I’m thrilled to share my latest blog post! This one focuses on the bug hunting process: inspiration, approach, and execution. I also provide a retrospective on how the bug was introduced and analyze the insufficient “patch”. Check it out:

I loved working on @Datadog's open source contribution to @sigma_hq! Our pySigma backend converts security rules in Sigma format to Datadog rules and queries for increased security coverage. @blubbfiction, the lead developer, was incredible to work with!

One of the things I like the most are "soft assertions" which don't terminate the test execution, even when the test fails.

Started using @playwrightweb for #reactjs testing recently and it's one of the most well documented and straightforward testing frameworks I've encountered so far. Really enjoying this!

One of the best engineers I've ever met wrote a blog post on writing custom @PulumiCorp providers and it's excellent.

Suggestions for a #graphql library for #rustlang ? Server side specifically, looking for multiple options to evaluate. Must support subscriptions. pls/ ty 🙏🙏🙏🙏

🔥

Snoop Dogg on how to remember passwords 😂😂😂 https://t.co/YDhV0PLiXJ

Completely blown away by the brilliance of @chompie1337's latest post on how she exploited the linux kernel. It was so fascinating to read through her process with such clarity and precise detail. This is so thorough and well thought out. Genuinely amazing work!🔥💯

P.S. These balloons are biodegradable.

Couldn't get myself to take down a month old balloon garland & I'm so glad I didn't. I just got @Wattenberger's "Full Stack D3 & Data Visualization" which I've wanted for a while and it matches perfectly! Reading this will be one of the most fun learning experiences I've ever had

LOVED this article on Node.js vulnerabilities from @vickieli7. Not only does she explain 25 different vulns, (including some I’ve never heard of like “Insecure Puppeteer Settings“ & “Host Header Poisoning”), she also provides resources to learn more and how to prevent them.❤️‍🔥💯🔥

Could not be more excited to get this book from @snyksec's #31DaysOfSecurity giveaway today! I'm blown away by how thoughtful this choice is! Can't wait to integrate what I learn into my work @GraplSec! So grateful!! What an excellent start to my week!

WOW!!!! Thank you so much @snyksec, this totally made my day!

Everything @snyksec has published for #31DaysOfSecurity has been excellent, but this is comprehensive overview of AppSec acronyms with thorough descriptions of what they mean by @AlyssaM_InfoSec is my favorite so far! Learned about RASP which instantly detects & reacts to attacks

This my favorite book on Rust because it's clear, thoughtful, and well paced. The price today is really unbeatable. Highly recommend!

Was struggling with importing a crate in #rustlang and learned that package names with hypens are converted to underscores. I had two packages with the same name, one separated "-"and the other by "_". Got a ton of errors because the compiler didn't know where to import from.🤦‍♀️

Rust Adventure is Live!! 🦀🎉 @rustadventure is series of workshops designed to introduce @rustlang to people who have programmed in at least one other language like JavaScript, Ruby, or Python. https://t.co/ShVYPfeLwx

Just finished #ILF5K for @InnocentOrg! Such a great organization, please donate if you can! I'm really excited because this was my first 5K since healing my neck injury and getting off my heart medication of 10 years! Thanks #wehackhealth for the motivation!