They’re not even that stealthy. The code is bullshit, gitignore folder is super suspicious and malware is just a binary within the zip file. Clearly meant for script kiddies.

Not at all. Figuring a work-life balance that suits you is a worthy goal.

Also, repo for sending PRs: https://github.com/PortSwigger/BChecks

I played around with WebSockets and wrote a new tool: https://github.com/doyensec/wsrepl

It’s an interactive REPL interface like websocat, but it’s meant specifically for pentesting, not debugging, and it’s easily extensible in Python (while still retaining REPL interface). In future releases I’d like to expand the extensibility by adding declarative style configuration (the ultimate feature would be something like what Burp’s Autorize plugin does, but for websockets).

With all of the embarrassing command injections they keep getting, Fortinet should assess their SOC and incident preparedness and find compromises that may lie hidden by calling their own Security Advisory Services.

Hey there and congratulations on getting a few first episodes out! Launching is half the battle, and it looks like you’re well on your way.

I’m actually running a small podcast as well and I feel your pain about figuring out the target audience and the personal style. Unless you’re aiming for mainstream success, I’d suggest focusing on what you personally feel is missing in the podcasting sphere. Hopefully it will keep you driven, and ensure that you genuinely enjoy the process. Plus, it increases the odds that you won’t abandon the project midway. Keep on the good work!