Awesome My Blogs

Awesome of Myself

Info

More about my collection which talk about multiple topics, and technologies in multiple field like AI, ML, DevOps, Security and moreover, with a little bit snippet which most of useful tool that I have tried 👍👍👍

Timeline: 2024 - Current

AI/ML/Data

• Awesome AI & ML & Data Engineer
• Awesome CDC

Architecture

• Awesome System Architecture
• Awesome API Gateway and Web Server
• Awesome Kafka
• Awesome NGINX
• Awesome Caddy
• Awesome Selfhosted

Certificates

• Azure AZ104

CI/CD

• Awesome GitHub Action
• Awesome Azure Pipelines
• Awesome GitLab CI
• Awesome BitBucket Pipelines

Cloud

• Awesome AWS Cloud
• Awesome Azure Cloud

Containerization & Kubernetes

• Awesome Containerization
• Awesome Docker CLI
• Awesome Docker Compose CLI
• Awesome Helm
• Awesome Kubectl Snippets
• Awesome Kubernetes
• Awesome Kubernetes Walkthrough

Database

• Awesome Database
• Awesome Elasticsearch & OpenSearch
• Awesome PostgreSQL
• Awesome MongoDB

Developer & DevOps

• Awesome Developer
• Awesome DevOps & System & Tech
• Awesome eBPF
• Awesome Git
• Awesome GitOps
• Awesome HTML & CSS
• Awesome Monitoring & Observability
• Awesome Terraform
• Awesome Ansible

InfoSec & Hacking

• Awesome Hacking and Infosec
• Awesome Cheatsheets InfoSec

Operation System

• Awesome Linux Profile
• Awesome Linux Shell commands
• Awesome Linux Shell scripts
• Awesome OS Linux and Window
• Awesome Powershell commands
• Awesome Windows Profile

Others

• Awesome Utilities Sites
• Awesome Quantum Computing

Azure Clouds Services

Info

Couple blogs and note is taken note when dive inside this cloud, learn and practice with these services. Azure is great thing and cool cloud that really impressive anyway.

Timeline: 2024 - Current

2024

• Azure AKS: Managed Kubernetes Service
• Azure App Service: A set of compute resources for a web application to run
• Azure Application Gateway: A load balancer for web traffic
• Azure pipeline and Azure DevOps: A automatically builds and tests code projects
• Azure Backup: The Azure-based service you can use to back up (or protect) and restore your data in the Microsoft cloud
• Azure Cloud Shell: Azure Command Line is designed for further use in Azure Portals instead of your machine
• Azure Container Apps: A serverless platform that allows you to maintain less infrastructure and save costs while running containerized applications
• Azure Container Instances: The simplest way to run a container in Azure, without having to manage any virtual machines
• Azure DNS: Enables you to host your DNS domains in Azure and access name resolution for your domains by using Microsoft Azure infrastructure
• Azure Entra: A cloud-based identity and access management service that enables your employees access external resources
• Azure Load Balancer: Delivering high availability and network performance to your applications
• Azure Monitor: A comprehensive solution that collects, analyzes, and responds to telemetry data from both on-premises and cloud environments
• Azure Network Watcher: Providing tools to monitor, diagnose, view metrics, and enable or disable logs for resources in an Azure virtual network
• Azure Policy: A service in Azure that enables you to create, assign, and manage policies to control or audit your resources
• Azure RBAC: A mechanism that can help you manage who can access your Azure resources
• Azure Site Recovery: A service that helps ensure business continuity by replicating workloads from a primary site to a secondary location
• Azure Storage: Microsoft’s cloud storage solution for modern data storage scenarios
• Azure Subscription: Helping you organize access to Azure cloud service resources, and help you control how resource usage is reported, billed, and paid.
• Azure Users and Groups: Account identity, Users and Groups in Azure Cloud
• Azure Virtual Machine: The basis of the Azure infrastructure as a service (IaaS) model
• Azure Machine Availability: Methodology to enhance the availability for Azure Machine
• Azure Virtual Network: An essential component for creating private networks in Azure

DevOps - Tutorials from zero to hero

Info

This session which talk about my growth up from zero to hero in DevOps career path when I took a position from intern to official in company. About tutorial and some technologies which need to learn and control to become DevOps

Timeline: 2023 - Current

2023

• DevOps Training Session 1: The flag view with DevOps
• DevOps Training Session 2: Networking
• DevOps Training Session 3: OS - Scripting with powershell & bash
• DevOps Training Session 4: Docker
• DevOps Training Session 5: NGINX
• DevOps Training Session 6: Cloud - Azure
• DevOps Training Session 7: Terraform
• DevOps Training Session 8: Cloud - IAM
• DevOps Training Session 9 + 10: Cloud - Networking - AutoScaling VM
• DevOps Training Session 11: Cloud - Pipeline (Azure-Pipeline)
• DevOps Training Session 12: Cloud - Packer
• DevOps Training Session 13: Cloud - K8s Overview
• DevOps Training Session 14+15: Cloud - K8s Networking, Configuration, Security && Storage

