Vaktibabat
A technical weblog on cryptography, Rust, and systems security.
Tagline
Rust, crypto, and systems writeups
Implement cryptography, not just read papers
Hands-on security and reverse engineering notes
Low-level performance tricks, explained with code
The blog for engineers who want to implement cryptography and systems algorithms, not just read about them.
The post list is packed with implementation-first topics across Rust, Go, CUDA, and security; that makes the site feel like a practical lab notebook, not a generic dev blog.
An alternative to academic cryptography resources and shallow tutorials.
Schnorr, Merkle trees, SMPC, and secure chat posts suggest a middle ground between papers and copy-paste tutorials, which is a clear niche for technical readers.
A pain-killer for developers learning security by building real projects and CTF tooling.
The mix of CTF writeups, malware/reversing tags, and protocol implementations makes the content useful for people who learn best through hands-on exploit, defense, and build exercises.
Primary user
Security-minded software engineer who reads implementation-heavy Rust and crypto tutorials
ICP #1
Rust developer working on security tooling or protocol implementation
Pain
They need concrete examples for implementing cryptographic primitives correctly, but most resources are either academic papers or oversimplified tutorials.
Why this solves
Posts like 'Implementing Schnorr's Protocol in Rust' and 'Implementing Merkle Trees in Go' suggest step-by-step, code-oriented explanations that bridge theory and working implementation.
ICP #2
CTF competitor and reversing hobbyist
Pain
They want practical writeups that show attack paths, tooling, and reasoning, not just final answers.
Why this solves
The blog includes dedicated CTF content like 'My FLARE-ON 2024 Writeups!' and 'My idekCTF 2024 Writeups!', which likely offer exactly that kind of procedural breakdown.
ICP #3
Systems engineer optimizing data-intensive code
Pain
They are trying to understand how to make algorithms faster with low-level techniques like SIMD, GPU acceleration, or language/runtime tradeoffs.
Why this solves
Articles such as 'Fun With HyperLogLog and SIMD' and 'GPU-accelerated hash cracker with Rust and CUDA' signal performance-focused engineering content with real implementation detail.
Strengths
- +The homepage instantly communicates the author's technical depth through specific post titles and tags.
- +Navigation is clean and predictable: home, categories, tags, archives, about, RSS.
- +The content mix clearly signals a niche: Rust, crypto, performance, reversing, and CTFs.
Weaknesses
- −There is no explicit positioning statement beyond 'Yoray Herzberg's Weblog,' so first-time visitors have to infer the niche from post titles.
- −The homepage is content-rich but not outcome-rich; it never says who the blog is for or why to subscribe.
- −The brand name 'Vaktibabat' is memorable but opaque, which hurts discoverability and immediate comprehension.
- −There is no featured-post hierarchy, so the strongest or most strategic articles are not being used as conversion assets.
- −The page feels like a personal archive, not a deliberately designed audience-growth landing page.
Fix these
- Add a one-sentence hero subheader that says exactly what the blog covers, such as 'Rust, cryptography, reversing, and systems performance writeups.'
- Create a featured posts section for the highest-value articles: Schnorr, Merkle trees, HyperLogLog/SIMD, and FLARE-ON writeups.
- Add a 'Start here' page for new readers segmented by interest: crypto, Rust, CTFs, and optimization.
- Rewrite the About page to explain the author's background and the kind of reader the blog serves.
- Use clearer subscription CTAs above the fold, especially RSS and email, since the current page relies on passive browsing.
Drop-in replacement copy
Headline
Implementation-first crypto and systems notes
Rust, cryptography, reversing, CTFs, and performance writeups from real projects.
Learn the code, not just the theory
Posts break down cryptographic primitives and systems ideas in a way you can actually implement. You get the reasoning, the code path, and the sharp edges.
Find the right topic fast
Browse by category, tag, or archive to jump straight into crypto, Rust, reversing, CTFs, SIMD, and GPU work. No hunting through generic content.
See how real security work is done
The blog includes CTF writeups, protocol experiments, and low-level security notes. That means attack paths, tooling, and mistakes - not just final answers.
Subscribe without friction
Follow via RSS and keep up with new technical posts as they land. The site is built for readers who want the next deep dive, not a marketing drip campaign.
FAQ
Who is this blog for?
Rust developers, security engineers, CTF players, and systems programmers who want implementation-level technical writeups.
Is this beginner-friendly?
Some posts are advanced, but the best ones explain the code and reasoning step by step. If you like learning by following real examples, you’ll be fine.
What topics do you cover?
Cryptography, Rust, reversing, CTF writeups, SIMD, GPU acceleration, algorithms, and security experiments.
How often do you publish?
Whenever there’s a writeup worth publishing. It’s an engineering blog, so quality and depth come before schedule.
How should I follow along?
Use the RSS feed to get new posts, or browse by category if you want to start with crypto, Rust, or CTF content.
