Rajnish

终于找到一个能替代 Wireshark 的开源神器。 GitHub 3.7 万 Star 的 Sniffnet，把网络监控做成了普通人也能看懂的样子。 很多人打开 Wireshark 的第一反应都是： 看不懂，直接关闭。 而 Sniffnet 完全不同。 实时显示上传下载流量、连接主机、访问域名、IP 地理位置，甚至还能查看正在偷偷联网的软件。支持流量过滤、PCAP 导入导出、多网卡监控。 最关键的是界面非常舒服。 不用研究抓包规则，不用学习复杂命令，打开就能看到电脑到底在和谁通信。很多用户直接把它当成 GlassWire 的免费替代品。(Windows Central) Windows、macOS、Linux 全平台支持，Rust 编写，占用资源极低。(GitHub) 对于经常折腾代理、NAS、Docker、服务器的人来说，这绝对属于装机必备工具。 https://t.co/pXQHkfXRzU

Thanks for your critique, Janet. We actually tried a couple of episodes where House (Hugh Laurie) (please put the brackets in the right place) gets it right first time, but they were only 6 minutes long. NBC weren’t happy. Then we tried some where House never gets it right and the patient dies. The audience wasn’t happy. One could apply your trenchant analysis to other art forms: JS Bach wrote 30 Goldberg variations on the same chord structure; Frida Kahlo painted 50 portraits of herself; Henry Moore, what?? The point is, or was, variations on a theme; if all you see is hospital, medical blah blah, then it wasn’t meant for you. Nonetheless, I look forward to your first novel!

Look at all of this goodness in MS Attack Surface Reduction Rules... Seriously, if you aren't using these and you have them included in your subscription you are missing a lot... And yes, I can believe that Microsoft leadership is complete crap and ruining a good company while also knowing there are good parts available (yet often unused) in their products. They have just become hyper focused on genAI instead of building on and improving what they have leaving too much to die on the vine.

For a report I've submit report to MSRC months ago, showed full remote capabilities. MSRC closed saying it's "Local only". I comment: "I showed a 0 click proof of concept here. Why was it closed?" MSRC:" The assessment decision remains unchanged." Me:"Ok but I proved remote with X PoC and you can see the video I've even attached a few months ago that shows it in action" MSRC: " Please feel free to submit a new report with additional details."

Not what I said. The actual quote: “that isn’t to say there’s going to be no room for security research or ethical hacking, but a lot of the lower hanging fruit will start to go away.” Hacking experts are in a sweet spot rn where AI tech is helping us be super saiyan productive. What remains to be seen is what happens when the models become even more powerful. Anyone who disagrees may be in denial…

Like many others in CTI, I’ve been trying to integrate AI into my daily workflow by building custom Skills for analysis, hunting, pivoting, and attribution support. So far, the results have been pretty impressive. In technical workflows especially, well-designed Skills noticeably improve both productivity and analytical consistency. I’ve also found them genuinely useful for attribution work by helping correlate infrastructure, malware behavior, and historical overlaps that are easy to miss manually. Still a lot to refine, but I’m hoping to eventually organize the Skills and workflows I’ve built and share some of them with the community soon.

My whole argument regarding AI boils down to this: >>> AI increases output much faster than it increases certainty <<< Yes, it generates more code, more prototypes, more pull requests and more “solutions”. But every generated line still needs ownership, review, testing, debugging and long-term maintenance by humans. And I think the market currently underestimates how expensive that last part really is.