Human exploiting machine logic π‘οΈ
Joined June 2025
- Tweets 505
- Following 291
- Followers 217
- Likes 791
92 Photos and videos
Jun 1
Interviewer:"Attackers are bypassing
your rate limiting by using multiple IP
addresses. How would you protect your
APl in production?
1
1
21
Jun 1
Short Answer
IP-based rate limiting alone is not enough in production because attackers can rotate IPs using proxies, VPNs, or botnets. Real systems use layered protection across identity, gateways, behavior analysis, and distributed enforcement.
System Design Perspective
1οΈβ£ Rate Limit by Identity, Not Just IP
Attackers can easily bypass IP-based limits.
Production systems also rate limit using:
* User ID
* API key
* Auth token
* Device fingerprint
* Session ID
π Prevents abuse even when IPs change constantly.
2οΈβ£ Distributed Rate Limiting with Redis
Single-server counters fail in distributed systems.
Use centralized stores like:
* Redis
* DynamoDB
* Distributed caches
to maintain global request counters across all API servers.
π Ensures consistent enforcement at scale.
3οΈβ£ API Gateway Enforcement
Rate limiting should happen before traffic reaches backend services.
Common gateways:
* Kong
* NGINX
* AWS API Gateway
* Spring Cloud Gateway
π Blocks malicious traffic early and protects backend infrastructure.
4οΈβ£ Web Application Firewall (WAF)
WAFs automatically detect:
* Bot traffic
* Malicious patterns
* Layer 7 attacks
* Suspicious request signatures
Tools:
* Cloudflare
* AWS WAF
* Akamai
π Adds another protection layer beyond application logic.
5οΈβ£ Behavior-Based Detection
Bots behave differently from real users.
Detect:
* Sudden traffic spikes
* Repeated request patterns
* Invalid headers/tokens
* Impossible user behavior
π Modern systems use anomaly detection and risk scoring.
6οΈβ£ Progressive Protection
Instead of immediately blocking users:
* Add CAPTCHA
* Introduce temporary throttling
* Require re-authentication
π Reduces false positives for legitimate users.
Key Insight
Production security relies on layered defenses, not a single rate-limiting rule.
One-Line Interview Closer
Modern APIs defend against distributed abuse using identity-based limits, distributed counters, gateways, WAFs, and behavioral detection systems.
15
May 28
5 windows hacks:
1. Map connections to PID:
netstat -abno 1
2. Hunt hidden persistence: Get-CimInstance -Namespace root\subscription -ClassName __EventConsumer
3. Dump cleartext Wi-Fi keys:
netsh wlan show profile name="SSID" key=clear
4. Sniff traffic without Wireshark: netsh trace start capture=yes
5. Spot malicious child processes: Look for Event ID 4688 in Security Logs
1
37
May 25
Correct Answer is C) 62.
quick breakdown π
A /26 mask leaves 6 bits for hosts (32 - 26 = 6).
Total addresses = 2^6 = 64.
Subtract 2 for the Network ID and Broadcast address.
64 - 2 = 62 usable host addresses
May 25
Networking Question ππ½. Give it a try.
How many usable host addresses are available in a network with the subnet mask /26?
A) 30
B) 32
C) 62
D) 64
2
46
May 24
AI is creating a massive career shift - and most people still donβt see it.
Companies are no longer hiring only coders.
Theyβre hiring professionals who can manage:
β AI Risk
β Cyber Threats
β Compliance
β Model Governance
β Data Privacy
β Third-Party Technology Risk
Because the biggest question today is not:
βCan we build AI?β
Itβs:
βCan we trust and govern it safely?β
This is where the next generation of high-value tech careers is growing rapidly.
And the best part?
You donβt need to be a hardcore developer to enter this field.
If you understand Risk Cyber AI Governance, youβll stay relevant for the next decade.β
2
51
May 24
This isnβt a government ban - itβs a highly calculated, intentional psychological operation designed to brainwash Gen Z into blind anti-government hatred.
They dropped a text tweet crying "dictatorship" because their website went down, but the technical backend data completely exposes their lie. They intentionally triggered this shutdown themselves from their own dashboard just to stage a fake crackdown for digital clout.
Here is the exact technical proof of how they staged it:
1. The clientHold Self-Sabotage:
Look at the WHOIS screenshots. The domain status is explicitly clientHold. In global network architecture (ICANN), a "client" status code means the action was pulled directly from inside their OWN Registrar panel.
