A collection of resources that I found interesting and useful across various domains.
- Go
- Containers
- Data Structures and Algorithms
- Internet
- Git
- Linux
- OS Dev
- C
- Ruby
- Rails
- Haskell
- Javascript
- Rust
- Database
- Tor
- Functional Programming
- OAuth
- Regex
- Distributed Systems
- Kafka
- Spark
- Monitoring
- System Design
- Privacy
- Security
- x vs y 🔪
- Useful Command Line Tools
- Blogs
- More
- Fun
- More Books
- Courses
- Papers
- Notes [WIP]
You might see some emojis (:sparkles:, :construction: etc) crawling all over this collection.
| emoji | meaning |
|---|---|
| ✨ | More the number, the more I liked the blog :3 |
| ⚡ | super duper awesome blog |
| 🚧 | Pending learning on this :( |
| 📺 | It's video! |
| 📚 | It's a book! |
| 📃 | It's a white paper! |
| 🔧 | It's Debugging related |
| 🔪 | faceoff |
| 📁 | It's a list |
- Tour of Go
- Go by example
- Effective Go
- Golang channels tutorial
- Resources for new Go programmers
- The zero value
- Darker Corners of Go ✨
- Know Your Nil
Do not communicate by sharing memory; instead, share memory by communicating.
Concurrency is not Parallelism
- Go Concurrency from the Ground Up
- How Goroutines Work ✨
- Concurrency is not Parallelism ✨ ⚡
- Concurrency in golang and a mini Load-balancer
- Channels in Go
- Go Concurrency Patterns
- Concurrent programming, with examples
- Slow down your code with goroutines
- How to Gracefully Close Channels ✨
- Go channels on steroids
- Visualizing Concurrency in Go
- Go’s Extended Concurrency: Semaphores (Part 1)
- Channel Axioms ✨
- Go Concurrency Patterns: Pipelines and cancellation
- Using contexts to avoid leaking goroutines
- Why is a Goroutine’s stack infinite ?
- Advanced Go Concurrency Patterns
- sync.RWMutex
- Profiling Go
- Profiling and optimizing Go web applications
- Profiling Go Programs
- pprof
- go tool trace
- Various go profiling methods
- pprof++: A Go Profiler with Hardware Performance Monitoring
Everything about Go: internals, concurrency, compiler, or packages available in the Go community.
- Go Internals
- How does the go build command work?
- Introducing the Go Race Detector
- String interning in Go
- Arrays, slices (and strings): The mechanics of 'append'
- Go’s hidden #pragmas
- Detecting Race Conditions With Go
- Golang’s Real-time GC in Theory and Practice ✨
- Getting to Go: The Journey of Go's Garbage Collector
- runtime: Large maps cause significant GC pauses
- How We Saved 70K Cores Across 30 Mission-Critical Services (Large-Scale, Semi-Automated Go GC Tuning @Uber)
- The Go Memory Model ✨
- Go memory ballast: How I learnt to stop worrying and love the heap
- Memory Leaking Scenarios
- Memory Order Guarantees in Go
- GO MEMORY MANAGEMENT
- Contiguous stacks in Go
- Memory Optimizations for Go Systems
- A few bytes here, a few there, pretty soon you’re talking real memory 🚧
- Golang escape analysis 🚧
- Are large slices more expensive than smaller ones? 🔍
- There is no pass-by-reference in Go
- Allocation efficiency in high-performance Go services
- Network Programming with Go
- A Million WebSockets and Go
- TCP/IP Networking in Go
- An Implementation and Analysis of a Kernel Network Stack in Go with the CSP Style 📃
- Gotchas in the Go Network Packages Defaults ✨
- Interfaces in Go
- Go Data Structures: Interfaces
- Applied Go
- Golang Has Generics
- Go-tcha: When nil != nil
- SOLID Go Design
- Simple techniques to optimise Go programs
- A whirlwind tour of Go’s runtime environment variables
- How we optimized our DNS server using go tools ✨
- Optimizing M3: How Uber Halved Our Metrics Ingestion Latency by (Briefly) Forking the Go Compiler ✨
- Writing a very fast cache service with millions of entries in Go
- Go, without package scoped variables
- How to generate a random string of a fixed length in Go?
