CyberChef
nix-vulnerability-scanner | CyberChef | |
---|---|---|
1 | 286 | |
19 | 25,649 | |
- | 2.5% | |
0.0 | 9.3 | |
over 2 years ago | 4 days ago | |
Nix | JavaScript | |
- | Apache License 2.0 |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
nix-vulnerability-scanner
-
What Are Your Most Used Self Hosted Applications?
Initially I spent a lot of time as I used it as an opportunity to learn Nix/NixOS. I used Nix intentionally as it's a rolling release and also it's declarative and intended for reproducible deployments, so I don't need to deal with an OS like Ubuntu that slowly gets crufty and out of date and needs a clean-up or upgrade or complete re-install. And if I do need to re-install, it should be mostly a one-liner.
For security there are these scanners:
https://github.com/flyingcircusio/vulnix
https://github.com/andir/nix-vulnerability-scanner
I also run all services in docker and my network uses VLANs behind an OPNSense firewall. I use Wireguard as a pinch point into my network to access most services. So I'm not too worried about the security aspect.
Upgrading on Nix is pretty easy - just bump your lock file and it will get the latest packages, assuming you are on the unstable channel. But unstable does break on occasion. You an also use the latest stable release of Nix and selectively choose unstable packages, which is probably the way to go. I rarely need to fix anything - it's pretty stable. It only starts eating time when I want to add or upgrade some element to the system, but I always make sure to never do any action that isn't captured in Nix config and backed up, so that I don't have to come back and figure out what exactly I did or how something works again. It's been fine. Nix has a pretty steep learning curve, but considering its power, I think it's absolutely worth it.
CyberChef
-
PicoCTF 2024: packer
Then we take the encrypted text and use CyberChef to decrypt it.
-
Unbreakable 2024: secrets-of-winter
Let's go to CyberChef and insert our pieces of evidence.
-
YouTube: Google has found a way to break Invidious
A parameter was changed from '2AMBCgIQBg' to 'CgIIAdgDAQ%3D%3D' which is just the correct base64 encoding they should have been using the entire time.
I don't think this was a hostile action by Google, I think someone just added better input validation for security reasons and it accidently broke the bad requests they were sending.
https://gchq.github.io/CyberChef/#recipe=URL_Decode()From_Ba...
-
PicoCTF 2024- CanYouSee
❗This is indeed the flag, but the text is encrypted with Base64. Usually, the presence of padding character "=" indicates that's Base64 type of encoding (but that's only one of the hints). To decrypt it, we can use CyberChef. Copy-paste the text and we either:
-
CyberChef VS DevToolboxWeb - a user suggested alternative
2 projects | 6 Feb 2024
-
CyberChef from GCHQ: The Cyber Swiss Army Knife
It uses a combination of magic bytes (like the `file` command), entropy analysis and character frequency detection to determine whether an output is likely to be of interest to the user.
The file type mechanism is written here[0]. There's a list of all signatures we detect here[1].
[0] https://github.com/gchq/CyberChef/blob/master/src/core/lib/F...
- Show HN: File Hider
- UK GCHQ's CyberChef
-
Lets try this again. Got a code for you to break.
I think this can be deciphered using CyberChef...
- CyberChef is a useful tool for decoding information.
What are some alternatives?
Radarr - Movie organizer/manager for usenet and torrent users.
QR-Code-generator - High-quality QR Code generator library in Java, TypeScript/JavaScript, Python, Rust, C++, C.
homeserver-traefik-portainer - My homeserver setup. Everything managed securely using Portainer.
CapRover - Scalable PaaS (automated Docker+nginx) - aka Heroku on Steroids
Joplin - Joplin - the secure note taking and to-do app with synchronisation capabilities for Windows, macOS, Linux, Android and iOS.
py4e - Web site for www.py4e.com and source to the Python 3.0 textbook
Kanboard - Kanban project management software
cyberchef-recipes - A list of cyber-chef recipes and curated links
Sonarr - Smart PVR for newsgroup and bittorrent users.
Ciphey - ⚡ Automatically decrypt encryptions without knowing the key or cipher, decode encodings, and crack hashes ⚡
Pinry - Pinry, a tiling image board system for people who want to save, tag, and share images, videos and webpages in an easy to skim through format. It's open-source and self-hosted.
Monica - Personal CRM. Remember everything about your friends, family and business relationships.