Blog
Articles about reverse engineering, security, DevOps and web development by Rafael Cavalcanti da Silva.
SEO Case Study: From zero to Google's top — Part 2: Execution, tools and first results
Documenting the execution phase: automated ranking monitoring tools (Puppeteer + MongoDB), keyword expansion from 10 to 55, on-page optimizations, and cyber security strategy — with real code and measured results.
→Breaking 9 layers of DexProtector: Real-world reverse engineering of an Android banking app
Advanced reverse engineering analysis of a mobile banking app protected by DexProtector with 9 layers: encrypted DEX, ~2000 enc!5016 strings, JNI dispatch with 148 overloads, dynamic RegisterNatives, TEA-like stream cipher, ARM64 emulation with Unicorn, memory-only .so dump, ALICE anti-fraud bypass — all documented with real code and results.
→SEO Case Study: From zero to Google's top — Part 1: Diagnosis, tech stack and first steps
Real-time series documenting the process of ranking 'Rafael Cavalcanti da Silva', 'rafael cavalcanti', 'rafael' and 'root' on Google — using Astro, Nginx, Google Analytics 4, Search Console and advanced technical SEO techniques.
→Real-world Linux Server Hardening: 14 layers I apply in production with automation code
Advanced Linux hardening guide based on real infrastructure: SSH hardening + fail2ban + UFW + kernel sysctl + auditd + systemd sandboxing + nginx auto-fix + Redis bind + MongoDB auth + Postfix secure relay + automated backup with Google Drive + orchestrated restore via Go + Conky monitoring — all with production scripts and configs.
→NGINX in real production: Reverse proxy, auto-fix, multi-upstream, SSL automation and Go deploy with systemd hardening
Advanced NGINX configuration based on real infrastructure: 4 simultaneous upstreams, auto-detection of missing configs, iterative error fix, zone-based rate limiting, Go-generated nginx configs, SSL with certbot + self-signed fallback, systemd sandboxing, graceful shutdown in Go, WebSocket proxy and monitoring — all from production.
→