- Building efficient statsd library in Go
- Gopher Puzzlers ⚡
- Visually Understanding Worker Pool
- The Case For A Go Worker Pool
- Go at Google: Language Design in the Service of Software Engineering
- Life of an HTTP request in a Go server
- Send data from file without loading into memory
- Data Race Patterns in Go
- A Practical Introduction to Container Terminology ⚡
- Container networking is simple 🚧
- Introduction to Container Security 📃
- Linux Containers in 500 lines
- Container security best practices: Comprehensive guide
- Three bugs in the Go MySQL Driver ⚡
- Docker Internals
- Understanding Docker Internals
- Docker Secure Deployment
- Docker Curriculum
- A tiny but valid
initfor containers - Intro Guide to Dockerfile Best Practices
- Docker security
- 3 simple tricks for smaller Docker images
- Best practices for building containers
- Reverse Engineering a Docker Image
- docker pause
- What even is a kubelet?
- Kubernetes from the ground up: the API server
- Kubernetes from the ground up: the scheduler
- Kubernetes: Getting Started With a Local Deployment
- Awesome Kubernetes
- There and Back Again: The Unexpected Journey of a Request
- Life of a Packet in Kubernetes — Part 1
- Complexity of Python Operations
- Heap Algorithm
- Linked lists are still hard
- Understanding Dijkstra's Algorithm
- How to think in graphs
- Ask HN: What's your favorite elegant/beautiful algorithm?
- Algorithms Behind Modern Storage Systems
- The Knuth-Morris-Pratt Algorithm in my own words
- Why is processing a sorted array faster than processing an unsorted array? ✨ ⚡
- Introduction to Algorithms 📚
- 10 Optimizations on Linear Search
- Apache vs Nginx: Practical Considerations
- The C10K problem
- nginx
- How WebSocket server handles multiple incoming connection requests?
- HTTP
- Capturing HTTP Packets
- HTTPS in the real world
- How does HTTPS actually work?
- Designing Headers for HTTP Compression
- HTTP headers for the responsible developer
- Evolution of HTTP
- The First Few Milliseconds of an HTTPS Connection ✨
- The HTTP part 1 - Let's start small
- How HTTPS works ...in a comic!
- How HTTPS Works in Layman's Terms - TLS 1.2 and 1.3
- HTTP Caching
- HTTP Security Headers - A Complete Guide
- Comparing HTTP/3 vs. HTTP/2 Performance
- HTTP3
- QUIC
- Employing QUIC Protocol to Optimize Uber’s App Performance
- HTTP/3: the past, the present, and the future
- HTTP/3 Deep Dive
- HTTP/3 explained
- How does SSL/TLS work?
- The Illustrated TLS Connection
- The New Illustrated TLS Connection
- What is TLS (Transport Layer Security)?
- Even faster connection establishment with QUIC 0-RTT resumption
- A Detailed Look at RFC 8446 (a.k.a. TLS 1.3)
- Discussion: UDP in web
- Let's code a TCP/IP stack
- When TCP sockets refuse to die
- Messing With Telnet
- How TCP Sockets Work
- How Does TCP Work?
- Once Again on TCP vs UDP
- Nagle's algorithm
- What every developer should know about TCP
- What I learned attempting the TCP Reset attack
- DNS in One Picture
- The Web Developer's Guide to DNS
- The uncertainty of measuring the DNS
- DNS Encryption Explained
- A cartoon intro to DNS over HTTPS
- Hello and welcome to DNS!
- How DNS Works
- Beyond DNS over HTTPS: Trustless DNS Privacy
- WebSockets for fun and profit
- The WebSocket Protocol: RFC 6455
- How WebSockets Work
- HTTP and Websockets: Understanding the capabilities of today’s web communication technologies
- WebSockets - A Conceptual Deep Dive
- How HTML5 Web Sockets Interact With Proxy Servers
- How Do Websockets Work?
- What are Long-Polling, Websockets, Server-Sent Events (SSE) and Comet?
- Building realtime apps with Go and WebSockets: client-side considerations
- Load Balancing
- GLB: GitHub's open source load balancer
- What Is Load Balancing?
