Posts
All the articles I've posted.
Strategies for Writing Useful Tests
Published: at 06:54 AMI used to hate writing tests—they felt like a waste of time, took forever to run, and broke constantly. Now I actually enjoy it. Here are the strategies that transformed my approach to testing from dread to delight.
How to Land the Right Tech Job for You
Published: at 12:45 PMJob hunting can feel like shopping for a new car—exciting at first, then intimidating and hopeless. Having been both a candidate and an interviewer, I've put together this comprehensive guide to help you navigate the process and land the right tech job.
How to Prepare for Talks
Published: at 02:09 PMPreparing for a technical talk can feel overwhelming, but I've learned something new every time I've given one. This 11-step process covers everything from choosing a topic to handling Q&A, helping you go from idea to presentation.
Answers to Django Security Questions
Published: at 06:56 AMI found a list of Django security questions but couldn't find clear answers anywhere. So I dug in and wrote them myself, covering everything from CSRF and SQL injection to password hashing and mass assignment.
Using Bandit in the Field
Published: at 03:17 PMAfter talking about Bandit, I wanted to see how it actually performed in the real world. This post shares my experience using Bandit to find vulnerabilities in Python projects and practical tips for integrating it into your workflow.
Finding Vulnerabilities with Bandit
Published: at 03:37 PMPython's dynamic nature makes it hard to catch security vulnerabilities statically. Bandit scans your Python code for common security issues. Learn how to use it to find problems before they reach production.
10 Software Talks to Listen to on Your Way to Work
Published: at 03:17 PMI felt like I didn't know enough as a developer, so I started listening to conference talks on my commute. Here are ten of my favorites that genuinely changed how I think about building software.
Dangerous Python Functions, Part 2
Published: at 02:33 PMIn part 2 of my dangerous Python functions series, I cover more risky functions like pickle.loads(), yaml.load(), and tempfile.mktemp(). These can lead to code execution, deserialization attacks, and race conditions.
Dangerous Python Functions
Published: at 02:33 PMPython's dynamic nature can lead to subtle bugs that are hard to catch. I've created a deck of cards highlighting dangerous Python functions like eval(), exec(), and input() that can cause security vulnerabilities or unexpected behavior.
The Sunglasses Scam
Published: at 02:09 PMI got banned from Ragnarok Online for "scamming" players with sunglasses. This bizarre experience taught me about cognitive biases and anchoring effects, drawing lessons from Daniel Kahneman's "Thinking, Fast and Slow."