~Open Source Security Tool of the Day~

So what is Frida, exactly?
It’s Greasemonkey for native apps, or, put in more technical terms, it’s a dynamic code instrumentation toolkit. It lets you inject snippets of JavaScript or your own library into native apps on Windows, macOS, GNU/Linux, iOS, Android, and QNX.

frida.re/

Setting up a tunnel took me 1 hour on my first attempt, reading docs included

Got to upgrade a box to buster (it was still a deb stretch, oopsie).

It is incredibly easy, compared to setting up an IPsec tunnel with Strongswan.

I strongly recommend you try this, for knowledge and fun :)

@jerry

Cats have the ability to sleep without a care. If only my rest could be so restful.

I really hate reading about how the Linux and Open Source community are engaged in internecine combat about issues that only lead to divisiveness and hurt open systems.

linux.slashdot.org/story/19/09

@kensanata

Thanks for pointing that out. Strange behavior. I will have to check the plugin.

~Open Source Security Tool of the Day~

All in one tool for Information Gathering and Vulnerability Scanning

github.com/Tuhinshubhra/RED_HA

@kenrachynski
Sorry it's a pain, but I would choose Firefox or Chrome over Safari anytime. YMMV.

@og
Sure. However, there is a certain amount of hypocrisy involved in the case that Apple gets a free pass in this instance.

Just saying.

Apple neutered ad blockers in Safari, but unlike Chrome, users didn't say a thing | ZDNet

On the other hand, everyone was busy blasting Google for a similar plan in Chrome.

zdnet.com/article/apple-neuter

If you've not come across Shiva before, check it out on GitHub :) It's an Ansible playbook I put together for provisioning hosts for CTF / bug bounty work: github.com/rastating/shiva

Two of the most popular adblock extensions discovered to stuff tracking cookies into Chrome and generate revenue for the developers. Wouldn't be surprised if this was also present in the Firefox equivalent extensions
thehackernews.com/2019/09/brow

@jerry

I foresee a lot of push back from certain sectors (private and public) like we have seen with the British ISPs who are angry that DoH will thwart their lazy compliance with British law by using DNS filtering.

Notice the use of the tired old "protect the children" canard being used to label DoH as disruptive and dangerous.

~Open Source Security Tool of the Day~

WP Fail2Ban Redux records various WordPress events to your server's system log for integration with Fail2Ban.

github.com/thebrandonallen/wp-

Some further considerations of DoH as a secure set of protocols. I have been using it with Android Pie for some time to good effect

dzone.com/articles/pros-and-co

Show more
Infosec Exchange

A Mastodon instance for info/cyber security-minded people.