:linux: StarkZarn :verified:

Linux wizard, FLOSS enthusiast, Infosec Lead. I like to break things.

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-26

#mitmproxy is on the plate this week, with a twist in post topic on the roguesecurity.dev tech blog. This one touches on some more offensive security and research type activities more in line with #bugbounty and #pentesting methodologies.

Decrypt TLS traffic and inspect the gooey interior!

roguesecurity.dev/blog/mitmpro

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-21

@kajer proxmoxVE is your friend. :)

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-20

@kajer yeah 100% agreed on OPNSense being the clear choice here. I switched at the onset of the wireguard drama and haven't looked back. It's wonderful. I've done active/passive failover before but never messed with state killing. Glad you have a plan in front of you that involves OPNSense though!

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-20

@kajer Does OPNSense handle state tracking differently...? I love OPNSense and wholly support moving to it, but are you sure you're going to see different behavior?

:linux: StarkZarn :verified: boosted:
The Tor Projecttorproject
2025-05-19

Introducing oniux: Kernel-level Tor isolation for any Linux app. This torsocks alternative uses namespaces to isolate Linux applications over the Tor network and eliminate data leaks.
blog.torproject.org/introducin

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-14

@brian_greenberg Did you have chatGPT write this post for you? It smells a lot like an LLM.

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-12

@todb this reads like they still have RSS, just not the same one.

"These announcements will only be shared through CISA social media platforms, email, and RSS feeds and will no longer be listed on our Cybersecurity Alerts & Advisories webpage."

"Note: If you’ve previously used RSS feeds to track Known Exploited Vulnerabilities Catalog updates, please subscribe to the KEV subscription topic through GovDelivery to continue receiving notifications."

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-12

@SecurityWriter JA4+ enrichment and L3 correlation, it is the way. Any tool that bootstraps #zeek works well. I'm sure plenty of commercial network appliances can enrich similarly too.

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-08

@wolfinpdx wireshark and tshark for the command line are sort of the gold standard. If you're not doing complex things and can boil it down to a BPF, then you can use tcpdump too, but the wireshark filter syntax is going likely be something you have to master if you're going to be working with pcaps

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-04

Check out Part 2: roguesecurity.dev/blog/opnsens with the pretty dashboard.

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-05-01

@Lockdownyourlife I semi-recently did the same, and it was painful. This doesn't help either: tosdr.org/en/service/244

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-04-24

This is an underdocumented topic in my opinion, so I wrote up a blog on #Grafana #Loki logging of #OPNSense firewall logs through Alloy!

roguesecurity.dev/blog/opnsens

:linux: StarkZarn :verified: boosted:
Electronic Frontier Foundationeff
2025-04-24

Young people deserve the right to privacy. Florida’s SB 868 is a dangerous bill that intends to decrypt teens’ private messages, ban disappearing messages, and allow unrestricted parental access to private messages. Stripping away the safeguards that encryption provides puts everyone at risk. eff.org/deeplinks/2025/04/flor

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-04-21

And Part 2 is live now as well, digging into Headscale itself: roguesecurity.dev/blog/headsca

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-04-20

I've decided that rather than just taking notes in my own wiki to be forgotten I'm going to start a rudimentary blog.

Here's post 1 of 2 on running #traefik in #podman with Quadlets. The end goal in part 2 will be getting #headscale running for a fully controlled #tailscale VPN. Stay tuned!

roguesecurity.dev/blog/headsca

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-04-17

@majorlinux What a terrible way to portray the news about MITRE CVE funding cuts: "Security database used by apple..." -- the implication here is disappointing. It is a vulnerability collection and authority used by THE WORLD.

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-03-27

@GrapheneOS @nono2357 What an insightful response, thank you. Love the project, keep up the good work!

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-03-26

@nono2357 How will this affect @GrapheneOS

:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-03-26
:linux: StarkZarn :verified:StarkZarn@infosec.exchange
2025-03-04

@grant_h Bitwarden, easy. Self-hostable if the literacy level spans that far upward, but also cheap and trustworthy via the hosted offering for low barrier to entry.

Client Info

Server: https://mastodon.social
Version: 2025.04
Repository: https://github.com/cyevgeniy/lmst