1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
36
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
61
62
63
64
65
66
67
68
69
70
71
72
73
74
75
76
77
78
79
80
81
82
83
84
85
86
87
88
89
90
91
92
93
94
95
96
97
98
99
100
101
102
103
104
105
106
107
108
109
110
111
112
113
114
115
116
117
118
119
120
121
122
123
124
125
126
127
128
129
130
131
132
133
134
135
136
137
138
139
140
141
142
143
144
145
146
147
148
149
150
151
152
153
154
155
156
157
158
159
|
[[!meta title="Research and tests"]]
Raw list with things to try, research, evaluate develop and maybe deploy!
## Subpages
[[!inline pages="page(research*)" archive="yes"]]
## New stuff
* [Borg - Deduplicating](http://borgbackup.readthedocs.io/en/stable/).
* [Darktable](https://packages.debian.org/stable/darktable).
* [mmv](https://packages.debian.org/jessie/mmv) ([manpage](https://ss64.com/bash/mmv.html)).
* [Observatory by Mozilla](https://observatory.mozilla.org/) and [CAA checking becomes mandatory for SSL/TLS certificates](https://ma.ttias.be/caa-checking-becomes-mandatory-ssltls-certificates/).
* Wayland.
* [antigen](https://github.com/zsh-users/antigen), [vundle](https://github.com/VundleVim/Vundle.vim), etc.
* [You-Get](https://you-get.org/).
* [Apache Drill](https://drill.apache.org/), [presto](https://github.com/prestodb/presto), hadoop, etc.
* [gridsync/gridsync: Synchronize local directories with Tahoe-LAFS storage grids](https://github.com/gridsync/gridsync)
* [OpenBSD vmm](https://marc.info/?l=openbsd-tech&m=149191695821636&w=2).
* [TensorFlow](https://www.tensorflow.org/).
* [HTTP Prompt - An interactive command-line HTTP client](http://http-prompt.com/).
* [Mapzen](https://mapzen.com).
* [GitHub - restic/others: Exhaustive list of backup solutions for Linux](https://github.com/restic/others).
* [asciinema - Record and share your terminal sessions, the right way](https://asciinema.org/) ([client](https://packages.debian.org/jessie/asciinema) and server).
* [Creepy - Geolocation OSINT Tool](http://www.geocreepy.com/) ([package](https://packages.debian.org/wheezy/creepy)).
* [Minix3](http://www.minix3.org/).
* [Haiku Project](https://www.haiku-os.org/).
* [GoboLinux - the alternative Linux distribution](http://gobolinux.org/).
* [Debian -- Details of package stow in jessie](https://packages.debian.org/jessie/stow).
* [Sabotage - the hardcore let's be oldschool UNIX experience](http://sabotage.tech/).
* [netboot.xyz](https://netboot.xyz/).
* [iPXE - open source boot firmware [start]](http://ipxe.org/).
* [FOSS Services](/services)!
* [isis' scripts](https://github.com/isislovecruft/scripts).
* [gitly self-hosted](https://gitly.io).
* [Git Large File Storage - Git Large File Storage (LFS) replaces large files such as audio samples, videos, datasets, and graphics with text pointers inside Git, while storing the file contents on a remote server like GitHub.com or GitHub Enterprise.](https://git-lfs.github.com/) / [#792075 - ITP: git-lfs -- Git Large File Support. An open source Git extension for versioning large files - Debian Bug report logs](https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=792075).
* https://shodan.io
* https://keybase.io
* https://en.wikipedia.org/wiki/Unikernel
* https://eng.fromatob.com/post/2017/02/lets-encrypt-oauth-2-and-kubernetes-ingress/
* https://stripe.com/blog/idempotency
* https://github.com/gorhill/uMatrix
* https://github.com/metabase/metabase
* https://lede-project.org/start
* https://github.com/shadowsocks/shadowsocks-go
* https://botman.io
## Multimedia
* [qsstv](https://packages.debian.org/jessie/qsstv)
* mopidy/mpdris:
* plugins like https://packages.debian.org/stretch/mopidy-podcast
* https://packages.debian.org/jessie/mopidy
* https://github.com/acrisci/playerctl
* https://packages.debian.org/jessie/mpdris2
* https://packages.debian.org/stretch/mpris-remote
## Tor
* ooniprobe, lepidopter.
* onionpi (tor, hostapd, iptables).
* onion smtp:
* https://www.void.gr/kargig/blog/2014/05/10/smtp-over-hidden-services-with-postfix/
* https://tech.immerda.ch/2016/12/ehlo-onion/
* https://github.com/riseupnet/onionmx
## Security
* [Qubes OS](https://www.qubes-os.org/).