- Understanding Nginx HTTP Proxying, Load Balancing, Buffering, and Caching
- Introduction to modern network load balancing and proxying
- The future of the open internet
- What happens when... ✨⚡
- How Wi-Fi Works
- How Does the Internet Work? 📃
- The Law of Leaky Abstractions ✨
- How to crawl a quarter billion webpages in 40 hours
- Setting up your server for IPv6 (nginx)
- The world in which IPv6 was a good design
- The Non-complexity of /etc/nsswitch.conf ✨
- What is Envoy
- High Performance Browser Networking 📚
- HAProxy
- Kerberos: The Network Authentication Protocol
- Network Protocols – Programmer's Compendium
- curl HTTP cheat sheet
- cURL security anti-patterns
- Staying out of TTL hell
- Stateful vs Stateless Authentication
- How to win at CORS
- The perils of the “real” client IP
- The Architecture of Open Source Applications
- Understanding IP Addressing: Everything You Ever Wanted To Know
- Kurose and Ross - Top Down Networking
- TCP/IP Illustrated
- Making Commit in past
- A Successul Git Branching Model
- Oh shit, git!
- What’s Wrong With Git? - Git Merge 2017 📺
- Git Aliases of the Gods! 📺
- High-level Problems with Git and How to Fix Them
- Git from the bottom up 📚
- Commit Often, Perfect Later, Publish Once: Git Best Practices
- Rebase with history -- implementation ideas
- How bad can it git? Characterizing secret leakage in public GitHub repositories
- git add --patch and --interactive
- Pro Git 📚
- How to Write a Git Commit Message
- Git Hooks
git rebase --ontogit push --force-with-lease- Commits are snapshots, not diffs
- http://whatthecommit.com/
- Think Like (a) Git
- The Thing About Git
- Git Internals - Git References
- Git Internals - Packfiles
- Git gc
- Git Compression of Blobs and Packfiles
- Git Submodules: Adding, Using, Removing, Updating
- Understanding git for real by exploring the .git directory
- The Git Parable ✨ ⚡
- Some of git internals
- Linux Insides
- chmod Tutorial
- Orphan vs Zombie vs Daemon Processes
- inetd Vs xinetd in linux
- rm -rf remains ✨
- What happens when you start a process on Linux?
- How does the system shutdown of a linux kernel work internally?
- The Definitive Guide to Linux System Calls ✨
- grep your way to freedom
- The real power of Linux executables
- x86 Assembly Guide ✨
- Linux file descriptors
- UNIX Syscalls
- How statically linked programs run on Linux ✨
- File Types in Linux
- Killing processes that don't want to die
- Threads and fork(): think twice before mixing them
- Loading and ptrace'ing a process on Linux
- Understanding glibc malloc
- Systemd as tragedy
- Rethinking PID 1
- What is Overcommit? And why is it bad?
- Your terminal is not a terminal: An Introduction to Streams
- How fast are Unix domain sockets?
- The 101 of ELF files on Linux: Understanding and Analysis
- Linux namespaces
- Why should text files end with a newline?
- What has to happen with Unix virtual memory when you have no swap space
- htop explained
- The Linux Scheduler: a Decade of Wasted Cores
- Linux Log Files that are Located under /var/log Directory
- Basic Linux Privilege Escalation
- “zero copy networking” vs “kernel bypass”?
- Understanding cgroups
- The brokenness of the sendfile() system call
- Understanding Daemons
- Myths Programmers Believe about CPU Caches ✨
- Systemd is not Magic Security Dust 🚧
- Pushing the Limits of Kernel Networking
- eBPF 🚧
- Process resource limits under the hood
- Linux Kernel Exploitation
- Dirty Cow
- Explaining Dirty COW local root exploit - CVE-2016-5195 📺
- Linux Firewall Tutorial: IPTables Tables, Chains, Rules Fundamentals
- Security Tips for Linux Servers
- Three kinds of memory leaks
- Running Untrusted Programs in Linux
- Writing a simple rootkit for linux
- Do sudo and .profile/.bashrc enable trivial privilege escalation?
