeeperUpLink communicates with GateKeeperAPI on a localhost port to retrieve the current IP Table information. It then queries AbuseIPDB for each entry which provides details such as what is making the request (Proxy, Search Engine Crawler), who and (potentially) where. This provides valuable information about who is accesing the server in realtime which for the most part ensures the blacklists are working properly but can also tell me if I'm being bombarded.

Outcome;
The main purpose of all this (which started ages ago with URL Rewrite) is to harden the server in order to block and/or discourage Vulnerability Scanners, in other words counter automated scanners that over-time try to break into systems by finding critical files (a surprisingly common practice on the internet).

The effects of this generally pointless (and oft-times amusing) endeavor is to seize computer resources from valid duties and in some instances (such as pay-as-you-go) lead to real costs involved to entertain these activities.

There are also hard cyber measures that this system performs that are effective against both vulnerability scanners and actual threats;

As the local keyword blacklists were offloaded from Url Rewrite into GateKeeper a technique known as Tarpitting can be performed (waiting a random amount of time before severing the connection) which eliminates time-based attacks, ceases differentiation between a Keyword and AbuseIPDB Abort and locks-up the scanners resources in return, persuading them to go elsewhere.

Also, in contrast to URL Rewrite (which would abort on a per request basis) if an IP trips the local blacklists it's added as a deny to the IP Tables (and sent to AbuseIPDB), blocking the IP at the proverbial front door and preventing repeat filtering of a abusive IP. In addition to this and also in contrast to URL Rewrite an Abort can create a log, either custom or in Failed Request Tracing, of which I've set up custom HTTP codes to interpret the reasons why it was blocked.

Furthermore, the most significant feature of AbuseIPDB is its ability to identify compromised or malicious IP's before the requests arrive (a function I cant perform locally) and this provides a reasonably effective counter to scripts that roll a new IP for every request.

GateKeeper IIS Module Diagram GateKeeper v2r0 Diagram GateKeeper v2r1 Diagram (alpha) GateKeeper API and Module UML Diagram
Schematics, Integration into a IIS Web Server (left to right):
GateKeeper V1 Original Self Contained Standalone version,
GateKeeper V2R0 Concept (Named Pipes),
GateKeeper V2R1 (currently implementated) using instanciated IIS Modules, a ASP.Net Core API and Utility programs,
Diagram of interaction between GateKeeperAPI and GateKeeper IIS Module/s.

GateKeeper v2r1 In Action (alpha) GateKeeperUpLink GateKeeperUpLink GateKeeperUpLink GateKeeperUpLink GateKeeperUpLink
GateKeeperAPI being accessed by curl (with IISOnline and AbuseAPI, the prototype AbuseIPDB query engine used by GateKeeperUpLink and GateKeeperAPI),
GateKeeperUplink (x2),
Manually blacklisting myself via a curl command to GateKeeperAPI,
Under Attack during a Brute Force Vulnerability Scan combined with a semi-DDOS,
Server shutdown during a GateKeeperAPI upgrade.

File Server (.Net Core), fs.jbn.ai

.Net Core 8, API, AWS CloudFront, CDN

.Net Core file server completely coupled to the AWS CloudFront Content Delivery Network.

Always on file server acting to serve files used by multiple sites (ie ImageViewer, cookies.js, below) and/or serve files quickly or at a very high bandwidth.

Also, being always on serves intermediatary functions such as rectifying urls like /youtube-channel and a image server for ultra high quality images on sites like linkedin (superceeding jbn.ai, which superceeded justinbentley.net).

Implements a suite of security measures such as discriminate file Rate Limiting and selective CORS.

Server Tools

Old IISOnline Icon New IISOnline Icon New IISOnline Icon IISOnline, < youtube >

C#, .Net Core, Windows Server, IIS

When monitoring the Server its challenging to know which loaded IIS Workers belong to what website, so I made a program to do that.

IISOnline queries IIS for Application Pools and stores their names and status. Then queries the command lines of running IIS Workers for a hostname match and if found displays their PID/s (Process Identifier).

Its finetuned to use as little RAM as needed, hence the "any key to rescan" option and specific command to refresh IIS Pools. Though if resources are not at a premium it also has an auto-scan mode.

IISOnline Screenshot IISOnline Screenshot IISOnline Screenshot IISOnline Screenshot IISOnline Screenshot

FRTLibrarian Icon FRTLibrarian

C#, .Net Core, Windows Server, IIS

FRTLibrarian accesses Failed Request Tracing logs from within the Windows Server filesystem. It analyses the logs one by one, extracts specific data and tabulates entries in a chronilogical order.