2024

• Devops Training Session 16: Setup Observability for Kubernetes

Do it yourself (DIY)

Info

The session which bring the experience when I try to self hosted or making a cool things by myself. It can be deliver for people which need to figure out something 🌍🌍🌍

And I talk about the experience when I work and approach new technics or technologies for first time. Learn from the scratch, and do interesting things. ✋✋✋

Timeline: 2023 - Current

2023

• Selfhosted NAS with Raspberry Pi 4
• Setup the virtual machine Linux and Windows for Agents and Azure-Pipelines
• Integration Performance Query for MySQL or PostgreSQL
• Setup MySQL with Wordpress in k8s - Easy migrate or not !!
• Ansible, Terraform and your first infrastructure
• Robust Scanner - Vulnerable Scanning
• Deploy your alert with Grafana by Terraform and some common error with K8s
• 0-downtime with Blue-Green Deployment
• Monitoring with Portainer
• Setup PostgreSQL with Ansible
• NTMA for anomalies detection and autoscaling
• Create Free SSL with Let’s Encrypt and Certbot

2024

• Profiling applications with Pyroscope
• Do self-hosted analytics platforms for you website with automatically SSL domain
• How can protect React secrets?
• Setup Environment for build android
• Build mobile with fastlane (Part 1)
• Build mobile with fastlane (Part 2)
• Fastway to deploy your application
• Play with Makefile for 1st time
• Compile gRPC for 1st time
• Build your wiki for 1st time
• Atlantis with ECS for automatic provisioning
• Create SSL Cert with ACM and Route53 for AWS Services
• Build mobile with Expo (Part 1)
• Build mobile with Expo (Part 2)
• AWS SSO from Self Gitlab Terraform Module Registry
• Switch Role between AWS Accounts
• Protect sensitive data and secret files with sops
• First EKS Cluster with Milvus DB
• Integration automation test with GitLab CI
• Digging into AWS Monitoring Stack
• Work with EKS and How to monitoring your Cluster

2025

• How to serve Java API with Maven and Tomcat
• How can I build my homelab with Docker Swarm
• DevOps and A Couple of things I learned (Vietnamese Version)
• Why you should use dependencies cache for your work
• Vault and Keycloak - The combination for rotation Vault Token
• GitLab Runner and Features of this platform

DueWeekly Tech

Info

The series is the collection of mine about news, tools and articles technologies during two weeks around the world 🌈

Timeline: 2025 - Current

2025

• Session 1: 30-12-2024 to 12-01-2025
• Session 2: 13-01-2025 to 26-01-2025
• Session 3: 27-01-2025 to 09-02-2025
• Session 4: 10-02-2025 to 23-02-2025
• Session 5: 24-02-2025 to 09-03-2025
• Session 6: 10-03-2025 to 23-03-2025
• Session 7: 24-03-2025 to 06-04-2025
• Session 8: 07-04-2025 to 20-04-2025
• Session 9: 21-04-2025 to 04-05-2025
• Session 10: 05-05-2025 to 18-05-2025
• Session 11: 19-05-2025 to 01-06-2025
• Session 12: 02-06-2025 to 15-06-2025

InfoSec & Security

CTF

Info

As you know from my profile, I started my journey as a CTF player and Web Pentester. CTFs, a field of competitive games and contests, were where I gained invaluable experience and truly found my footing in security. In this session, I’ll walk you through a challenge that required significant research to find the flag—it’s genuinely interesting and won’t waste your time.

Timeline: 2022 - Current

• Flag Hoarding mapleCTF (2022) - (misc/forensic)
• Dode ascisCTF (2022) (Misc/Forensics)
• Hack The Boo (Hackthebox-Forensic-2022)
• ICTF August 2022
• Image Editing - CTFLearn (Crypto/Hard)
• Write up about IDOR
• Write up about SSTI

Hackwekend Series

Info

This session is all about us taking the weekend to learn new things in security together. Let’s make the most of it and have some fun!