- How to break out of a chroot() jail
- Creating a bash completion script
- Explain Shell
- Writing a Unix Shell
- Bash Pitfalls
- Minimal safe Bash script template ⚡
- http://www.bashoneliners.com/ ✨ ⚡
- Illustrated Redirection Tutorial ⚡ ⚡
- Operating Systems Lecture Notes
- Kernel 101 – Let’s write a Kernel
- Kernel development
- Computer architecture for network engineers
- Building a simple Kernel
- How Does an Intel Processor Boot?
- implement your own Linux kernel
- Lightweight HTTP Server
- Understanding C by learning assembly ✨✨
- Smashing The Stack For Fun And Profit
- GNU Make: A Program for Directing Recompilation
- ncurses Programming HOWTO
- Make your own build system
- Malloc tutorial
- Let's Build a Compiler, by Jack Crenshaw
- Back to Basics
- Tearing apart printf() ✨✨
- Metaprogramming in Ruby
- Visualizing Your Ruby Heap
- 7 Deadly Sins of Ruby Metaprogramming
- Guide to Ruby 📖
- Ruby Under a Microscope 📖
- RoR Tutorial 📖
- Predicting Test Failures
- XSS and Rails
- RailsConf 2014 - All the Little Things by Sandi Metz 📺
- Official Documentation
- How to learn Haskell
- Fighting spam with Haskell ✨
- Huge list of videos, talks, courses for Haskell programming language
- Happy Learn Haskell Tutorial
- Some Notes About How I Write Haskell
- Learn You a Haskell for Great Good!
Books
- Objects in javascript
- Two Pillars of Javascript
- How are the Event Loop, Callback Queue, and Javascript’s single thread connected? ✨
- Philip Roberts: What the heck is the event loop anyway? 📺
- Types in Javascript
- Modern JavaScript Cheatsheet
- Arrow function vs function declaration / expressions: Are they equivalent / exchangeable?
- this in JS
- What is a Promise?
- Lazy, composable, and modular JavaScript
- Advanced JS
- The Dao of Immutability
- Composing Software ✨✨
- What is the Difference Between Class and Prototypal Inheritance?
- What is a Closure?
- Circular dependencies in JavaScript
- Hoisting in Javascript
- Async-Await
- Await and Async Explained with Diagrams and Examples
- JavaScript engine fundamentals: Shapes and Inline Caches ✨
- Javascript : The Curious Case of Null >= 0
- How to Fix the ES6
classkeyword - Elements of JavaScript Style
- Javascript Debugging
- Headless Chromium
- Rich JavaScript Applications – the Seven Frameworks
- Essential Image Optimization ✨
- Why does Google prepend while(1); to their JSON responses?
- In defense of Functional CSS
- Douglas Crockford: Really. JavaScript. 📺
- Defensive JavaScript
- What is
this? The Inner Workings of JavaScript Objects - Responsible JavaScript
- JavaScript Event Loop And Call Stack Explained ⚡
- Looking into assembly code of coercion
- A cartoon intro to WebAssembly
- The Lost Art of the Makefile ✨✨
- Streams—The definitive guide
- Under the hood ReactJS
- Thinking in React
- React Implementation Notes
- React Internals
- Scheduling in React
- v8 Resource
- Understanding V8’s Bytecode
- Concurrent marking in V8
- V8 / Chrome Architecture Reading List - For Vulnerability Researchers
- You Don't Know JS
- Javascript: The Good Parts
- Mostly Adequate Guide to Functional Programming
- Programming JavaScript Applications
- The JavaScript Way
- A Gentle Introduction To Rust
- Rust Docs 📖
- Rust Design Patterns
- Rethinking Systems Programming ✨
- The Rust Programming Language
- Learning systems programming with Rust
- Learn Rust With Entirely Too Many Linked Lists
- Fearless Concurrency with Rust
- Secure PostgreSQL 🔒
- SQL vs NoSQL
- Build a simple database
- One Giant Leap For SQL: MySQL 8.0 Released ✨
- MongoDB is to NoSQL like MySQL to SQL — in the most harmful way
- How Postgres Makes Transactions Atomic
- Building Robust Systems with ACID and Constraints ✨
- Awesome Database Learning
- Database Internals 📖 🚧
- Things I Wished More Developers Knew About Databases 🚧
- PostgreSQL LISTEN/NOTIFY
- Maximizing MongoDB Performance on AWS
- Read Consistency with Database Replicas
- Zero downtime Postgres migration, done right
- Inconsistent thoughts on database consistency
- Understanding Database Sharding
- An Unorthodox Approach To Database Design : The Coming Of The Shard ✨
- Spanner's High Availability Writes
Papers
- Research problems: Ten ways to discover Tor bridges
- Selected Papers in Anonymity 📃
- Onion Router
- Anti-Censorship & Transparency - Roger Dingledine 📺
- How does Tor work?