NeRV Icon NeRV (.Net Runtime Versions)

C#, .Net Core, Windows Server

Queries the Github API for the latest .Net runtime version and queries the local system for the current version.

If the versions do not match (ie there is a later version available) NeRV can display this to the user if run in real-time or if run by the Windows task scheduler (using the -s argument) can send an email to an admin or autonomously install the update.

NeRV Screenshot NeRV Screenshot

AAPI Icon AbuseIPDB API (Tester)

C#, .Net Core, WebAPI, AbuseAPI

One thing that was absolutely clear was that the GateKeeper IIS Module was a serious pain to create. Being a resource limited server meant no local programming despite requiring some server applications, being a .dll meant no debugging and manual entry into the GAC and a ton of not particularly simple settings, and being ran in a secure virtualized environment (App Pool, IIS Pipeline) meant no logging (without localhost HTTP), no access to the file system, no access to named pipes and no API.

Therefore what was of prime importance was to firstly have functioning and verfified blocks of code to perform the tasks required before, the brute-force implementation.

I ended up using AbuseIPDB API (AAPT) to create the AbuseIPDB API Caller and Memory Caching strategy which became a part of the GateKeeper IIS module and was later ported to the GateKeeperAPI ASP.Net Core localhost site.

AbuseIPDB API Screenshot

JS Utility Scripts

ImageViewer.js

JavaScript, API

Standalone Full-Screen Image Viewing Script featuring a variety of features and zoom limited only by the resolution of the Image.

ImageViewer (IV) has three modes of operation:

  • Start IV with a single Image.
  • Start IV with API support, firstly IV requests a number from an API representing how many images available for target item, then IV requests a src using the item number and item index, then IV starts using the src and displays left and right buttons to cycle through the items repeating the latter API call.
  • Start IV with simple Array support, functionally the same as API support though an array of src's and a index can be passed instead.

Certain settings can be set before IV is started such as show demo buttons (unsplash and image galleries), demo LR buttons (unsplash, a third party random image API), LR button title text, the Start IV with API support API base addesses and Invert Zoom.

Lastly, uses a complicated mathematical algorithm that I designed to keep the image anchored in the middle of the screen while zooming in or out.

Used for arcaneww.com (which was the host of the script before the dedicated file server(above)), react.justinbentley.net, dennisbentley.net, justinbentley.net and justinbentley.dev (click on an image on this site to use).

ImageViewer can be found running here: justinbentley.net/image

And also here: react.justinbentley.net/image

The source code can be found here: arcaneww.com/js/ImageViewer.js

glparticlegen.js

JavaScript, WebGL (three.js), GLSL (C),

Created my own particle system to work in tandem with 3D (WebGL) scenes. It contains a JavaScript polymorphic super class with two child classes to operate different types of particle shaders and my own GLSL (C like GPU code) Shader code to bring it all together on the GPU.

Currently used for jbn.ai and jbn.ai/webgl though has future plans.

The source code can be found here: jbn.ai/js/glparticlegen.js

cookies.js

JavaScript, Cookies

Standalone script to handle Cookie operations.

Used for many of my sites and located on the file server.

This site uses this script to store data to persist the light/dark mode preference between reloads and revisits.

The source code can be found here: fs.jbn.ai/fs/uni/js/cookies.js

cookie monster sharing his knowledge on cookies

fs.js

JavaScript

Standalone script to handle Fullscreen operations.

Used for many of my sites and located on the file server.

The source code can be found here: fs.jbn.ai/fs/uni/js/fs.js

Database

SQL / T-SQL / MSSQL Database

SQL Server, SQL Table Setup, SQL Monitoring, SQL Stored Procedures

Secure and highly streamlined SQL Database that runs my own relational tables and stored procedures.

Database Security, justinbentley.net/pentest

SQL Stored Procedures (vs) Pentesting Tools

After creating the Database I decided to run it through a Pentest and verify it's Security.

