Security writeups, tool internals, and practical guides.
Writing a log viewer that supports Veeam, IIS, SQL Server, Kubernetes, syslog, and a dozen others means solving the timestamp problem fourteen different ways. Here's how LogSleuth does it.
Read article →Scanning a million-file NTFS volume in seconds requires bypassing the directory tree entirely. Here's how DiskSleuth reads the Master File Table directly and what that buys you.
Read article →Windows Event Viewer hangs for seconds on a log with 100k entries. The API underneath is fast. The gap is entirely the UI. Here's a walk through building a responsive replacement — plus the wevtutil tricks that make the built-in tool almost usable if you're stuck with it.
Read article →Gutmann's 35-pass overwrite was designed for 1996-era magnetic storage. On a modern SSD it's pointless at best and harmful at worst. Here's what actually works, why, and a decision tree for choosing.
Read article →Every Windows admin has fought the 'file in use' dialog. I've built two tools that solve the same problem in wildly different ways — one in Rust with egui, one in pure C with no runtime — and the comparison is more interesting than either tool alone.
Read article →A deep dive into the cryptographic choices behind SwatCrypt — why XChaCha20 over AES-GCM, how Argon2id key derivation works, and the pitfalls I avoided.
Read article →I've shipped production apps with both frameworks. Here's an honest comparison of Tauri 2.0 and Electron from a solo developer's perspective.
Read article →How I monitor and protect my self-hosted infrastructure using Wazuh for SIEM and CrowdSec for crowd-sourced threat intelligence.
Read article →After years of building desktop apps in C# and TypeScript, I switched to Rust. Here's what convinced me and what I learned along the way.
Read article →