- How Tor Works
- Tor Design
- Tor Bridge Discovery
- A Model of Onion Routing with Provable Anonymity
- Locating Hidden Servers
- What is Functional Programming ?
- Functional Programming Jargon
- What is a Functional Composition
- What is Pure function?
- Functional Programming
- So You Want to be a Functional Programmer
- Practical Functional Programming
- Mostly Adequate Guide to Functional Programming ✨
- Parse, don’t validate
- Functors, Applicatives, And Monads In Pictures ✨ ✨ ⚡ ⚡
- A Glossary of Functional Programming
- Scala Italy 2019 - John A De Goes - A Tour of Functional Design 📺
- Introduction to Distributed System Design
- Raft: Understandable Distributed Consensus ✨
- HTTP is obsolete. It's time for the Distributed Web
- Rack Model 📃
- If you need a global lock in your distributed system, then you're already in trouble ✨
- Parent Thread: Is Redlock Safe? Reply to Redlock Analysis
- Towards Robust Distributed Systems
- CAP Theorem
- Designing Distributed Systems: Patterns and Paradigms for Scalable, Reliable Services 📖 🚧
- Distributed systems theory for the distributed systems engineer ✨ 📁
- Fallacies of distributed computing
- Consesus Protocols
- Keeping CALM: When Distributed Consistency Is Easy
- Brewer’s Conjecture and the Feasibility of Consistent, Available, Partition-Tolerant Web Services 📃 🚧
- Thinking about Availability in Large Service Infrastructures
- Questioning the Lambda Architecture
- Avoiding fallback in distributed systems
- Consistency Models 🚧
- A Distributed Systems Reading List 📁
- Please stop calling databases CP or AP
- The network is reliable
- Managing Critical State: Distributed Consensus for Reliability
- "Apache Kafka and the Next 700 Stream Processing Systems" by Jay Kreps 📺
- Streaming 101: The world beyond batch
- Kafka and Zookeeper with Docker
- A Guide To The Kafka Protocol
- The Unofficial Kafka Rebalance How-To
- High Performance Kafka Producers
- __consumer_offsets topic in kafka
- Vertically scaling Kafka consumers
- Apache Kafka Rebalance Protocol, or the magic behind your streams applications
- Apache Kafka Supports 200K Partitions Per Cluster
- It’s Okay To Store Data In Apache Kafka
- Kafka: The Definitive Guide 📖
- Disaster Recovery for Multi-Region Kafka at Uber
- A Practical Introduction to Kafka Storage Internals
- Memory Management Overview
- Tricks of the Trade: Tuning JVM Memory for Large-scale Services
- Managing Spark Partitions with Coalesce and Repartition
- The hidden cost of Spark withColumn
- Spark Streaming Logging Configuration
- S3 Log4j Appender
- Log4j appender with S3 and search publishing
- When to use the Pushgateway
- Common pitfalls when using the Pushgateway
- On the naming of things ✨
- Prometheus Recording Rules
- Prometheus Counters and how to deal with them
- Thanos
- PromQL Queries for Exploring Your Metrics
- How to learn PromQL with Prometheus Playground
- Statsd: Measure Anything, Measure Everything
- JVM Profiler: An Open Source Tool for Tracing Distributed JVM Applications at Scale
- Telltale: Netflix Application Monitoring Simplified
- Understanding the Top 5 Redis Performance Metrics
- Metcalfe's law
- Learn how to design large-scale systems ✨
- A Brief History of High Availability
- Introduction to Microservices
- What is Kappa Architecture?
