** Encrypt & Decrypt Database Fields in Spring Boot Like a Pro (2025 Secure Guide)**
“Your database backup just leaked. Is your data still safe?”
[Continue reading on InfoSec Write-ups »](https://infos … ⌘ Read more
CTF to Bug Bounty: Part 1 of the Beginner’s Series for Aspiring Hunters
From CTF flags to real-world bugs — your next hacking adventure starts here.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups. … ⌘ Read more
Master Web Fuzzing: A Cheat‑Sheet to Finding Hidden Paths
Hey there, back again with another post! 😄
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/master-web-fuzzing-a-cheat-sheet-to-finding-hidden-paths-6c2bcf5 … ⌘ Read more
** The Access Control Apocalypse: How Broken Permissions Gave Me Keys to Every Digital Door**
Hey there😁
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/th … ⌘ Read more
Account Take Over | P1 — Critical
It started off like any other day until I got an unexpected email — an invite to a private bug bounty program. Curious, I jumped in. The…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/account-take-over-p1-critical-5468ce8218b9?sour … ⌘ Read more
22. How to Get Invites to Private Programs
Unlock the secrets to landing exclusive private program invites and level up your bug bounty journey.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/22-how-to-get-invites-to-private-programs-9bbb5166 … ⌘ Read more
Why, in 2025, do we still need a 3rd party app to write a REST API with Django?
Comments ⌘ Read more
↳
In-reply-to
»
I disabled the compression of logs on my edge, which I'm hoping will fix the "instability" I see every now and again where my edge network just "falls off the face of the earth". Some folks don't really appreciate / understand this, but Disk I/O can kill your application(s) no matter what. I/O Wait is a real thing.
⤋ Read More
Great! Write a post about it, and twelve into details, providing graphs, or stats on how disk “I/O can kill your application(s) no matter what”.
Prose Writing. Are vi-bindings really that much better than cntrl+arrow keys? ⌘ Read more
How to Add MCP Servers to Claude Code with Docker MCP Toolkit
AI coding assistants have evolved from simple autocomplete tools into full development partners. Yet even the best of them, like Claude Code, can’t act directly on your environment. Claude Code can suggest a database query, but can’t run it. It can draft a GitHub issue, but can’t create it. It can write a Slack message,… ⌘ Read more
21. Tips for Staying Consistent and Avoiding Burnout
What if the secret to lasting success isn’t working harder, but pacing yourself smarter?
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/21-tips-for-staying-consistent-an … ⌘ Read more
The $500 Stored XSS Bug in SideFX’s Messaging System
Hacking the Inbox: How a $500 Stored XSS Bug Exposed SideFX’s Messaging Flaw
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/the-500-stored-xss-bug-in-sidefxs-messaging-sys … ⌘ Read more
A Beginner’s Guide to Finding Hidden API Endpoints in JavaScript Files
How to discover what others miss in plain sight
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/a-beginners-guide-to-finding-h … ⌘ Read more
↳
In-reply-to
»
My open letter, to the European Commission digital markets act team:
⤋ Read More
@bender@twtxt.net To add some context, I’m not one to write open letters often, nor do I expect to become some kind of martyr, the European Union will unite over, to fight Google.
However Google did loose to Epic Games in European courts, that determined Google maintains a monopoly over its Play Store, restricting competition and developers choices. And pretty much right after courts determined this, Google gives them the middle finger and proposes changes, that would destroy F-droid - the biggest and really the only competing app store, that’s actually competing and not just taking the apps from Googles Play Store and passing them on.
There are many more qualified and likable parties, who already reached out to them, with these concerns, I just think it’s important everyone impacted by this, politely contacts them too, to convey this is not just some niche non-issue, a few IT nerds made up.
Learn what MITM attack is, and how to identify the footprints of this attack in the network traffic.
How I found Multiple Bugs on CHESS.COM & they refused
I found JS crash, disallowing anyone to view your profile and HTML Injection. But they ignored everything.
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-i-found-multiple-bug … ⌘ Read more
My open letter, to the European Commission digital markets act team:
Hello,
I am joining other developers, concerned about Googles new plan, to approve every app and effectively destroy most of the competing 3rd party stores this way. The biggest one of these alternative stores, most known for their focus on user and developer privacy, already states, this would make it impossible for them to operate: https://f-droid.org/cs/2025/09/29/google-developer-registration-decree.html
Even communities like the XDA forum, where new developers are often introduced to the world of Android development, would likely be strongly impacted, as making, publishing and installing Android apps is made less accessible.
I am not just writing on their behalf, I run a small website myself (https://thecanine.ueuo.com/), that both provides legal modifications, for some android apps - for example adding an amoled dark theme, to the most popular XMPP chat client for Android, or increasing one of Androids keyboard apps height. This all comes after Googles previous changes to the Android operating system, that prevent users from installing old apps (old to Google, can mean only a couple of months, without an update - https://developer.android.com/google/play/requirements/target-sdk and the target version gets increased every year). I rely on apps developed by a single developer, even for things like making the pixel art presented on my website and sideloading as a way to make these apps work, before developers can catch up to Google’s new requirements - if Google is allowed to slowly kill these options, us digital artists will soon lose the tools we need to create digital art.