Most crypto tutorials stop before code. Vaktibabat is where I write the implementation-heavy version: Rust, cryptography, reversing, CTF writeups, and systems performance. If you like learning by building, subscribe to the RSS feed.
I kept seeing the same gap: papers are too abstract, tutorials are too shallow. So I started publishing the kind of writeups I wanted to read: Schnorr in Rust, Merkle trees in Go, HyperLogLog with SIMD, GPU hashing, and CTF breakdowns. More coming.
Implementing Schnorr from papers sucks. You get notation, assumptions, and a few equations. What you don’t get is the code path, the pitfalls, or how to test the thing. That’s exactly what I’m trying to fix on Vaktibabat.
Here’s what a real crypto writeup looks like: - explain the primitive - show the attack surface - implement it in code - test it against edge cases - point out where people usually get it wrong That’s the whole point of this blog.
The best feedback I get is simple: “this finally made the implementation click.” That’s the goal for every post on Vaktibabat. Not theory for theory’s sake. Not vibes. Just code, reasoning, and the weird little details that matter.
If you read Trail of Bits, Daniel Lemire, and random CTF writeups at 2am, this blog is for you. Vaktibabat collects my notes on cryptography, Rust, reversing, SIMD, CUDA, and security experiments. It’s a lab notebook, not a newsletter.
I’m turning old notes into full writeups. That means more posts on Rust, secure protocols, Merkle trees, GPU cracking, and CTFs. If you like seeing how systems actually work under the hood, follow along.
Reading security blogs gets expensive fast. You jump between papers, GitHub repos, and half-finished explanations just to answer one question: “how do I build this correctly?” Vaktibabat is my attempt to make that hunt shorter.
A good systems post should show the tradeoffs, not hide them. That’s why I write about SIMD, GPU acceleration, Rust/WASM, and protocol implementations with code first and opinion second. If the details matter to you, you’ll probably like it here.
People keep asking for the notes after I share a project or CTF solve. So I’m publishing them properly now. If you’re into crypto, Rust, reversing, or performance work, Vaktibabat is the archive.
Angle: implementation-first cryptography
Most people learn cryptography in one of two bad ways: 1. Academic papers that are correct but hard to use. 2. Blog posts that simplify away the parts that actually break in real code. I wanted a middle ground. So I started publishing implementation-heavy writeups on Vaktibabat: Schnorr protocols in Rust, Merkle trees in Go, secure chat experiments, and systems/security notes that stay close to the code. The goal is simple: help engineers understand how these ideas behave when you actually build them. If you work on security tooling, protocol implementations, or low-level systems code, you probably know this pain already. You can read ten pages and still not know what to test, what can fail, or where the subtle bugs hide. That’s the gap I’m trying to close. I’m also making the site easier to navigate for new readers with clearer topic grouping and “start here” paths by interest: cryptography, Rust, CTF writeups, and performance. If you’re the kind of person who prefers code, edge cases, and failure modes over summaries, it might be useful. Feedback welcome, especially from people who have tried to implement crypto from papers and lived to regret it.
Angle: CTF and reversing writeups
CTF writeups are often either too short or too polished. The short ones skip the reasoning. The polished ones hide the dead ends. I built Vaktibabat partly because I wanted a place for the full version: how the attack path was found, what tools were used, what assumptions were wrong, and what finally worked. That includes FLARE-ON notes, idekCTF writeups, reversing experiments, and the kind of debugging trail that usually gets deleted before a post goes live. I think that matters because the real value in these exercises isn’t the flag. It’s learning how to think when the path is unclear. If you’re a security engineer, reversing hobbyist, or CTF participant, that’s usually the part you’re actually trying to get better at. I’m also using the site as an archive of the mistakes, not just the wins. That makes the next solve faster, and it makes the writeup more useful for anyone reading it later. If you want more posts like that, I’m curious what kind of breakdowns you find most useful: tooling, reasoning, or exploit path.
Angle: systems performance and low-level optimization
A lot of performance content ends up being vague advice like “use SIMD” or “move work to the GPU.” That’s not enough. What I’m interested in publishing on Vaktibabat is the practical version: where SIMD actually helps, where it doesn’t, what changes in Rust vs Go vs CUDA, and how to reason about tradeoffs without hand-waving. That’s why you’ll see posts like HyperLogLog with SIMD and GPU-accelerated hash cracking alongside the crypto and reversing content. They all ask the same question: what happens when you push a system closer to the metal? For engineers building data-heavy or security-sensitive software, the details matter. Benchmarks are useful, but only if you understand why the numbers moved. So the blog is becoming a home for implementation notes, experiments, and the stuff I usually wish someone had written down before I spent a weekend profiling it myself. If that’s useful to you, I’d love to know what kind of low-level topics you want covered next: SIMD, memory layout, GPU work, or language/runtime tradeoffs.
