List: Reading list | Curated by THE HOW TO BLOG |Siddhanth Dwivedi

Feb 11, 2025

42 stories

Reading list
In
We’ve moved to freeCodeCamp.org/news
by
Shubheksha
How to find your first open source bug to fixWhen you’re new to open source, you’ll find yourself asking:
Sep 21, 2016
2.4K
22
Sep 21, 2016
2.4K
22
In
AWS in Plain English
by
Pankaj Makhijani
Streamlined AWS Monitoring: Effortless Workload Oversight through Dashboards and AlarmsIn this ever-evolving world of technology, servers serve as the backbone of the entire field. Whether dealing with monolithic or…
Jan 29, 2024
27
Jan 29, 2024
27
In
Python in Plain English
by
Builescu Daniel
10 Python Projects You Can Start Today and Monetize Tomorrow🚀 Dive into 10 Python projects with HUGE potential! Turn your code into cash. 💰 Ready to unlock the magic? 🔗
Aug 10, 2023
1.2K
18
Aug 10, 2023
1.2K
18
In
Dataminded
by
Niels Claeys
How we reduced our docker build times by 40%This post describes two ways to speed up building your Docker images: caching build info remotely, using the link option when copying files
Oct 4, 2023
2.3K
18
Oct 4, 2023
2.3K
18
In
Bugs That Bite
by
Teri Radichel
Bug Deleting AWS Identity Provider from CloudFormationScenario: Deleting an IDP with a dynamic Secrets Manager reference
Feb 18, 2023
Feb 18, 2023
In
Lyft Engineering
by
Alex Chantavy
Vulnerability Management at Lyft: Enforcing the Cascade [Part 1]
Nov 17, 2022
385
7
Nov 17, 2022
385
7
In
AWS in Plain English
by
Sena Yakut
Stop Your AWS S3 from Being HackedIn this blog, I’ll show you a nightmare scenario that could happen if you’re storing your secrets in a publicly accessible AWS S3 bucket…
Sep 18, 2022
196
1
Sep 18, 2022
196
1
Alan Blackmore
AWS Compliance ReportingWe are pleased to announce the general availability of AWS Compliance Reporting as an addition to our AWS diagram tools. Hava’s new…
Apr 28, 2021
1
Apr 28, 2021
1
In
Gecogeco
by
Kevin Dico
Simplify your AWS security audit with Scout Suite (Python)Also supports GCP, Azure, and Alibaba Cloud.
Dec 6, 2021
64
Dec 6, 2021
64
In
ITNEXT
by
The Devops Guy
How I reversed a NodeJS malware and found the authorTo give a bit of context, I am a Discord admin on a small server about development, and we recently got a report from one of our users that…
Jan 30, 2022
1.4K
13
Jan 30, 2022
1.4K
13
Jawadhasan
AWS Route 53 Basics — Subdomains and S3 BucketsIntroduction
Feb 4, 2022
50
Feb 4, 2022
50
Steve Mak
How to enable docker remote API on docker host?Navigate to /lib/systemd/system in your terminal and open docker.service file
vi /lib/systemd/system/docker.service
Apr 30, 2018
218
10
Apr 30, 2018
218
10
Luke Stephens (@hakluke)
How to achieve enterprise-grade attack-surface monitoring with open source softwareAttack surface monitoring has become increasingly important and popular in recent years as the internet footprint of organizations has…
Jul 21, 2021
30
Jul 21, 2021
30
In
ShiftLeft Blog
by
Chetan Conikee
Log4Shell : JNDI Injection via Attackable Log4JApache log4j2 is one of the most widely utilized logging library in the Java ecosystem. Many applications depend on log4j that include and…
Dec 12, 2021
167
Dec 12, 2021
167
Eli Cyber Security
Leaked FBI document reveals how the agency can access data from WhatsApp, WeChat, iMessage…We all know that social media platforms and instant messaging services are really unfriendly to the privacy of their users, although we are…
Nov 30, 2021
57
3
Nov 30, 2021
57
3
Mahmoud Youssef
How I Found multiple SQL Injection with FFUF and Sqlmap in a few minutesHello all, hope you’re OK. Our journey today is about how I found multiple SQL Injection in a BugBounty program in just few minutes with a…
Nov 6, 2021
1.4K
14
Nov 6, 2021
1.4K
14
Aswin Thambi Panikulangara
Playing With s3 — LeaksHi Everyone,
Jul 29, 2021
155
Jul 29, 2021
155
Infosec world
OSRFramework - Recon toolWelcome back ! after a very long time
Sep 22, 2021
3
Sep 22, 2021
3
Astik Rawat
Passed OSCP with 100% in 15 hoursHi everyone, I am back with OSCP this time. I wanted to share my full journey on how I passed OSCP in the first attempt and was able to…
Sep 2, 2021
326
4
Sep 2, 2021
326
4
Behnam Yazdanpanah
chaining bugs from self XSS to account takeoveringredients for P2 account takeover=
self XSS + WAF bypass + csrf bypass
Sep 2, 2021
192
1
Sep 2, 2021
192
1