**Hidden API Endpoints: The Hacker’s Secret Weapon **
I’m a cybersecurity enthusiast and the writer behind The Hacker’s Log — where I break down how real hackers think, find, and exploit…
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/ … ⌘ Read more
How a Single Signup Flaw Exposed 162,481 User Records
My $8,500 Bug Bounty Story and the Critical Lesson in Authentication
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/how-a-single-signup-flaw-exposed-162-481-user-re … ⌘ Read more
Breaking Into HackTheBox: My Journey from Script Kiddie to Root
How I went from copying Pastebin scripts to actually understanding what I was doing — and how you can too.
[Continue reading on InfoSec Write-ups »](https://i … ⌘ Read more
Mastering Google Dorking: Discovering Website Vulnerabilities
Deep Recon Made Simple: Powering Bug Hunting with Dorking Strategies
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/mastering-google-dorking-d … ⌘ Read more
My Recon Automation Found an Email Confirmation Bypass
How a simple parameter led to a complete authentication bypass
[Continue reading on InfoSec Write-ups »](https://infosecwriteups.com/my-recon-automation-found-an-email-confirmation-byp … ⌘ Read more
Red Stone One Carat — TryHackMe Challenge Write-up ⌘ Read more
↳
In-reply-to
»
It’s time to say goodbye to the GTK world.
⤋ Read More
@lyse@lyse.isobeef.org Xfce is nice, but it’s also mostly GTK. I don’t really know the answer yet. For now, I’ll just avoid anything that uses GTK4.
For my own programs, I might have a closer look at Tkinter. I was complaining recently that I couldn’t find a good file manager, so it might be an interesting excercise to write one in Python+Tkinter. 🤔 (Or maybe that’s too much work, I don’t know yet.)
How to write a complete GNOME application in Lua
This article is intended to be a comprehensive guide to writing your first GNOME app in Lua using LuaGObject. The article assumes that you already understand Lua and want to get started with building beautiful native applications for GNOME. I also assume you know how to use a command line to install and compile software. Having some knowledge of the C programming language, as well as the Make, Gettext, and Flatpak software will be hel … ⌘ Read more
UNIX99: UNIX for the TI-99/4A
I’ve been working on developing an operating system for the TI-99 for the last 18 months or so. I didn’t intend this—my original plan was to develop enough of the standard C libraries to help with writing cartridge-based and EA5 programs. But that trek led me quickly towards developing an OS. As Unix is by far my preferred OS, this OS is an approximation. Developing an OS within the resources available, particularly the RAM, has been challenging, but also surprisingly doab … ⌘ Read more
I just created a zs blogging template which I’m going to use for https://prologic.blog and I might starting writing long-form again soon™ 🔜 So far the “blogging” template/engine (if you weill) is quite simple. It comprises essentially of an index.md a prehook and a few utilities:
$ git ls-files
.gitignore
.zs/config.yml
.zs/editthispage
.zs/include
.zs/layout.html
.zs/list
.zs/months
.zs/now
.zs/onthispage
.zs/posthook
.zs/postsbymonth
.zs/prehook
.zs/scripts
.zs/styles
.zs/tagcloud
.zs/taglist
.zs/years
archives/.empty
assets/css/site.css
assets/js/main.js
index.md
posts/hello-zs-blog.md
posts/on-tagging.md
posts/second-post.md
tags/.empty
@lyse@lyse.isobeef.org a content warning is kind of like a forum spoiler cut, or like the <details> tag in HTML; it lets you write a sentence or so that someone can then click to expand to see the actual post. it’s called a CW because most people use it to warn for potentially triggering/harmful subjects, but you can really use it for anything, like spoilers in a TV show or even for joke punchlines
↳
In-reply-to
»
Dear dev.alessandrocutolo.it, do you really need to fetch my twtxt feed every 20-30 seconds? 😅 Not that it’s posing a problem, but I feel like this could be optimized. For example, how about using the
⤋ Read More
if-modified-since request header: https://developer.mozilla.org/en-US/docs/Web/HTTP/Reference/Headers/If-Modified-Since
They don’t want to miss anything you might write. And got to know it instantly! 😅
↳
In-reply-to
»
Good morning. Driving the dot matrix printer from my little real-mode toy OS. 🖨️
⤋ Read More
@lyse@lyse.isobeef.org @dce@hashnix.club It’s pretty cool, I won’t argue that, but also really simple, to be completely honest. 😅 The BIOS already provides all you need to send data to the printer:
https://helppc.netcore2k.net/interrupt/bios-printer-services
The BIOS actually does provide a great deal of things, which, to me, was one of the most surprising learnings of this project (the project of writing a little 16-bit real-mode OS, that is). It often doesn’t feel like I was writing an operating system – it felt more like writing a normal program that just uses BIOS calls like we would use syscalls these days.