* bitmask and LEAP.
* port knocking.
* hardened systems: apparmor, gradm2, firejail, seccomp, etc.
* sshd:
* https://stribika.github.io/2015/01/04/secure-secure-shell.html
* https://bugs.debian.org/cgi-bin/bugreport.cgi?bug=774711#60
* http://security.stackexchange.com/questions/64562/how-should-i-defend-against-zero-day-attack-on-ssh
* https://charlieharvey.org.uk/page/ssh_port_pros_and_cons
* fuzzy testing: fusil, etc.
* router: serial console to other boxes with dhe luks! :)
* [Mailcap, HTML and AppArmor](http://www.justgohome.co.uk/blog/2014/02/mailcap-html-apparmor.html).
* Increased security on smtp/imaps password storage:
* https://github.com/sup-heliotrope/sup/wiki/Securely-Store-Password
* http://serverfault.com/questions/149452/how-can-i-use-fetchmail-or-another-email-grabber-with-osx-keychain-for-authent
* http://mah.everybody.org/docs/mail/fetchmail_check
* Enhanced shell:
* Add a counter-measure to prevent SSH timing attacks:
http://users.ece.cmu.edu/~dawnsong/papers/ssh-timing.pdf
http://www.slideshare.net/idsecconf/countermeasure-against-timing-attack-on-ssh-using-random-delay
http://www.scribd.com/doc/59628153/Timing-Analysis-of-Keystrokes-and-Timing-Attacks-on-SSH-Revisited
## DevOps
* [Simet](http://simet.nic.br).
* auto start user screen sessions.
* backups: snapshots with remote transfer support.
* puppet:
* deploy: multiple module paths: https://docs.puppet.com/puppet/3.6/dirs_modulepath.html
* default modules as submodules from the bootstrap repository, custom modules closer to the config folder?
* php7-fpm:
* https://serversforhackers.com/video/apache-and-php-fpm
* http://www.binarytides.com/setup-apache-php-fpm-mod-proxy-fcgi-ubuntu/
<FilesMatch \.php$>
SetHandler "proxy:unix:/run/php/php7.1-fpm.sock|fcgi://localhost:9000";
</FilesMatch>
## Virtualization
* kvm:
* kvm-manager improvements (systemd support, packaging, docs).
* env params.
* FDE using bootless image.
## Smartphone
* snoopsnitch.
* mods: https://web.archive.org/web/20160402005909/https://people.torproject.org/~ioerror/skunkworks/moto_e/
## Torrent
Torrent workflow: torrent-maker, magnet2torrent and torrent-reseed:
* http://wiki.rtorrent.org/MagnetUri
* http://dan.folkes.me/2012/04/19/converting-a-magnet-link-into-a-torrent/
* https://github.com/danfolkes/Magnet2Torrent
* http://code.google.com/p/pyroscope/wiki/CommandLineTools
* https://trac.transmissionbt.com/ticket/4176
* http://wiki.rtorrent.org/MagnetUri
* https://github.com/rakshasa/rtorrent/issues/212
* saving/restoring `.meta` and `~/rtorrent/.session` files.
* multiple instances: https://kernelwho.wordpress.com/2011/11/15/running-multiple-instances-of-rtorrent/
rtorrent -n -o import=/home/user/.rtorrent1.rc
## Git
* signed commits:
* check using gpgv?
* [Validating other keys on your public keyring](https://www.gnupg.org/gph/en/manual/x334.html)
* https://git-annex.branchable.com/tips/using_signed_git_commits/
* http://stackoverflow.com/questions/17371955/verifying-signed-git-commits
* https://git-scm.com/book/en/v2/Git-Tools-Signing-Your-Work
* https://mikegerwitz.com/papers/git-horror-story.html
* Push-to-deploy plugin:
* http://superuser.com/questions/230694/how-can-i-push-a-git-repository-to-a-folder-over-ssh
* https://devcenter.heroku.com/articles/git
* https://github.com/blog/1957-git-2-3-has-been-released (push-to-deploy)
* https://github.com/git/git/blob/v2.3.0/Documentation/config.txt#L2155
* http://stackoverflow.com/questions/1764380/push-to-a-non-bare-git-repository
* http://bitflop.com/tutorials/git-bare-vs-non-bare-repositories.html
* Write a "git" interceptor:
* Check proper user/email config.
* Automatically set git-flow when initializing a repository.
* Automatically set git-hooks integration.
* Implement global hooks.
* Check remote configuration.
* Check hook tampering before doing anything in the repository.
* That can disable/mitigate hooks by changing permission and ownership on `~/.git/hooks`.
|
