Skip to content

Backend

Backend development without security is just data leaks waiting for an exploit
This section covers the full backend ecosystem from raw Node.js through frameworks , databases , and deployment - all viewed through a security operations lens because if your backend isn't hardened your frontend doesn't matter

what you'll find here

  • Node.js - The runtime that runs everything. Know how it actually works before slapping a framework on top
  • Express & Fastify - The frameworks that handle HTTP. Middleware , routing , and every footgun they come with
  • Next.js - Full-stack React that blurs the frontend/backend line dangerously
  • NestJS - Enterprise TypeScript with opinions. DI , guards , interceptors
  • Databases - Postgres, Redis, MongoDB. Query them right or get injected
  • DevOps - Docker, CI/CD, environments. Ship with confidence not hope
  • Coming Next - GraphQL, WebSockets, Microservices - the advanced stuff

prerequisites

none - start wherever you're weakest

next → Start here