Caching strategies in web apps can be a really helpful mechanism for performance improvement and for many other things, but also can be really harmful when is not measured or well thought.

This may sound a little dumb, and you may be asking, how the duck can possibly go wrong…


This third and final part of the API designing series will be focused on data security and pitfalls concerns. This is the most important thing in order to design an API because you should be aware of security since the foundations.

Security should be present anywhere, you can find vulnerabilities…


This second part is oriented on the architectural constraints of API development. These are a bunch of concepts that are extremely related to code work, in different aspects.

Code on demand

There are some products that establish the Code-on-demand constraints, where the server can extend client functionality by sending code, regardless of data…


APIs are the most common software piece used today for building products and services, these are considered as a kind of abstraction or middleware component for low-level system interactions.

Many authors skip the logic behind an API implementation and go straight on explaining how to use a framework and connect…


Photo by Maarten van den Heuvel on Unsplash

In this new post, I will be reviewing APIs management in a general manner because it is a quite vast topic. As you may already know, APIs are mechanisms used for exposing data between environments in an efficient way.

Many years ago, connecting or sharing data with a third-party component…


Cloud has evolved drastically in recent times. While ago, physical servers were everything, bare-metal machines managed by Datacenter operators, where you as a developer or a sysadmin were responsible for managing your own rented machine. Commonly there was an SLA for uptime and scaling reliability scenarios.

After that, virtualization tech…


I wanted to do this some time ago because there’s a lot of confusion about what is the next step to follow after new-comers web developers dominate or achieve fluid HTML work.

Frontend developers should be familiar with backend activities, regardless of doing it professionally, and not only in terms…


Continuing on this practice, we just covered SQLi definitions, types of possible attacks, how classic and blind SQLi work, data processing and its differences in HTTP, and two practical examples.

Doing things manually is great, but requires tons of effort just to prove a point, and depending on your skills…


Databases have been around since forever, and almost 50 years ago a lot of projects were put together and transformed into what is today known as SQL or the Structured Query Language. A lot of things came up just to get what we know today as a database.

Before going…


Photo by Adam Jang on Unsplash

The weakest link of software is not a technical factor, but a human.

Social Engineering is the suite of knowledge, strategies, and resources that looks to apply any type of physical manipulation (tricking people) to a specific or general target with a simple goal of accessing confidential information. …

David E Lares S

Backend Developer, Pentesting and InfoSec Student

Get the Medium app

A button that says 'Download on the App Store', and if clicked it will lead you to the iOS App store
A button that says 'Get it on, Google Play', and if clicked it will lead you to the Google Play store