(I’ve also read a lot of warnings, like “don’t use the BIOS for this or that”. Mostly because it tends to be very slow.)
https://writes.casa/ A lightweight, anonymous writing platform with weekly themes
** To the surprise of literally no one, I’m working on implementing a programming language all my own **
Inspired by conversation at a recent Future of Coding event, I decided I’d write up a little something about the programming language I’ve been working on (for what feels like forever) before I’ve gotten it to a totally shareable state. I have a working interpreter that I’m pretty pleased with, but I don’t yet have an interact … ⌘ Read more
RIP Android:
https://9to5google.com/2025/08/25/android-apps-developer-verification/
Since nobody is going to push back on this (I don’t even know if that would be possible), this is going to be a reality on every platform sooner or later.
I’d guess in 20, 30 years, there won’t be “PCs” anymore. No more home computing, no more “I just write my own software”. You won’t own devices anymore, it’ll all be rented and the landlord will tell you what you can do with it.
I hope that I’m wrong, but given where we are today, I don’t think that I will be.
↳
In-reply-to
»
Sooooooooo, things happened, and I now have a dot matrix printer again. 😍😂
⤋ Read More
This is why I love tech from that era.
Write bytes to a parallel port and stuff happens. If it’s just ASCII bytes, then it will print ASCII text. Even the simplest programs can use a printer this way.
With a little bit of ESC/P, you can print images and other fancy stuff. That’s what I did this morning – never worked with ESC/P before, now I can print images. It’s not that hard.
Hayes-compatible modems are similar: Write some AT commands to the serial port and the modem does things. This isn’t even arcane knowledge, it’s explained in the printed manual.
Maybe I’m wearing rose-tinted glasses here, but I think with all this old stuff, you get useful results very quickly and the manuals are usually actually helpful. It’s so much easier to get started and to use this hardware to the full extent. Much less complexity than what we have today, not a ton of libraries and dependencies and SDKs and cloud services and what not.
↳
In-reply-to
»
You can explicitly use colors in manpages. I saw this in the
⤋ Read More
apt manpage of Ubuntu recently, which, for some reason, uses blue text in one place:
Ah, so apparently they don’t like writing manpages anymore and instead use XML:
https://salsa.debian.org/apt-team/apt/-/blob/main/doc/apt.8.xml
And then they use XSLT on top and what not:
https://salsa.debian.org/apt-team/apt/-/blob/main/doc/manpage-style.xsl.cmake.in
It’s not even explicitly blue:
https://salsa.debian.org/apt-team/apt/-/blob/main/doc/apt.ent?ref_type=heads#L17
Abstractions upon abstractions upon abstractions.
** Make awk rawk **
A friend online recently replied to something I wrote about awk by saying:
[…] it’s a danged shame [awk] didn’t continue to evolve the way Ruby, Python, PHP have evolved over the decades.
I had exactly this thought while working on my slightly unhinged“lets see if I can implement a basic scheme using awk by writing an assembler and VM in awk,” skwak. Which eventually lead me to start noodling on how to layer in some modern niceties into awk, without breaking awk’s portability.
… ⌘ Read more
↳
In-reply-to
»
Speaking of manpages:
⤋ Read More
@kat@yarn.girlonthemoon.xyz On the one hand, all these programs have a very long history and the technology behind manpages is actually very powerful – you can use it to write books:
https://www.troff.org/pubs.html
I have two books from that list, for example “The UNIX programming environment”:
It’s a bit older, of course, but it looks and feels like a normal book, and it uses the same tech as manpages – which I think is really cool. 😎
It’s comparable to LaTeX (just harder/different to use) but much faster than LaTeX. You can also do stuff like render manpages as a PDF (man -Tpdf cp >cp.pdf) or as an HTML file (man -Thtml cp >cp.html). I think I once made slides for a talk this way.
On the other hand, traditional manpages (i.e., ones that are not written in mandoc) do not use semantic markup. They literally say, “this text is bold, that text over here is italics”, and so on.
So when you run man foo, it has no other choice but to show it in black, white, bold, underline – showing it in color would be wrong, because that’s not what the source code of that manpage says.
Colorizing them is a hack, to be honest. You’re not meant to do this. (The devs actually broke this by accident recently. They themselves aren’t really aware that people use colors.)
If mandoc and semantic markup was more commonly used, I think it would be easier to convince the devs to add proper customizable colors.
mandoc is nicer to read/write than the man macro package and, most importantly, it’s semantic markup.
HTML output is a bit broken in GNU groff, though (OpenBSD on the left, GNU on the right):
🤔
Still, I’m inclined to convert my manpages to mandoc.
Writing a Text Editor - Computerphile ⌘ Read more