:::info :bulb:This article doesn't claim to be academically "correct", rather it serves as an elaborated lesson-learnt from author. Take it with a grain of salt! ::: axiom_dashboard Developing a backend or fullstack Node.js app has become easier—maybe even trivial—these days. It’s "easy" enough to learn, and you have access to a wide range of actively maintained libraries and tools, from UI kits and modern frontend frameworks to REST frameworks, authentication, and even digital payment integration. But this ease and simplicity come with trade-offs, especially on the backend. JavaScript (Node.js) is fundamentally slower than backend-native languages like Go, Java, or C#. So, if you want performance that's on par with those technologies, you'll need to invest effort into optimization across your development process.

[Forensics] Trail Writeup - Arkavidia CTF 2025 Table of Contents TL;DR image Challenge Description It's been a month since I lost my fiancé, and I am deeply grateful to you for investigating and providing me with the chronology of events. It seems that God has answered my prayers. According to the police report, the criminal organization was actually in conflict with another group called Stan. Stan successfully carried out a phishing campaign against them. This morning, I received news that the police managed to arrest the broker responsible for launching the phishing campaign and successfully obtained network traffic data from his computer. While it's unlikely that this case will lead me to my fiancé, I can't help but hold on to a sliver of hope.

[Forensics] Direct-Love Writeup (TCP1P International CTF 2024) Table of Contents TL;DR image Challenge Description My fiancée, Mizuhara Chizuru, lent her laptop to one of her friends. Her friend downloaded files using a peer-to-peer protocol on Windows. However, not long after, one of Chizuru's important documents went missing. There's always something with my fiancée :D

:::info :bulb: This article doesn't claim to be 100% correct and should not be used as reference in academic manner. ::: Video is basically a group of pictures or images that are shown alternately called frame. Usually, the video we see in everyday life has 30 FPS rate, this means that for every 1 second, the video displays "approximately" 30 frames. Since each frame is basically an image, it means the frame consists of pixels. Each pixels use 3 different color channels to represent graphic, namely Red, Green, and Blue (RGB) each sized 1 byte. Video (to be exact, the frame) has several resolutions, the currently common one is FULL HD or 1920 x 1080 pixels. Using the information we established above, that means, for every 1 frame of FULL HD resolution, it takes around 1920 x 1080 x 3 == 6220800 bytes of storage. and for every 1 second of video, it takes around 30 x 6220800 == 186624000 bytes (~ 186 MB) of storage. This situation makes video storing, processing and delivery infeasible, hence we need to somehow compress the video

How Grafana Cloud and Prometheus Can Help on Resource Monitoring grafana-logo Ensuring the reliability of your application on production is not an easy task. There are many variables and metrics to be considered and measured. One might think to create his/her own scripts, cronjobs, or any automation process to help them monitor the resources being used, but it might not be comprehensive and full of bugs. To resolve this issue we can leverage the existing and one of the most popular "FREE" monitoring tools, Grafana and Prometheus. Prometheus is the actual "agent" that does the realtime data acquisition for certain metrics, and those data will be processed, analyzed, and served on a dashboard platform that is provided by Grafana. Pretty neat isn't it? In this article We won't discuss on how to set Grafana and Promethus up, rather We'll discuss metrics and insight that these two tools can provide to help you plan and analyze your system resource towards system reliability. 💻CPU and System Usage

Exposing App Inside of Running Kubernetes Pod :::info :warning: This article only represent me, an indie software engineer who likes to explore new things. Read it with a grain of salt! ::: Kubernetes (or k8s) might comes in "handy" for mid to large-scale applications orchestration, but sometimes it can be challenging deploying app when you have limited to none basic or fundamental knowledge of how kubernetes works. You might even have not got the time to learn since there are many topics to cover or you simply can't grasp the idea even after hours of reading. Either way, rather than spending your time to grasp the concept hollistically with no concrete result, it's better to learn and implement the knowledge little by little. In this article, we'll discuss one of the most basic topic that is exposing your app on running pod for cluster-external access. 🏗Kubernetes Architecture

:::info :warning: This article only represent me, an indie software engineer who likes to explore new things. Read it with a grain of salt! ::: Having taken the baby step--that is developing your side project apps by ourselves--, the next step for us software engineers is to learn how to work as team in software engineering project. As project get bigger and complex and as stakeholders are increasing, you'll inevitably need help to develop the project and have to work as a team with others. Therefore, to ensure each member can adapt with the team members and to be able to follow the dynamic of the team, each member of the team has to know and consent to certain ways of doing things, be it protocols, tools, or convention. This article will serve as an initial guide that may contain several useful topic to help you get started to work as a team member.

:::info :warning: This article only represent me, an indie software engineer who likes to explore new things. Read it with a grain of salt! ::: Shut up, just ship faster! One might think, this topic is boring and kind of useless. Well, That's also me until I started developing projects that's incrementally getting bigger and bigger. Trust me, If you are developing and maintaining medium to big projects with incremental update (features, integrations and bug fixing) you are gonna NEED THIS. If you are only doing small projects and still think this article is useless, surely you are free to go. This article will be waiting for you any time in the future :crossed_fingers:

:::info :warning: This article only represent me, an indie software engineer who likes to explore new things. Read it with a grain of salt! ::: I know the title might be controversial, who would use TDD in real agile-production anyway? I too honestly think that TDD should not be used, until I deal with (developing) application which has many API endpoints with sensitive informations. In such case, application security is critically crucial, because basically when you add new API endpoint to your app -- consequently -- you are "adding" more attack surface / entrypoint to your app, therefore putting your application sensitive data and feature onto risk. In this article we will discuss, how we as software engineers can and should leverage TDD when creating APIs to make our app achieve -- bare minimum -- production-ready application security. :green_book: Test-Driven Development Test-Driven Development or TDD is a paradigm in software engineering that mandates us to create features based on sets of test that has already made beforehand, therefore the test cases will "drive" our development goals and pace when creating related features. In a nutshell, we develop features that should passes all the test listed, therefore achieving application that's -- supposedly -- robust and production-ready.

:::info :warning: This article only represent me, an indie software engineer who likes to explore new things. Read it with a grain of salt! ::: Do you ever found yourself building applications with different dependencies and environments that you find yourself -- subsconciously -- creating a microservices-alike infrastructure? At the beginning, you might say "ah yes, adding 1 or 2 more services to do task x and y is ok" and suddenly you are in the middle of bunches of containers which you can barely manage, let alone CI/CD, releases and all tedious stuffs that follows. Relax, I've experienced that. In fact, that's the sole motive which drives me to write this article. This article will guide you on how to orchestrate your application throughout its lifecycle by leveraging automations.