A simple to use, GUI based penetration tool that's actually useful: Zaproxy



An impressive walk through of what happens when you type ''` into your browser. This article covers so many things, touching upon most things you're likely to work with as a programmer - and a good few more too!. A highly recommended read.

An enjoyable walk down memory lane with the grand master Eric S. Raymond himself: Things Every Hacker Once Knew.

The famous spelling mistake in the HTTP/1.0 specification, Referer instead of Referrer is blamed on the UNIX spell checker not having neither of them in its dictionary at the time they wrote the RFC. Check out this nugget from 1995.

Software Engineering Radio

Open Source License Business Perception Report

Linux & Unix

High quality vim screencasts are available free of charge at

Top 25 Nginx Web Server Best Security Practices not only gives you many good hints on tightening the security of nginx itself but also the machine itself on which it runs.

What is virtual memory? – Gary explains

I love when highly skilled engineers can explain something as advanced as SELinux in an easy understandable way: SELinux Concepts - but for humans

Do we really need swap on modern systems?

A tcpdump Tutorial and Primer with Examples

Man, I wish I knew about this before, it would save me pulling out network cables and dongles to get the base system up and running before installing the wireless card's firmware: Unofficial Debian CD images which includes firmware

Servers can run out of entropy (randomness needed to complete various tasks such as JAR signing, SSL connections), one way to mitigate this is to install haveged:

There's a timeout command

In GNU coreutils, which means it's installed on virtually all Linux machines, that lets you specify a maximum time for a command to complete, or else the command is killed.

$ timeout --signal KILL 10s create-backup

This will send the KILL signal (same as kill -9 <pid>) to the process running create-backup if it hasn't completed within 10 seconds.

The signal to send to the process can be any of the ones listed by kill -l.


Docker provides a great developer experience but it leaves many things to be decided when it comes to taking it into production:

Really interesting to see what's moving in the container world. RedHat is really shaking things up in the Docker world:

Interesting read on containers and challenges of sharing a kernel in spite of namespace & cgroups:

Reverse proxies

Finally got around to upgrade from Varnish 3 to 4. The folks at Varnish Software have been so nice to provide an upgrade guide which, albeit not a complete guide, is a good starting point:

nginx can do TCP load balancing now, making it an alternative to HAProxy in my setup:

Fluxbox as a tiling window manager, 2017-07-07

Fluxbox can re-arrange/tile all windows on the current desktop with the command ArrangeWindows. There are also similar commands like ArrangeWindowsStackLeft which lets the focused window occupy the left half of the screen, while Fluxbox stacks the others on the right. Now, there's nothing in the tiling window managers that appeal to me, Fluxbox has these features covered too!

I bound this command to Ctrl + Shift + s in `~/.fluxbox/keys:

Control Shift s :ArrangeWindowsStackRight

In the process of learning this,, I was reminded that nothing beats RTFM 🦐


An interesting extension to Cygwin: Babun


Locally test your npm modules without publishing them to


10 Fun Activities to Engage Your Dispersed Team


This text based space game is awesomely cool!

I love this Emoji cheat sheet, it's the :word: style strings that produce cute emojis in clients like Slack, Signal and Github.


Linux & Unix

Excellent live coding video spelling out in big letters what containers really are (tarballs). They're not the same thing a s virtual macines πŸ˜‰



This article made me laugh out loud, making everyone in the metro car think I was nuts πŸ˜‰:


The qemu advent calendar is a wonderfully geeky advent calendar, showing off geeky OSes for you to explore.


Great site for browsing emojis, complete with Unicode references. Good fun.

Nice CSS reference.


Web based diagram sketching tool:


If I asked by a colleague for good BASH resources. There's so much out there, but most of it are one liners, not really guidance on programming in the BASH language.

Here, I'll list some of the BASH resources I would recommend that goes beyond the one liner style:


Status of HA stack in Jessie:

Pearls of wisdom: DB failures: bytebot/lessons-from-database-failures

Expand/collapse in Emacs/markdown files

Why am I surprised, this is logical! To expand and collaps Markdown sections/headings in Emacs, just push the Tab key. I've been wanting this for so long, why didn't I just try to see if Tab worked? Duh!




rkt, a better way to run containers (than Docker's runC):



Linux & Unix







Open files faster in Emacs (and prettier)

As all Emacs users know, the shortcut Ctrl + x Ctrl + f opens a file. It's pretty neat with lots of shortcuts and Tab completion.


Today, I found a great improvement up find-file, namely ido-find-file. Lots of people rave about helm-find-file, but it doesn't allow me to Tab complete may way down the directory tree and that just drives me nuts! ido-find-file on the other hand, works pretty much as the traditional find-file, but enhances it by fuzzy matching, vertical menu (thanks to ido-vertical-mode) and different colour coding of files directories and:


Navigate to a function in your Python, C, Java, Elisp file

There are lots of great special purpose extensions for your favourite language in Emacs (e.g. I use emacs-eclim for Java), but there's a small gem called imenu which gives you a lot of this for free without any setup of any can.

It scans the source code in your buffer and provides these in a menu. Combining this with a completion like helm-imenu, you have a really neat simple code navigation for any source file you open. No setup required.

For the time being, I prefer using vanilla imenu together with ido-ubiquitous and ido-vertical-mode over helm-imenu as ido gives a faster experience and it doesn't alter my UI too much. Try it out!