- Principles of chaos engineering
- Microservices — architecture nihilism in minimalism's clothes ✨
- Failing over without falling over ⚡
- Timeouts, retries, and backoff with jitter
- Why are services slow sometimes? ⚡
- Understanding Connections & Pools ⚡ ⚡
- The Big Little Guide to Message Queues
- MonolithFirst
- A List of Post-mortems!
- Exponential Backoff And Jitter
- Reddit: How We Built r/Place ✨
- Uber: Why Uber Engineering Switched from Postgres to MySQL
- Dropbox: How we migrated Dropbox from Nginx to Envoy
- Cloudflare: How Cloudflare’s Architecture Can Scale to Stop the Largest Attacks
- Making Instagram.com faster
- Billions of Messages a Day - Yelp's Real-time Data Pipeline
- The WhatsApp Architecture Facebook Bought For $19 Billion
- Airbnb: Avoiding Double Payments in a Distributed Payments System
- How We Developed DingTalk: Implementing the Message System Architecture
- Intelligent DNS based load balancing at Dropbox
- Jeremy Edberg - Scalable Cloud Architectures | Tech Talk 📺
- CS75 (Summer 2012) Lecture 9 Scalability Harvard Web Development 📺 ⚡
- A Word on Scalability
- Scalability for Dummies ✨
- Scalable System Design Patterns
- Scalable Web Architecture and Distributed Systems
- The Tail at Scale 📃
- Automating chaos experiments in production
- Eventually Consistent - Revisited
- Everything You Need To Know About Networking On AWS
- Deep Dive on Amazon ECS Cluster Auto Scaling ✨ 🚧
- Designing scalable API on AWS spot instances
- Workload isolation using shuffle-sharding
- The Hitchhiker's Guide to AWS ECS and Docker
- AWS IAM Policies in a Nutshell
- What You Need to Know About IOPS
- Why was a query to my Amazon RDS MySQL DB instance blocked when there is no other active session?
- Mastering Chaos - A Netflix Guide to Microservices 📺 ✨
- How we scaled nginx and saved the world 54 years every day
- Building fast.com
- AWS re:Invent 2017: How Netflix Tunes Amazon EC2 Instances for Performance (CMP325) 📺
- AWS re:Invent 2015: A Day in the Life of a Netflix Engineer (DVO203) 📺 ⚡
- Edge Authentication and Token-Agnostic Identity Propagation
- Cutting Google out of your life
- The Fantasy of Opting Out
- The Hitchhiker's Guide to Online Anonymity
- You should turn off autofill in your password manager
- SSL Strip
- SQL Injection
- Binary Exploitation
- SQL Attack Constraint Based
- DNS Reconnaissance – DNSRecon
- What is a DDoS Attack?
- Server Side Request Forgery (SSRF)?
- All you need to know about SYN floods
- "kernel: Possible SYN flooding on port X. Sending cookies" is logged
- SSL Strip for Newbies
- Cold Boot Attack
- Heartbleed Bug
- Shellshock
- Mirai Botnet
- POODLE
- Format string attack
- Off-by-one error
- EFAIL
- HTTP Desync Attacks: Request Smuggling Reborn
- The SSL FREAK vulnerability explained
- Abusing HTTP hop-by-hop request headers
- Memcrashed - Major amplification attacks from UDP port 11211
- Analyzing the Attacks on my Website
- How does a TCP reset attack work
- Cracking the lens: targeting HTTP's hidden attack-surface
- Web Cache Entanglement: Novel Pathways to Poisoning
- Reading Data via CSS Injection
- Network Ingress Filtering: Defeating Denial of Service Attacks which employ IP Source Address Spoofing
- SAD DNS Explained ✨ ⚡
- Hidden OAuth attack vectors
- HTTP request smuggling
- CTF Field Guide ✨
- Buffer Overflow
- Sometimes HTTP > HTTPS
- Security list for fun and profit
- What “hacking” competitions/challenges exist?
