Blog
-
Weeknotes #10
semgrep Lightweight static analysis for many languages. Find bug variants with patterns that look like source code. Cómo imprimir libritos artesanales A7 Text Fragments API Rule of least power Computer Science in the 1960s to 80s spent a lot of effort making languages that were as powerful as possible. Nowadays we have to appreciate the…
-
Weeknotes #9
Using Strace to Trace Linux Syscalls Tailscale: Subnet routers and traffic relay nodes …you can set up a “subnet router” (previously called a relay node or relaynode) to access these devices from Tailscale. Subnet routers act as a gateway, relaying traffic from your Tailscale network onto your physical subnet. Subnet routers respect features like access…
-
Weeknotes #8
MindAPI Organize your API security assessment by using MindAPI. It’s free and open for community collaboration. SSL Pinning Bypass For Android Using Frida This approach enables security researchers to audit Android mobile apps that use certificate pinning. Basically it will allow you to MITM even if the app has pinning enabled. Very cool! Better Builds…
-
Weeknotes #7
Infinite Mac Infinite Mac is a collection of classic Macintosh system releases and software, all easily accessible from the comfort of a (modern) web browser. From React to htmx on a real-world SaaS product: we did it, and it’s awesome! Where Hollywood’s Printed Props Are Made! File distribution over DNS: (ab)using DNS as a CDN…
-
Weeknotes #6
Mac SE Easter Egg On The Metal Podcast I just learned about this podcast and it’s great. A lot of great and interesting interviews. Must listen. WordPress: Status update on the SQLite project This brings support for SQLite in WordPress core. In the near future you will be able to deploy WordPress backed by a…
-
Weeknotes #5
Hypermedia Systems Book This books describes the approach I’ve been using to build modern web apps for the last few years. This is the same approach I used back when I was just getting started in web development around 2010. The books is available for free online but please consider buying a copy to support…
-
Running a Bug Bounty Program Without Spending a Fortune
Bug bounty programs have emerged as a crucial cybersecurity measure, allowing organizations to harness the skills of the security community in identifying and resolving vulnerabilities before malicious actors can exploit them. While many opt for popular bug bounty platforms, these can come with hefty price tags. In this blog post, we’ll explore the steps to…
-
Weeknotes #4
The Code Review Pyramid Its intention is to help putting focus on those parts which matter the most during a code review (in my opinion, anyways), and also which parts could and should be automated. The easiest way to speed up Python with Rust If you want to speed up some existing Python code, writing…
-
Weeknotes #3
The Xerox Smalltalk-80 GUI Was Weird At first glance, this looks incredibly similar to something like the desktop of the Apple Lisa or early Mac OS. It’s easy to see why people might think that Apple sort of stole the graphical user interface from it’s rich neighbor Xerox. It’s not true, though. The first thing…