Skip Navigation
What distro you use/recommend as a daily driver for a Cybersecurity job (pentesting and Red Teaming)? Would QubeOS be a good fit?
  • I used to use Qubes for pentesting for quite a while and it worked rather well. As you wrote, one set of netVM-firewallVM-appVM stack per customer to ensure nothing nasty can cross, separate netVMs for separate network zones back at the company, separate color-coded VMs for random web browsing, general office stuff and accessing sensitive data. The cons: no hardware video acceleration (video conferences or youtube will spin the CPU like it's 2005), Windows (you can run Windows VMs and they are usable but not nearly as polished as the Linux ones) and hypervisors (there is no nested virtualization so if you want to e.g. hack KVM, you're out of luck). Also regarding hardware compatibility: if Qubes runs on something that doesn't mean it runs securely because it will try to partition the PCI devices across VMs and what can be partitioned where depends on the exact architecture of the mainboard. Expect some deep-dive into the wonderful world of VT-d domains and PCI BARs.

  • Nyx - a VM-based snapshotting fuzzer
    nyx-fuzz.com Nyx

    The homepage of the VM-based snapshot fuzzer Nyx.

    Nyx is a new fuzzing engine that allows you to harness and fuzz complex, stateful targets. By snapshotting a whole VM and being able to reset it to a clean state many thousand times per second, Nyx allows you to fuzz complex stateful targets such as browsers, operating systems or even hypervisors with zero hassle.

    0
    Pre-authenticated RCE in VMware vRealize Network Insight
    summoning.team Summoning Team

    Pre-authenticated RCE in VMware vRealize Network Insight (CVE-2023-20887)

    Summoning Team
    0
    InitialsDiceBearhttps://github.com/dicebear/dicebearhttps://creativecommons.org/publicdomain/zero/1.0/„Initials” (https://github.com/dicebear/dicebear) by „DiceBear”, licensed under „CC0 1.0” (https://creativecommons.org/publicdomain/zero/1.0/)LA
    laszlok @infosec.pub
    Posts 3
    Comments 1
    Moderates