- Reverse Shell Cheat Sheet ✨
- Beware of strncpy() and strncat()
- Lessons learned and misconceptions regarding encryption and cryptology ✨
- GOT and PLT for pwning
- A Look at The Draft for JWT Best Current Practices
- LiveOverflow Binary Hacking 📺
- Advanced web security topics
- Don't publicly expose .git ✨
- The State Of Software Security In 2019 🔒
- The definitive super list for "Google Hacking"
- A list of useful payloads and bypass for Web Application Security and Pentest/CTF
- Now you C me, now you don't: An introduction to the hidden attack surface of interpreted languages
- Simple Bugs With Complex Exploits
- Web for Pentesters
- Overthewire
- Crypto Challenges
- https://picoctf.com/
- https://pwnable.kr
- http://gracker.org/
- http://websec.fr/
- https://365.csaw.io/
- https://crackmes.one/
- So, You Want To Learn To Break Ciphers
- Alice & Bob : A History of The World’s Most Famous Cryptographic Couple
- Implementing AES
- A Stick Figure Guide to the Advanced Encryption Standard (AES)
- An Intensive Introduction to Cryptography 📖
- First SHA1 Collision
- Myths about /dev/urandom
- The Joy of Cryptography
- Bcrypt Step by Step
- Bcrypt
- Why shouldn't we roll our own? ✨
- How to securely hash passwords?
- How To Safely Store A Password ⚡
- So you want to roll your own crypto?
- Untraceable electronic mail, return addresses, and digital pseudonyms
- Understanding the Mirai Botnet
- Exposing Private Information by Timing Web Applications
- Security, Authentication, and Public Key Systems
- A Future-Adaptable Password Scheme
- Too Much Crypto
- Ruby vs Python
- Weapon of Mass Destruction
- Leaving Clojure for Ruby
- Why Rust and not Go ✨
- Why Go and Rust are Competitors
- A Response to Hello World
- Kafka vs. Pulsar vs. RabbitMQ: Performance, Architecture, and Features Compared
- tldr
- Rofi: A window switcher, application launcher and dmenu replacement
- fd: A simple, fast and user-friendly alternative to find
- SCM breeze: Adds numbered shortcuts to the output git status, and much more
- Pass: Simple password manager using gpg and ordinary unix directories
- peerflix
- kaf: Modern CLI for Apache Kafka
- curl statistics made simple
- mkcert
- sshuttle - Transparent proxy server that works as a poor man's VPN.
- jq
- http://arjunsreedharan.org/
- https://jvns.ca/
- https://githubengineering.com/
- http://nullprogram.com/index/
- https://zwischenzugs.com/
- https://mkdev.me/en/posts
- https://blog.cloudflare.com/
- http://prog21.dadgum.com/
- https://increment.com/programming-languages/ ✨
- https://blog.filippo.io/
- http://highscalability.com
- https://notes.shichao.io/
- https://blog.acolyer.org/ - If you are into research papers
- https://lwn.net/
- https://queue.acm.org/
- https://www.the-paper-trail.org/
- https://overreacted.io/
- https://robertheaton.com/
- https://www.mnot.net/blog/
- https://systemoverlord.com/
- https://blog.rpis.ec/
- https://blog.jessfraz.com/
- https://www.hackinglinuxexposed.com/articles/
- https://rpis.ec/
- https://dave.cheney.net/ - Mostly Golang related
- http://www.brendangregg.com/
- https://www.scalescale.com/
- https://medium.com/@blanchon.vincent ✨
- https://sysadvent.blogspot.com/
- A handbook for making programming languages
- https://codewithoutrules.com/
- https://code.flickr.net/
- https://microservices.io/index.html ✨
- https://engineering.fb.com/
- Cryptography Services Archives 🔒
- https://timilearning.com/ 🚧
- https://aws.amazon.com/builders-library/ - How Amazon builds and operates software
- https://rhinosecuritylabs.com/blog/?category=aws
- https://how.complexsystems.fail/
- https://ops.tips
- Password storage in source control
- Difference b/w Integration and Unit Tests
- The language of choice
- Programmer Competency Matrix
- Hacker's guide to Neural Networks
- Return to the Source
- A list of everything that could go in the <head> of your document
- Design Patterns ✨
- Ask HN: “Write your own” or “Build your own” software projects
- Software Testing Anti-patterns *
- Detecting the use of "curl | bash" server side
- Constructors Considered Mildly Confusing
- Clojure - the perfect language to expand your brain?
