•8 min read
Shannon Entropy: Passwords, File Analysis, and Randomness Testing
Apply Shannon entropy: formula explained, English text entropy, file entropy for malware detection, password entropy vs strength, and sliding-window analysis.
Blog
Articles, tutorials, and updates about developer tools and productivity.
•9 min read
scrypt Password Hashing: Memory-Hard KDFs and N/r/p Tuning
scrypt for password hashing: memory-hard design vs bcrypt, N/r/p parameter tuning, scrypt vs Argon2id vs bcrypt, OWASP ranking, and code for Node/Python/Rust.
•9 min read
Protobuf Decoding Guide: Wire Format, Varints, and Schemaless Debugging
Decode Protocol Buffers: wire format, varint encoding, length-delimited fields, schemaless vs schema-aware decoding, gRPC framing, and protoc/grpcurl tools.
•9 min read
BIP-39 Mnemonic Guide: Seed Phrases, Checksums, and Derivation Paths
BIP-39 seed phrases explained: 2048-word list, entropy + checksum encoding, 12 vs 24 words, PBKDF2 seed derivation, 25th-word passphrase, and BIP-44 derivation paths.
•8 min read
Text Extractor Guide: URLs, Emails, and IPs from Unstructured Text
Extract URLs, emails, IPs, and UUIDs from text: regex patterns, RFC 5322 email gotchas, IDN/Punycode handling, dedup/normalization, and tldextract for domain work.
•7 min read
Defanging URLs: hxxp, [.], and IOC Sharing Conventions
Why security teams write hxxp:// and [.]com: defanging conventions, preventing accidental clicks, refanging for analysis, STIX/MISP integration, and defang/refang code.
•20 min read
Regex Cheatsheet: Complete Reference for JavaScript Regular Expressions
Complete regex reference: quantifiers, character classes, anchors, groups, lookahead, lookbehind, named captures, flags, and 20+ ready-to-use patterns for email, URL, IP, date, and more.
•9 min read
Why Your Developer Tools Should Never See Your Data
Developers routinely paste JWT tokens, API keys, passwords, and database credentials into online tools that send them to servers. Learn why client-side processing matters and how to verify it yourself.
•13 min read
chmod Calculator: Linux File Permissions Explained (Octal & Symbolic)
Master Linux file permissions: understand octal notation (755, 644, 777), symbolic mode (u+x, g-w), owner/group/others, special bits (setuid, sticky), and common real-world permission patterns.
•12 min read
How to Decode a JWT Token: Structure, Claims, and Verification
Learn how JWT tokens work: decode the header and payload with Base64url, read standard claims (sub, exp, iat, iss), verify signatures, and debug tokens safely — with JavaScript and Node.js examples.
•11 min read
List Operations: Compare, Diff, and Find Duplicates — Developer Guide
Master list operations: compare two lists, find duplicates, identify unique items, and perform set operations (union, intersection, difference). Practical guide with examples for developers.
•12 min read
Number Base Conversion: Hex, Binary, Octal, and Decimal for Developers
Master number base conversion between hexadecimal, binary, octal, and decimal. Learn hex color codes, bitwise operations, memory addresses, and practical conversion techniques with examples.
•14 min read
Hashing Algorithms Compared: MD5, SHA-1, SHA-256, SHA-512, BLAKE2
Compare MD5, SHA-1, SHA-256, SHA-512, and BLAKE2 hashing algorithms. Learn speed vs security tradeoffs, when to use each algorithm, deprecated algorithms, and performance benchmarks for file integrity.
•15 min read
Client-Side vs Server-Side Processing: When to Use Each for Developer Tools
Learn when to use client-side vs server-side processing for file operations. Understand file size limits, privacy considerations, performance tradeoffs, and enterprise tools vs browser limitations.
•12 min read
Quoted-Printable: Email Encoding Explained — MIME Encoding Guide
Learn Quoted-Printable encoding for emails: MIME encoding rules, soft line breaks, when to use QP vs Base64, email compatibility. Practical guide with real examples for developers.
•13 min read
HTML Entities: When to Escape, When Not To — XSS Prevention Guide
Learn when HTML entity encoding is required for security. Understand XSS prevention, JSON in HTML, attribute vs text encoding, and when escaping is optional. Practical guide with real examples.
•14 min read
URL Encoding Edge Cases: Space, Plus, and Percent in Real Requests
Deep dive into URL encoding edge cases: space vs plus, percent encoding, and application/x-www-form-urlencoded vs RFC 3986. Learn how to debug broken query strings with practical examples.
•14 min read
Image Optimization Workflow: Format Selection and Compression Guide
Master image optimization with this comprehensive guide. Learn format selection (JPEG, PNG, WebP, AVIF), compression strategies, quality vs file size tradeoffs, and performance impact for web development.
•15 min read
Designing for Color Blindness: Complete Developer's Guide
Learn to design accessible interfaces for color blind users: understand protanopia, deuteranopia, and tritanopia, use color blindness simulators, create accessible palettes, and avoid common design mistakes.
•16 min read
Color Contrast for WCAG Compliance: AA and AAA Standards Guide
Master WCAG color contrast requirements: understand AA (4.5:1) and AAA (7:1) ratios, test accessibility with contrast checkers, fix common failures, and design inclusive interfaces for all users.