Tagline
Rust, crypto, and systems writeups
Description
A technical weblog of implementation-heavy posts on cryptography, Rust, reversing, CTF writeups, SIMD, and GPU performance experiments from Yoray Herzberg.
Maker's first comment
I built Vaktibabat because I kept running into the same problem: the interesting parts of cryptography and systems work are usually hidden between academic papers, scattered code, and half-finished blog posts. When I was trying to understand things like Schnorr protocols, Merkle trees, HyperLogLog, secure chat, or GPU-based hash cracking, I wanted something more practical than a summary and less fragile than copying code from a repo without context. So this blog became my place to publish the implementation notes I wish I had earlier: code-first explanations, tradeoffs, dead ends, CTF reasoning, and low-level experiments in Rust, Go, CUDA, and WASM. If you’re a security engineer, Rust developer, reversing hobbyist, or someone who likes understanding systems by building them, this is for you. The site is intentionally simple: read the posts, browse by topic, and subscribe via RSS if you want the next writeup when it lands. I’m especially looking for feedback on two things: which topics deserve a deeper series, and whether the “start here” paths make it easier for new readers to find the right first post.
Pinned maker comment
I’d love feedback on the post navigation and the positioning. The content is already niche, but I want to know if the homepage clearly tells you this is for people who want implementation-level crypto, Rust, and security writeups.
Meta
Tired of crypto tutorials that skip
Hypothesis: Rust developers working on security tooling want implementation-first cryptography content more than theory-heavy posts. Vaktibabat publishes long-form writeups on Schnorr, Merkle trees, secure chat, Rust, SIMD, and CTFs - focused on code, tradeoffs, and edge cases.
Google Search
Rust Schnorr implementation
Hypothesis: Searchers looking for how to implement cryptography in Rust want concrete walkthroughs, not abstract papers. Vaktibabat is a technical weblog with step-by-step posts on Schnorr protocols, Merkle trees, HyperLogLog, reversing, and security experiments.
Reddit Promoted
Most CTF writeups hide the messy part
Hypothesis: CTF participants and reversing hobbyists want full reasoning paths, not just final solves. Vaktibabat shares detailed writeups on FLARE-ON, idekCTF, GPU hash cracking, and low-level security experiments - built for people who learn by seeing the process.
Subreddits
r/SideProject
Show the site as a niche technical blog built for implementation-heavy crypto and systems writeups, with a few strong post examples.
Rules: Share what you built and what you learned; no pure self-promo without context; keep the post useful and specific.
r/indiehackers
Share the challenge of turning a personal technical archive into a readable audience product, and ask for feedback on positioning and onboarding.
Rules: Founders-first audience; be honest about metrics and lessons; avoid spammy promotion.
r/microsaas
Position the blog as a minimal content product with a clear niche and ask how other builders package technical expertise into a simple site.
Rules: Keep it builder-oriented; share process and product decisions; avoid dropping a link without explanation.
r/crypto
Share a deep technical post on implementing a cryptographic primitive in Rust and ask for review on correctness, pitfalls, and clarity.
Rules: High bar for technical depth; no beginner marketing copy; make sure the post is substantive and invites critique.
r/rust
Post a practical Rust implementation writeup, especially one involving cryptography, performance, or unsafe-adjacent systems work.
Rules: Must be relevant to Rust developers; code and technical detail expected; self-promo is tolerated only when genuinely useful.
Communities
Write one post about packaging a niche technical blog for readers, then reply to every comment with the actual decisions you made.
Share one deeply technical Rust implementation post at a time and participate in existing threads before mentioning your site.
r/cryptography Discords
Join a crypto-learning Discord and ask for critique on one article section, not the whole site; give before linking.
Cold outreach template
Hey {firstName} - saw your {context} and thought of Vaktibabat, a technical blog with implementation-heavy writeups on Rust, cryptography, reversing, and CTFs. If you ever want a concrete post on something like Schnorr, Merkle trees, or SIMD performance, I’d love to write it. What topic would actually help you right now?
Product Hunt timing
Launch on Tuesday at 12:01am Pacific Time. That gives the product a full weekday cycle of traffic from developers in the US and Europe, and the audience here is technical enough to browse during work hours rather than only on consumer-style launch spikes.
Indie Hackers post ideas
- 01How I turned a personal crypto/systems notebook into a site people can browse
- 02What I learned writing implementation-first posts on cryptography instead of tutorials
- 03How to package a niche technical blog so new readers know where to start
Competitor alternatives
Current tone of voice
Technical, personal, and enthusiast-driven; for example, titles like 'Fun With HyperLogLog and SIMD' and 'GPU-accelerated hash cracker with Rust and CUDA' signal a hands-on, nerdy voice rather than corporate polish.
Your kit is ready. Sign up free to unlock, takes 10 seconds.
7 more X posts · 2 LinkedIn · Product Hunt copy · ad hooks · 100-user playbook · landing critique