An turbo charged buffer list

I'm experimenting using helm-mini instead of the standard list-buffers command for listing the buffers open in Emacs. The advantage of helm-mini over the default option is apart from pretty colours, fuzzy regexp matching of buffers. For instead, here I filter the open buffers to only show anything related to shell scripts:




Navigate to the previous tab

Just like Alt + Tab on your desktop, just use Ctrl+ Tab to navigate to the previous tab you were at.

Except that it doesn't work the way you expect it to. It only cycles between the tabs.

Enter the "Firefox registry" by writing about:config in the address bar. Then navigate to this key and set it to true:

Quckly find any tab

Ctrl + Shift + e

And type something matching that tab's title.


Adobe has a really nice font called Source Code Pro, to start Emacs with this found, you can do:

emacs -fn 'Source Code Pro:pixelsize=14' &


Meteor a JS framework with persistent storage and automatic syncing of all clients' and server's storage. From never having heard about it, to having a working multi user chat system up and running, it took 30 minutes.

Package repository of Meteor modules: AtmosphereJS


A hidden gem in the Fluxbox window manager is the client menu which gives you a list of all the open windows on all workspaces. I've bound it to Ctrl + Shift + y like this in my ~/.fluxbox/keys:

Control Shift y         :ClientMenu

Finding it was indeed a great discovery and I've happily used it for a couple of years now. This week, I discovered something equally useful: You can navigate the client menu (window list) by simply typing the first letters of its title.

client menu

Here, I've types "emacs" to navigate to the Emacs window.


Discovered that the more I read about character sets and character encodings, the more I know that I don't know. Nevertheless, I've learned a LOT while preparing for my JavaZone talk:


MySQL's utf8 encoding type on columns and tables isn't proper UTF-8, it only supports up to 3 byte characters, not 4 bytes as UTF-8 can grow to.

To be able to insert the whole spectre of Unicode that UTF-8 supports, you must set up your MySQL database to use the encoding type called utf8mb4.

A good article on the topic can be found here


Shutter is an excellent tool for creating screenshots on the Linux desktop. For years, I've used my own made command based on imagemagick, but I've lately started to use Shutter more and more as it simply has more features.


Running occur in Emacs gives you nice listing of all lines in the current file with an occurances of your search query. Here, I search for all lines containing db.get:

emacs occur

The hits are both clickable and iteratable with the standard next-error mechansim (by default bound to C-`).


This excellent article at W3C explains how to center things on a web page (including images) using the standards, i.e. by not using <center/>.


You cannot create files directories on Windows starting with a dot and no suffix. Try this: create a directory in Windows Explorer called ".ssh".

Windows will not only fail to do this, but ask you to enter a file name as if you hadn't written anything at all.

Apparantly this is something inherited from the days of old, i.e. Windows' DOS heritage.


Ugly looking capitalised music, pictures, documents directories begone! I prefer to have all my directories and files lower case. It's easier on my eyes and it reads faster. Thus, I've hated how GNOME and others enforced a pile of directories with names like "Documents" and "Music" on me. Deleting them was no good as some kept coming back and my actual music and document directories didn't get the icon decoration that their capitalised counterparts got.

As you can understand, I was thrilled when I discovered today that sanity was a mere text edit away (I thought so!):

$ vim ~/.config/user-dirs.dir

And then set these to my preferred directories:


Logging out and in again in GNOME gave immediate success. The file manager even had my "pictures" and "music" and "tmp" directories nicely decorated with meta icons.


puppet-lint will not only spot errors and deviations from Puppet Lab's best practices, it will also fix many of these issues for you:

$ puppet-lint --fix init.pp



When using GNU sed, you can use much more powerful regular expressions by passing the --regexp-extended switch to sed.

Passing --regexp-extended, or just -r, also makes some of the syntax easier as you don't have to escape group parenthesis and I find sed overall becomes more predictable using this switch.



It's easy writing presentation slides using Markdown and generate these into beautiful HTML5 slides with CSS3 transitions from reval.js by using pandoc

Previously, I've been using an exporter to Emacs org, but pandoc is so much more stable and flexible.


PlantUML is a great command for generating diagrams from plain text files. It also sports a Confluence plugin - among other things.


This presenter at Computerphile, he's absolutely brilliant. It's rare to find someone so technical in computer science being so good at presenting.


Flask: Impressed with what I've read and tried out so far. In less than 20 lines of code, I've a standalone micro service Python application which routes different HTTP URLs to internal methods, reads user input and outputs JSON objects.

From the (first hour) look at it, it seems that Flask strikes just the right balance between simplicity and bare bones Python on the one hand and support for real world world features like security, complex objects, templating, database integration, application types, error handling, logging and easy deployment on the other.



I've read about these free HTML grids before, but I didn't check them out to see how simple and beautiful they were before now.

html grids


Excellent geeky comic strips: commitstrip

commit strip comic


Idle highlight mode gives you IDEA/Eclipse-like highlighting of other uses of the variable/method under your cursor. It only triggers after a slight delay, which is excellent.

idle highlight



Scaling communication: email vs shared documents by Vivek Haldar.





Steve Yegge is as always dead on. This post explains why every coder worth his or her salt should learn to type: Programming's Dirtiest Little Secret

Licensed under CC BY Creative Commons License ~ βœ‰ torstein.k.johansen @ gmail ~ 🐘 ~ 🐦 @torsteinkrause