Blog
All articles, write-ups, and research notes. Each post is companion content to a YouTube video.
-
Cookie Security: SameSite, HttpOnly, Secure, and __Host- Prefix
A practical guide to session cookie security attributes. What each flag does, how to test them, and what happens when they're missing.
-
Nomad TLS Configuration: Securing Cluster Communication
How to generate TLS certificates for HashiCorp Nomad servers and clients, configure mTLS, and fix common x509 errors.
-
Subdomain Takeover: Detection, Exploitation & Prevention
How dangling DNS records lead to subdomain takeovers, how to find them at scale, and how to prevent them in your own infrastructure.