Timeline: 2022 - Current

• Hackwekend Session 0 - QRCode Vulnerabilities (Malicious QRCode gain access to reverse shell level) - About the vulnerable with QRCode, How we can gain access to victim machine and bypass QRCode
• Hackwekend - Session 1 (Pentester web - Security Lab) - About the vulnerable machine is take a look and gain access to collecting flag (CTF)
• Hackwekend Session 2 - Information Security, Team and Phishing Attack - The session talk about what and why we have InfoSec and work like a team. Additional, Talk about Phishing Attack, Questions and how to reproduce
• Hackwekend - Session 3 Attack and Exploit GraphQL ? - Session is about GraphQL, Dangerous with technologies and some challenge to find flag with CTF style
• Hackwekend Session 4 - Cloud Security (AWS EKS) - Session is about AWS EKS Security, Vulnerable in K8s Cluster and Play CTF to figuring out what should need protected (EKS Cluster Game prod by Wiz.io)
• Hackwekend Session 5 - Cloud Security (AWS IAM Policy) - Session is about AWS IAM, How to authentication or bypass methodology to read and list contents inside the S3 bucket, learn more about sns, sqs, cognito services of AWS Cloud (Big IAM prod by Wiz.io)
• Hackwekend Session 6 - Cloud Security (Network and Red Team) - Session is about more than cloud security, but more approach to networking and red team methodology to recon, attack the target with unique way like lateral movement, nfs, tcpdump, dnscan and istio, kyverno on kubernetes ( K8slan prod by Wiz.io)

Vulnerable Research

Info

Join me in this session as we explore web security and vulnerabilities, learning how to interact with real websites to uncover them.

Timeline: 2023 - Current

• Pentest Top 10 OWASP with Juice-Shop-OWASP
• SQL Injection - Part 1 (Practical PortSwigger)
• SQL Injection - Part 2 (Practical on PortSwigger)
• SQL Injection - Part 3 (Practical PortSwigger)
• Cross-site scripting (Practice on PortSwigger)
• Research about Top 10 OWASP
• Snyk vs Sonarqube - Securing your code
• Insecure Direct Object Reference (IDOR)
• Server Site Template Injection (SSTI)
• Authentication Bypass
• Content Discovery
• Subdomain Enumeration
• Walking An Application
• Top 10 OWASP
• Web fundamentals
• Cross Site Scripting ( XSS )
• SQL Injections
• GraphQL
• Command injection
• CVE-2023-34092 - Path Equivalence in Vite

Kubewekend Series

Info

Brand new series about kubernetes, and it will release at least one time a week on the weekend. On this session, I will share about kubernetes, networking, devsecops and moreover, It will give you idea, and practice environment to understand many new technologies. Try best and have fun with me 🙌🙌🙌

Timeline: July 2024 - Current

2024

• Kubewekend Session 1: Build up your host with Vagrant - This lab is take the topic around play and practice with vagrant - the software can help you provide the virtual machine in your host. First step way to setup kubernetes cluster inside your machine, and play with on next session
• Kubewekend Session 2: Setup Kind cluster with Ansible - This lab is practice with ansible the configuration for setup kind cluster inside machine on the previous session
• Kubewekend Session 3: Basically about Kubernetes architecture - This session talk about basically architecture and learn more fundamental components inside kubernetes, and what the structure of them inside clusters.
• Kubewekend Session 4: Learn about ebpf with hubble and cilium - This session will talk and learn about eBPF and the especially representation of eBPF are cilium and hubble to become main CNI of Kubewekend and talk about Observability of them
• Kubewekend Session 5: Build HA Cluster - This session is really pleasant when we talk about how can create HA cluster with kubewekend, learn more the components inside kubernetes and try figure out about network, security, configuration, container runtime and system via this session
• Kubewekend Session 6: CSI and Ceph with Kubewekend - This session is covered about topic storage inside Kubernetes cluster, how can they work with CSI Architecture and why we need to CSI Driver for handle this stuff. Furthermore, I try to practice with Ceph - one of popular storage opensource for Kubewekend cluster

2025

• Kubewekend Session Extra 1: Longhorn and the story about NFS in Kubernetes - This lab is try to take you to journey to learn about new CSI for Kubernetes, Longhorn and deliver you to new method to handle transfer large file via network by NFS protocol. I also provide more information about iSCSI, nfs-ganesha and technique rdma
• Kubewekend Session Extra 2: Rebuild Cluster with RKE2 or K3S - This article aims to provide you with insights into alternatives for self-hosting a full Kubernetes cluster. Both K3s and RKE2 are strong contenders worth considering to guide your decision. Focusing on the self-hosted approach with RKE2, I want to share more about my experiences working with it over the past four months.

Tech Research (What is)

Info

In this session, About the shared research for community which i make and find out how to play with it, setup and make usage or tutorial for doing something

Timeline: 2023 - Current

2023

• NGINX vs Apache ? How does it work? Why is NGINX compared to Apache –> How is it stronger and weaker?
• Different btw CMD vs Entrypoint vs RUN in Docker

2024

• What is Wrapper Pattern ?
• What is Helm?
• What is Milvus?
• Increase Quota and Limit of Cloud Services