They intentionally changed their own settings or manually hit suspend from their internal dashboard to deliberately kill the site's routing.
If a central agency or court actually legally seized or banned this domain, it would show a serverHold status. They are hiding behind a "client" status because THEY are the ones who pulled the plug.
2. Weaponizing Fake Narratives against Gen Z:
This is deliberate digital propaganda. They know the average Gen Z kid won't look up a DNS record or understand backend architecture. They intentionally turned off their own nameservers, watched the error screen appear, and typed up a fake "censorship" narrative to manipulate youth frustration for political points.
Stop running engineered victimhood operations to fool the youth. The network logs don't lie - you staged your own shutdown. π€‘πͺ³
The government has taken down our iconic website - cockroachjantaparty.org.
10 Lakh cockroaches had signed up on our website has members.
6 Lakh cockroaches had signed a petition to demand the resignation of Dharmendra Pradhan.
Why is the government so scared of cockroaches? But this dictatorial behaviour is opening the eyes of India's youth. Our only crime is we were demanding a better future for ourselves.
But you can't get rid of us that easily. Weβre working on a new home right now. Cockroaches never die. πͺ³
1
2
81
May 23
Which option is best suited for beginners?
Ubuntu
Fedora
Arch Linux
Mint Linux
1
107
May 22
RCSA is one of the most powerful tools in risk management.
And also one of the most misunderstood.
Most assessments focus on completion:
βWas the process followed?β
But the real question is:
βDid we actually identify the risk?β
A well-documented RCSA can still miss:
β’ Emerging risks
β’ Cross-functional dependencies
β’ Control effectiveness gaps
Because risk doesnβt sit neatly within processes.
RCSA should not be a checklist exercise.
It should challenge assumptions, expose weaknesses,
and drive uncomfortable but necessary conversations.
If your RCSA is always smoothβ¦
itβs probably not surfacing the real risks.
1
40
Apr 28
RoadMap To Master Networking
π Networking
Β βπ Basics
Β Β Β βπ Fundamentals, OSI, TCP/IP
Β βπ Technologies
Β Β Β βπ Ethernet, WAN, Wireless, Security
Β βπ Protocols
Β Β Β βπ IP, DNS, HTTP, FTP
Β βπ Routing/Switching
Β Β Β βπ Routing, Switching, VLANs
Β βπ Services
Β Β Β βπ DHCP, DNS, Proxy, Load Balancing
Β βπ Security
Β Β Β βπ Firewalls, VPNs, Best Practices
Β βπ Management
Β Β Β βπ SNMP, Monitoring, Troubleshooting
Β βπ Cloud
Β Β Β βπ Virtualization, Cloud Models, SDN
Β βπ Emerging Tech
Β Β Β βπ 5G, IoT, Edge Computing
Β βπ Certifications
Β Β Β βπ CCNA, CompTIA Network , CISSP
3
61
Apr 28
Tools and platforms that enforce Zero Trust in cloud environments:
1. Zero Trust Network Access (ZTNA): Solutions like Zscaler Private Access (ZPA), Cloudflare One, and Twingate replace traditional VPNs by providing identity and context-based access to applications, ensuring they remain invisible to unauthorized users
2. Identity & Access Management (IAM): Platforms such as Okta, Microsoft Entra ID (formerly Azure AD), and Google BeyondCorp Enterprise are central to Zero Trust, providing strong authentication (like MFA), single sign-on (SSO), and enforcing least-privilege access policies.
3. Cloud-Native Application Protection Platforms (CNAPP): Tools like Palo Alto Prisma Access and AccuKnox offer comprehensive protection by combining workload micro-segmentation, threat prevention, and compliance monitoring across multi-cloud environments
4. Microsegmentation: Platforms such as Illumio and Akamai Guardicore Segmentation enforce granular security policies within networks to prevent lateral movement after a breach by isolating workloads.
5. Secure Access Service Edge (SASE): Frameworks like Cisco SecureX and Forcepoint ONE converge network and security functions (including ZTNA, SWG, and CASB) into a cloud-delivered service, ideal for securing distributed workforces.
2
4
64
Apr 28
These tools work together to continuously verify users and devices, enforce least privilege, and segment access, forming the foundation of a cloud Zero Trust architecture.
2
42