Linux wizard, FLOSS enthusiast, Infosec Lead. I like to break things.
#mitmproxy is on the plate this week, with a twist in post topic on the roguesecurity.dev tech blog. This one touches on some more offensive security and research type activities more in line with #bugbounty and #pentesting methodologies.
Decrypt TLS traffic and inspect the gooey interior!
@kajer proxmoxVE is your friend. :)
@kajer yeah 100% agreed on OPNSense being the clear choice here. I switched at the onset of the wireguard drama and haven't looked back. It's wonderful. I've done active/passive failover before but never messed with state killing. Glad you have a plan in front of you that involves OPNSense though!
@kajer Does OPNSense handle state tracking differently...? I love OPNSense and wholly support moving to it, but are you sure you're going to see different behavior?
Introducing oniux: Kernel-level Tor isolation for any Linux app. This torsocks alternative uses namespaces to isolate Linux applications over the Tor network and eliminate data leaks.
https://blog.torproject.org/introducing-oniux-tor-isolation-using-linux-namespaces/
@brian_greenberg Did you have chatGPT write this post for you? It smells a lot like an LLM.
@todb this reads like they still have RSS, just not the same one.
"These announcements will only be shared through CISA social media platforms, email, and RSS feeds and will no longer be listed on our Cybersecurity Alerts & Advisories webpage."
"Note: If you’ve previously used RSS feeds to track Known Exploited Vulnerabilities Catalog updates, please subscribe to the KEV subscription topic through GovDelivery to continue receiving notifications."
@SecurityWriter JA4+ enrichment and L3 correlation, it is the way. Any tool that bootstraps #zeek works well. I'm sure plenty of commercial network appliances can enrich similarly too.
@wolfinpdx wireshark and tshark for the command line are sort of the gold standard. If you're not doing complex things and can boil it down to a BPF, then you can use tcpdump too, but the wireshark filter syntax is going likely be something you have to master if you're going to be working with pcaps
Check out Part 2: https://roguesecurity.dev/blog/opnsense-loki-part2 with the pretty dashboard.
@Lockdownyourlife I semi-recently did the same, and it was painful. This doesn't help either: https://tosdr.org/en/service/244
Young people deserve the right to privacy. Florida’s SB 868 is a dangerous bill that intends to decrypt teens’ private messages, ban disappearing messages, and allow unrestricted parental access to private messages. Stripping away the safeguards that encryption provides puts everyone at risk. https://www.eff.org/deeplinks/2025/04/floridas-anti-encryption-bill-wrecking-ball-privacy-theres-still-time-stop-it
And Part 2 is live now as well, digging into Headscale itself: https://roguesecurity.dev/blog/headscale-quadlet-part2
I've decided that rather than just taking notes in my own wiki to be forgotten I'm going to start a rudimentary blog.
Here's post 1 of 2 on running #traefik in #podman with Quadlets. The end goal in part 2 will be getting #headscale running for a fully controlled #tailscale VPN. Stay tuned!
@majorlinux What a terrible way to portray the news about MITRE CVE funding cuts: "Security database used by apple..." -- the implication here is disappointing. It is a vulnerability collection and authority used by THE WORLD.
@GrapheneOS @nono2357 What an insightful response, thank you. Love the project, keep up the good work!
@nono2357 How will this affect @GrapheneOS
@grant_h Bitwarden, easy. Self-hostable if the literacy level spans that far upward, but also cheap and trustworthy via the hosted offering for low barrier to entry.
