Articles, notes and interactive experiments.
I mix secure development, music, endless home lab tweaks and the technologies that power my projects.
-
Open source site analytics
What I learned from self-hosting Tianji: PV/UV without cookies, campaigns, and reliability lessons.
1,113 words · 6 min
analytics ler artigo ↗ -
Cursor Rules and Secure Code Review
How to use Cursor Rules and checklists adapted to the project context to optimize security reviews in modern applications.
919 words · 5 min
security ler artigo ↗ -
Top 5 Rust Vulnerabilities Created with AI
Summary of the 5 most common vulnerabilities in Rust applications, generated with AI support and based on RustSec data.
586 words · 3 min
rust ler artigo ↗ -
Creating KPIs for an AppSec Program
I share here my experiences and learnings about creating KPIs for application security, without magic formulas, but with practical insights that can help other professionals in the field.
785 words · 4 min
security ler artigo ↗ -
Security for Developers
In 2020, I started developing a book about security for developers, inspired by other authors and aiming to help the community naturally incorporate security into the daily development workflow.
506 words · 3 min
security ler artigo ↗ -
eBPF in Action
In this post, we’ll explore what eBPF is, why it’s ideal for Kubernetes clusters, and how it powers security and observability tools in DevOps.
534 words · 3 min
ebpf ler artigo ↗ -
Threat Modeling Express: a fast start
How to engage the team, map critical assets, and ship controls quickly with Threat Modeling Express.
2,591 words · 13 min
Threat Modeling ler artigo ↗ -
Misconfiguration Vulnerabilities in Reverse Proxies: A Comprehensive Guide
One of the technologies revolutionizing various markets that you need to know.
1,030 words · 5 min
reverse proxy ler artigo ↗ -
Proxmox and Homelab
How I Transformed a Mini PC into a Respectable Server
568 words · 3 min
proxmox ler artigo ↗ -
Python Injection
Demonstration of a Telegram bot made in Python with injection vulnerability
430 words · 2 min
owasp ler artigo ↗ -
Devsec Links #10
Interesting links on the topic of secure development.
604 words · 3 min
DevSec ler artigo ↗ -
Devsec Links #09
Interesting links on the topic of secure development.
584 words · 3 min
DevSec ler artigo ↗ -
Devsec Links #08
Interesting links on the topic of secure development.
481 words · 2 min
DevSec ler artigo ↗ -
Devsec Links #07
Interesting links on the topic of secure development.
434 words · 2 min
DevSec ler artigo ↗ -
Devsec Links #06
Interesting links on the topic of secure development.
499 words · 2 min
DevSec ler artigo ↗ -
Devsec Links #05
Interesting links on the topic of secure development.
589 words · 3 min
DevSec ler artigo ↗ -
Devsec Links #04
Interesting links on the topic of secure development.
525 words · 3 min
DevSec ler artigo ↗ -
Devsec Links #03
Interesting links on the topic of secure development.
687 words · 3 min
DevSec ler artigo ↗ -
Devsec Links #02
Interesting links on the topic of secure development.
584 words · 3 min
DevSec ler artigo ↗ -
Devsec Links #01
Interesting links on the topic of secure development.
593 words · 3 min
DevSec ler artigo ↗ -
Basic Recon Automation Using Github Actions
Demonstration of how to use Github Actions to automate a Recon
1,731 words · 9 min
owasp ler artigo ↗ -
Hacktoberfest Owasp
Quick guide to contribute to OWASP projects during Hacktoberfest and secure your PRs.
402 words · 2 min
owasp ler artigo ↗ -
Getting to Know OWASP
A brief introduction to OWASP and its projects
354 words · 2 min
owasp ler artigo ↗