- International Journal of Proof-of-Concept or Get The Fuck Out
- Making a virtual machine in Google Sheets
- How Did Software Get So Reliable Without Proof? 📃
- The Forgotten History of OOP
- Meet the Flexbox Inspector ✨
- A better zip bomb
- Race Condition vs. Data Race ✨
- The Absolute Minimum Every Software Developer Absolutely, Positively Must Know About Unicode and Character Sets (No Excuses!) ✨ ⚡
- A byte’s not 8 bits. ✨
- Epigrams in programming
- The Danger of “Simplicity”
- Front End Checklist 📁
- See Python, See Python Go, Go Python Go
- Why stack grows down
- Programmer's critique of missing structure of operating systems
- JVM Profiler: An Open Source Tool for Tracing Distributed JVM Applications at Scale
- Queryparser, an Open Source Tool for Parsing and Analyzing SQL
- Enabling Machine Learning with Apache Flink - Sherin Thomas 📺
- High-Throughput, Thread-Safe, LRU Caching
- Sorting 1 million 8-decimal-digit numbers with 1 MB of RAM
- Null References: The Billion Dollar Mistake - Tony Hoare 📺
- Mathematical attack on RSA
- In defence of swap: common misconceptions
- The Twelve-Factor App
- Epigrams on Programming
- Choose Boring Technology
- Essays on programming I think about a lot ✨
- PHP The Wrong Way
- Laws of UX
- How to stop procrastinating by using the Fogg Behavior Model
- lzop vs compress vs gzip vs bzip2 vs lzma vs lzma2/xz benchmark, reloaded
- Andrei Pangin - Everything you wanted to know about Stack Traces and Heap Dumps 📺
- The Log: What every software engineer should know about real-time data's unifying abstraction ✨ ⚡
- The Life of a Data Byte ✨ ⚡ 🚧
- How To Design A Good API and Why it Matters 📺
- The 13 immutable reads on choosing what to work on
- The Duct Tape Programmer
- The Hitchhiker’s Guide to Compression 🚧
- Parsing Algorithms 🚧
- The Differences Between Interpreter and Compiler Explained
- The Mind behind Linux 📺
- Semantic Versioning 2.0.0
- Intentionally leaking AWS keys
- Dream Deploys: Atomic, Zero-Downtime Deployments
- Modern Software Over-Engineering Mistakes
- Intro to Threads and Processes in Python
- Unreliability At Scale
- Extreme HTTP Performance Tuning: 1.2M API req/s on a 4 vCPU EC2 Instance
- Reverse Proxy, HTTP Keep-Alive Timeout, and sporadic HTTP 502s
- A Solution to HTTP 502 Errors with AWS ALB
- DevOps, SRE, and Platform Engineering
- Gunicorn vs Python GIL
- Gunicorn Worker Types: How to choose the right one
- A brief description of the architecture of Gunicorn
- DESIGN PATTERNS
- “Don’t Mock What You Don’t Own” in 5 Minutes
- The History of Pets vs Cattle and How to Use the Analogy Properly
- https://turnoff.us
- https://xkcd.com
- https://impurepics.com/
- https://www.commitstrip.com
- If Programming languages were harry potter characters
- Git Koans
- Vim Kōans
- The Dharma of Vi
- https://suricrasia.online/iceberg/
- https://goomics.net/
- Coders at Work
- The Pragmatic Programmer ✨
- Hackers: Heroes of the Computer Revolution
- The Mythical Man-Month
- The Joy of Software Development
- A handbook for making programming languages
- Ask HN: What language-agnostic programming books should I read ?
- The Phoenix Project: A Novel about IT, DevOps, and Helping Your Business Win
- An Illustrated Book of Bad Arguments
- An illustrated introduction to computational thinking
- Atomic Design by Brad Frost
- https://begriffs.com/posts/2017-04-13-longterm-computing-reading.html
- What is the single most influential book every programmer should read? [closed] 📚
- A Reading List For the Self-Taught Computer Scientist 📚
- SRE Books
- https://f0.holisticinfosecforwebdevelopers.com/toc.html