Hi HN! I built this after 3 months researching image-based attacks.
The problem: Apps that accept user images typically just strip EXIF metadata.
But this misses:
- Steganographic payloads (data hidden in pixel LSBs)
- Polyglot files (valid as both image AND executable)
- Image bombs (1x50000px files that exhaust memory)
My approach: Content Disarm & Reconstruction (CDR)
- Decode image to raw pixel buffer
- Completely discard the original container
- Rebuild a sterile PNG from scratch
Hi HN! I built this after 3 months researching image-based attacks.
The problem: Apps that accept user images typically just strip EXIF metadata. But this misses: - Steganographic payloads (data hidden in pixel LSBs) - Polyglot files (valid as both image AND executable) - Image bombs (1x50000px files that exhaust memory)
My approach: Content Disarm & Reconstruction (CDR) - Decode image to raw pixel buffer - Completely discard the original container - Rebuild a sterile PNG from scratch
Stack: Rust core → WebAssembly sandbox → Cloudflare Workers edge
Free tier: 100 requests/month on RapidAPI
Happy to answer questions about the architecture, threat model, or implementation!