This post presents a bash script that audits a VPS from an external perspective: port scanning, TLS configuration, security headers, path traversal, API authentication, and information leakage. The...

This post presents a complete VPS security stack: kernel hardening via sysctl, file change auditing with auditd, brute-force protection with fail2ban, automated updates with conditional reboots, Ge...

This post presents a zero-downtime token rotation system for rathole tunnels: the server generates new tokens, clients pull them automatically, and the server finalizes after a grace period. No man...

Your home server runs Ollama with a 4090, but you’re on a laptop at a coffee shop. Your lab SSH server sits behind NAT with no public IP. You want remote access, but port forwarding exposes service...

This post presents a Discord bot that monitors GPU utilization, training progress, and logs across multiple remote machines via SSH tunnels. The implementation enables training run monitoring from ...

Adding visual borders to elements typically involves the border property—which increases the element’s dimensions and affects layout. Box-shadow provides an alternative: visual frames that exist ou...

Desktop operating systems provide windowing interfaces where applications exist in movable, resizable containers. Recreating this paradigm in the browser requires no frameworks—vanilla JavaScript c...

Pandoc 3.x changed how it handles the tilde character (~) in Markdown-to-LaTeX conversion. Where earlier versions treated ~ as a LaTeX non-breaking space, Pandoc 3.x now emits \textasciitilde — a l...

Managing Docker Compose environments across development, testing, and production can become unwieldy as projects scale. Simple docker compose up commands evolve into sprawling collections of script...

Most git workflows assume a network connection. Clone from GitHub, push to origin, open a pull request. But entire categories of development happen where no network exists — classified defense syst...