3D Application Graphics Programming

VR Tai Chi, justinbentley.net/uni/ictp

C++, OpenGL 4.4, GLSL 4.4 (modified C), x64, Steam Corp OpenVR <openvr.h>, Autodesk Maya, GLFW, GLEW, GLM (Math / Quaternion Library)

Scratch made OpenGL Modern Renderer, Game, Tai Chi Simulator in VR with Autodesk Maya constructs

Game Engine, Game, Models (mesh), Mesh Importer (.obj), Digital Elevation Model (DEM) / Heightfield Importer, Shaders, Keyboard & VR Device Control

Microsoft© Bubbles Screensaver Clone, < youtube >

C++, OpenGL 3.3, GLSL 3.3, x64

Clone of Microsoft's most popular screensaver ever

Created to learn 'modern' OpenGL

VIC Final Assignment, justinbentley.net/uni/vic

C++, OpenGL 1.2, GLUT (GL Utility Toolkit), Autodesk Maya

Scratch made Legacy (90's) OpenGL Renderer, Game World Logic and Programatically made assets

Game Engine, Game, Digital Elevation Model (DEM) / Heightfield Importer / Renderer (whitespace seperated .txt), Mesh Importer, Keyboard / Mouse Control

University of Canberra Unit, final grade High Distinction @ 92/100

.obj Wavefront Mesh Importer < youtube >

C++, OpenGL 1.2, GLUT (GL Utility Toolkit), .obj Mesh File

Importer to turn a 'mesh' created in a CAD type program into triangles to be displayed in my own real-time Renderer

Legacy (v1.2) OpenGL Guide, < youtube >

C++, OpenGL 1.2, GLUT (GL Utility Toolkit)

1.5 hour tour of OpenGL 1.2, one of my most popular Youtube Videos

Training Room (Autodesk Maya), < youtube >

3D Mesh, Autodesk Maya

3D Assets for VR Tai Chi

2D Programming

USS-199, justinbentley.net/uni/gpt

C#, XNA / Monogame

Game Engine, Game, Keyboard / Mouse Control, Scoring, etc

All images made in Paint.net!

Save the Trees, < youtube >

C#, XNA / Monogame

Game Engine, Game, Keyboard / Mouse Control, Scoring, etc

First Game Ever!

May not be the most complex, but was made in the University of Canberra library late into the night and weekend after the very first tutorial!

File System Programming

CodeLiner

C++, Win32API <windows.h>

Extract lines of code / operations from .cpp, .c & .h file found in a specified windows directory

Includes a complicated algorithm (second pic) to test for multiple operations per line and ommit comments

Uses <windows.h> to query a directory (third pic) for .cpp, .c & .h files.

codeliner1 codeliner0 codeliner2 codeliner3

Subtitle Time Stamp Reducer

C++, POSIX

Globally reduces or adds to timestamps of a .srt (Video Subtitle) file.

Subtitle Timestamp Reducer 1 Subtitle Timestamp Reducer 2

Payroll System

C, POSIX

Program to organize the payroll operations of a business and 'printf' payslips.

Application Programming

Gross Calculator, < youtube >

C# Form

Salary, Taxation, Super Calculator.

Predecessor & engine of: justinbentley.net/salcalc

ANN (AI) 1

C# Form

Front-End for a C++ AI (Artificial Neural Network) Back-End Engine to input training data and values

ASCII Dictionary

C++, Qt Creator

Provides decimal, hexadeciaml, binary & octal values for a entered decimal or character ASCII (utf-8) value

ASCII Dictionary 1 ASCII Dictionary 2

Timer

C++, threading

Queue's alarms within Windows for entered times

Testing

xUnit

xUnit, C#, WebAPI, .Net Core

I thought I might as well try out some Testing Frameworks, decided on xUnit.

xUnit Screenshot xUnit Screenshot

Other

StarBase BASIC

BASIC

Not quite your traditional BASIC programming but anyway, theres a MMO Video Game called Starbase where you build a Space Ship and use the Programming Language BASIC to enhance its systems.

Autogen would run the Power Generator to feed the Battery, although it was a bit more complex, it would add load to the Generator if the Battery was less than its last cycle reading and vice versa. Also, add or remove load if the Battery was below or above particular limits, forming a sort of heuristic with weights.

AutoLander would adjust the Pitch & Roll of the vehicle until Rangefinders at each corner of the undercarriage were showing similar distances, indicating the ship is level. Then it would adjust altitude until a particlular range was reached, all while activating the Landing Lights.

AutoGen AutoLander AutoLander in action ON AutoLander in action OFF

Digital Circuitry, justinbentley.net/uni/ice

Logic Circuits, Logisym, PSpice

Electronics

Very Long URL Expertise, justinbentley.net/veryveryveryveryveryveryveryverylongurlexpertise

Were you expecting the url to overflow the right margin?

Important component of a youtube video I made addressing a common Web Development topic, ever seen a website that scrolls left to right and wondered why?

The link is clickable.

Q: Why do programmers always use dark themes? A: Because bugs are attracted to light!