Technical essays, architectural deep-dives, and practical guides at the intersection of code and design.
Page 4 of 27
A complete guide to HTTP cookie security — how cookies work under the hood, every security flag explained, real attack scenarios (session hijacking, CSRF, cookie tossing), and production-grade code for Express, Django, and Spring Boot.
A deep technical guide to format string vulnerabilities — how printf() becomes a read-write primitive for memory, exploitation techniques from info leak to arbitrary write to full RCE, real CVEs, and how to prevent them in C, C++, and modern languages.
A deep technical guide to buffer overflow attacks — stack overflows, heap overflows, integer overflows, and format string bugs. Includes memory layout diagrams, exploit code walkthroughs, and modern defense mechanisms like ASLR, NX, stack canaries, and memory-safe languages.
A deep-dive into SQL injection attacks — how they work, every type of SQLi (in-band, blind, out-of-band), real-world examples, and the complete defense playbook with code examples in Node.js, Python, Java, Go, and PHP.
A comprehensive guide to writing secure software in 2026, covering traditional OWASP vulnerabilities, AI-specific threats like prompt injection and model poisoning, secure SDLC practices, and practical code examples for building defense-in-depth applications.
How to architect and build an internal vulnerability detection system that developers don't hate. Covers SAST/SCA/secret scanning integration, PR-native workflows, false positive reduction via feedback loops, auto-fix generation, and the metrics that prove your system works.
A comprehensive guide to becoming a full-time freelancer in tech. Learn how to find clients, set your rates, build a portfolio, manage finances, and create a sustainable freelance business from scratch.
A comprehensive guide to Redis — covering its single-threaded architecture, data structures (strings, hashes, sorted sets, streams), persistence (RDB/AOF), replication, clustering with hash slots, pub/sub, Lua scripting, caching patterns, rate limiting, distributed locks, and production best practices for running Redis at scale.
A comprehensive guide to Apache Kafka for system design interviews — covering its distributed commit log architecture, partitioning and replication, producer and consumer internals, consumer groups, exactly-once semantics, compacted topics, schema evolution, Connect and Streams APIs, and production patterns for building event-driven systems at scale.
A comprehensive guide to Elasticsearch for system design interviews — covering inverted indexes, cluster architecture (master/data/coordinating nodes), sharding and replication, the write path (translog, refresh, flush, merge), the read path (scatter-gather, BM25 scoring), mappings, analyzers, aggregations, scaling strategies, and production best practices for building search-heavy systems.
A comprehensive guide to API Gateways for system design interviews — covering request lifecycle, authentication and authorization, rate limiting algorithms (token bucket, sliding window), routing and load balancing, circuit breakers, response caching, request aggregation, TLS termination, protocol translation, and production patterns with Kong, NGINX, AWS API Gateway, and Envoy.
A comprehensive guide to designing production-grade REST APIs — covering resource naming, HTTP methods, pagination strategies, versioning approaches, error handling, rate limiting, and the communication problems REST solves.