Reading list

How to find your first open source bug to fix

When you’re new to open source, you’ll find yourself asking:

Streamlined AWS Monitoring: Effortless Workload Oversight through Dashboards and Alarms

In this ever-evolving world of technology, servers serve as the backbone of the entire field. Whether dealing with monolithic or…

10 Python Projects You Can Start Today and Monetize Tomorrow

🚀 Dive into 10 Python projects with HUGE potential! Turn your code into cash. 💰 Ready to unlock the magic? 🔗

How we reduced our docker build times by 40%

This post describes two ways to speed up building your Docker images: caching build info remotely, using the link option when copying files

Bug Deleting AWS Identity Provider from CloudFormation

Scenario: Deleting an IDP with a dynamic Secrets Manager reference

Vulnerability Management at Lyft: Enforcing the Cascade [Part 1]

Stop Your AWS S3 from Being Hacked

In this blog, I’ll show you a nightmare scenario that could happen if you’re storing your secrets in a publicly accessible AWS S3 bucket…

AWS Compliance Reporting

We are pleased to announce the general availability of AWS Compliance Reporting as an addition to our AWS diagram tools. Hava’s new…

Simplify your AWS security audit with Scout Suite (Python)

Also supports GCP, Azure, and Alibaba Cloud.

How I reversed a NodeJS malware and found the author

To give a bit of context, I am a Discord admin on a small server about development, and we recently got a report from one of our users that…

AWS Route 53 Basics — Subdomains and S3 Buckets

Introduction

How to enable docker remote API on docker host?

Navigate to /lib/systemd/system in your terminal and open docker.service file vi /lib/systemd/system/docker.service

How to achieve enterprise-grade attack-surface monitoring with open source software

Attack surface monitoring has become increasingly important and popular in recent years as the internet footprint of organizations has…

Log4Shell : JNDI Injection via Attackable Log4J

Apache log4j2 is one of the most widely utilized logging library in the Java ecosystem. Many applications depend on log4j that include and…

Leaked FBI document reveals how the agency can access data from WhatsApp, WeChat, iMessage…

We all know that social media platforms and instant messaging services are really unfriendly to the privacy of their users, although we are…

How I Found multiple SQL Injection with FFUF and Sqlmap in a few minutes

Hello all, hope you’re OK. Our journey today is about how I found multiple SQL Injection in a BugBounty program in just few minutes with a…

Playing With s3 — Leaks

Hi Everyone,

OSRFramework - Recon tool

Welcome back ! after a very long time

Passed OSCP with 100% in 15 hours

Hi everyone, I am back with OSCP this time. I wanted to share my full journey on how I passed OSCP in the first attempt and was able to…

chaining bugs from self XSS to account takeover

ingredients for P2 account takeover= self XSS + WAF bypass + csrf bypass

THE HOW TO BLOG |Siddhanth Dwivedi

Reading list