Show newer

Let us not beat around the bush: Rust is not easy to learn. It took me nearly 1 year of full-time programming in to become proficient, but it's absolutely worth it.

It requires a complete mental model switch 👉 kerkour.com/rust-mental-models

When 2 parties, let's say Alice and Bob, want to exchange messages over an insecure channel, they need to find a way to share a secret that can't be guessed by potential eavesdroppers

Here is how 👉 kerkour.com/end-to-end-encrypt

World is in turmoil.

While I can't predict what will happen on the physical side of things, there is one thing I'm sure: Cyberwar will intensify a lot in the coming weeks / months.

This is why I decided to create a big discount for my book Black Hat Rust.

More details + coupon: kerkour.com/black-hat-rust-dis

What is your definition of success?

The answers to this question are almost universally the same:
- Making a lot of money
- Having a lot of sxx partners
- Being a famous

And these answers are universally wrong. They are the default answers, dictated by universal metrics, which are the lowest denominators of the ~8 billion Humans.

👉 kerkour.com/alignment

Due to its unmatched reliability and efficiency, Rust is greatly appreciated for web services

But it may be hard to choose which one to use

This is why I just did this comparative analysis to help you decide
👉 kerkour.com/rust-web-framework

[best of]

Writing shellcodes directly in assembly gives you absolute control over what you are crafting, however, it comes with many drawbacks

Here is how to Write your shellcodes in Rust 🦀😈
👉 kerkour.com/blog/shellcode-in-

A great part of Rust's reliability story comes from its error handling ergonomics

Here is the simplest guide about error handling I would have loved to have if I started Rust today 🦀

👉 kerkour.com/rust-error-handlin

Let’s say we want to build a service using end-to-end encryption, a hosted password manager for example

Here is how to securely use only 1 password for both authentication and encryption

👉 kerkour.com/end-to-end-encrypt

Like a lot of people, I used to be a pathological maximalist. A phone with more features is necessarily better, a company with more people is better, a program with more lines of code is better, a house with more stuff is better....

Until the day when reality hit me in the face: there is a direct relationship between “more” and “complexity”

Here is how I did to reduce chaos in my life and projects

👉 kerkour.com/entropy-is-fatal/

Rust is a rather large and complex programming language with a lot of features. But I have good news: less than 20% of the features will bring you more than 80% of the results.

Here are the features I consider indispensable to learn when you are starting Rust.

Ready to dive? 🦀

👉 kerkour.com/indispensable-rust

Last week, we saw the difference between Cooperative and Preemptive scheduling and how it enables resources-efficient I/O operations. Today, we are going to learn how a runtime works under the hood.

👉 kerkour.com/rust-async-await-w

In my opinion, the so called “clean architecture” is too complex, with its jargon that resonates only with professional architects and too many layers of abstraction. It’s not for people actually writing code.

Today I present another approach, equally flexible but much simpler That I have used with success for projects exceeding tens of thousands of lines of code in Rust, Go, and Node.JS.

kerkour.com/rust-web-applicati

Threads have problems: they were designed to parallelize compute-intensive tasks. However, today, a lot of applciations are I/O (Input / Output) intensive.

There are mainly 2 ways to deal with I/O tasks: preemptive scheduling and cooperative scheduling.

Let's see the differences between preemptive scheduling and cooperative scheduling.

kerkour.com/cooperative-vs-pre

Last month we saw how to encrypt large files files that don’t fit in memory using a streaming cipher. The article presupposes that you already have a secure key generation mechanism.

Today, we are going to see how to securely encrypt data using an insecure password 🔒

kerkour.com/rust-file-encrypti

Last month we saw how to encrypt large files files that don’t fit in memory using a streaming cipher. The article presupposes that you already have a secure key generation mechanism.

Today, we are going to see how to securely encrypt data using an insecure password 🔒

kerkour.com/rust-file-encrypti

The past few weeks I implemented an API that relies on Cookies for authentication. When working with Cookies you should always be extremely careful not to introduce CSRF vulnerabilities.

How to attack CSRF vulnerabilities? And how to defend?

Let's find out!

kerkour.com/csrf

The past few weeks I implemented an API that relies on Cookies for authentication. When working with Cookies you should always be extremely careful not to introduce CSRF vulnerabilities.

How to attack CSRF vulnerabilities? And how to defend?

Let's find out!

kerkour.com/csrf

As we saw 2 months ago, supply chain attacks are more and more common, and their frequency is only going to increase because backdooring dependencies is easy, and detecting a backdoor in an ocean of third-party code is hard.

So here is how to set up secure and immutable development environments with Dev Containers

kerkour.com/secure-programming

I’m happy to announce that you can now purchase Black Hat Rust with PayPal, Apple Pay and Google Pay 🎉

Go here to buy the ebook with any of these payment methods: kerkour.com/black-hat-rust

Happy end of the year 🍾

Learn more here 👉 github.com/skerkour/black-hat-

I’m happy to announce that you can now purchase Black Hat Rust with PayPal, Apple Pay and Google Pay 🎉

Go here to buy the ebook with any of these payment methods: kerkour.com/black-hat-rust

Happy end of the year 🍾

Learn more here 👉 github.com/skerkour/black-hat-

Show older
Mastodon

The social network of the future: No ads, no corporate surveillance, ethical design, and decentralization! Own your data with Mastodon!