Forem: Benji377

OpenMusic - My first Open source project

Benji377 — Sun, 22 Mar 2026 16:29:48 +0000

OpenMusic (formerly SocyMusic)

OpenMusic began as my venture into creating the ultimate free open-source music player for Android devices. My aim was simple: a clean, minimalist design packed with features catering to music enthusiasts of all kinds.

The Spark of Inspiration

This project sparked to life during one summer break when I found myself with ample free time and a desire to delve into Java programming for Android. While I had prior experience with Java, crafting an Android app was an uncharted territory for me. I figured that designing a music player would be a straightforward task, and so, I embarked on this exciting journey.

The Learning Curve

With little guidance on what my music player should offer, I turned to Reddit for suggestions. What I didn't anticipate was the flood of responses that poured in. My humble music player project on GitHub garnered unexpected attention, attracting a diverse community eager to collaborate and assist.

My misstep here was relying too heavily on these contributors. As they poured in code, the project's scope spiraled out of control, and I soon lost sight of its direction. Additionally, I made the mistake of attempting to meet every demand, which eventually overwhelmed me.

The Setback

As my project spiraled out of control, real life beckoned with the return of school. This significantly reduced my free time, leading to the inevitable downfall of OpenMusic. I had no choice but to shelve it, albeit not permanently. I opted to archive the project, ensuring that others could still benefit from it if the need arose.

The Lessons Learned

OpenMusic taught me invaluable lessons in managing open-source projects. Structuring projects methodically, maintaining order, and documenting every step and feature are crucial to avoid chaos. Effective communication is equally vital. Without a means to interact with fellow developers, seeking specific features, conducting tests, and documenting code contributions become nearly impossible.

Even long after I archived the project, I stumbled upon Reddit posts expressing disappointment about the unfinished app. This tugged at my heartstrings, but by then, the post was old, and I had moved on to other projects. I made the difficult choice to let OpenMusic remain in the past.

In Retrospect

The key takeaway from this experience is not to push oneself beyond limits. Setting priorities in life is crucial to prevent unnecessary stress. Careful planning, constant communication with contributors, and publishing projects when you're genuinely ready for feedback are all essential. It's important to recognize that it's impossible for a single person to appease everyone's desires in a project.

Ultimately, OpenMusic served as a valuable teacher. I made mistakes along the way, but I wouldn't change a thing. I'm proud of what I accomplished, and it was a significant learning opportunity.

You can find the archived OpenMusic project here.

Data2Image - Hide Any File Inside a PNG Image

Benji377 — Tue, 10 Mar 2026 16:22:47 +0000

Have you ever needed to share a file on a platform that only accepts images? Or wanted to create a visual backup of important data? Data2Image lets you convert any file - PDFs, ZIP archives, documents, even executables - into a PNG image that you can decode back to the exact original bytes.

No steganography magic, no hidden pixels. Just straightforward data-to-image encoding with CRC-32 integrity checks, compression, and perfect lossless round-trips.

🌐 Try it now in your browser - no installation needed!

What is Data2Image?

Data2Image is an open-source tool that encodes arbitrary files into PNG images. Each pixel stores your data as RGBA values, creating a visual representation of your file that can be perfectly restored later.

Key features:

Lossless round-trip: decode always returns the exact original bytes
CRC-32 integrity verification: detects corrupted data
Deflate compression: minimizes image size
Filename preservation: original name is embedded in the image
Cross-platform: works in browsers, Node.js, Deno, and Bun

The encoded images use the .d2i.png extension, so they're still viewable as regular PNGs, they just look like colorful static!

How It Works

The encoding process is simple:

Compress your file data with deflate (same as ZIP)
Frame it with metadata: magic bytes, file size, CRC-32 checksum, and filename
Rasterize the bytes as RGBA pixels in a square PNG image
Decode reverses the process and verifies the checksum

[4B magic "D2I\x01"]
[4B payload length]
[4B CRC-32 checksum]
[2B filename length]
[N filename (UTF-8)]
[... compressed data]
[... zero padding to fill square]

The format is intentionally straightforward: no encryption, no obfuscation. If you want security, encrypt your file first, then encode it to an image.

Using the Web App

The easiest way to try Data2Image is the web interface, no installation, no sign-up, everything runs locally in your browser.

Encoding Files

Drop files onto the drop zone (or click to browse)
The app auto-detects: regular files → encode, .d2i.png → decode
Click "Process All" to encode/decode in bulk
Download individual results or click "Download All (ZIP)" for bulk download

Each encoded file gets a thumbnail preview, yes, your PDF really does look like colorful noise!

Decoding Files

Decoding is just as easy:

Drop .d2i.png images into the web app
The app automatically detects they're encoded files and switches to decode mode
Process them, and you get back your original files with their original names

If the CRC-32 check fails (corrupted data), you'll see an error instead of a broken file.

Using the CLI

For automation and bulk operations, install the CLI tool:

npm install -g data2image

Encode files

# Single file
data2image encode document.pdf
# → document.pdf.d2i.png

# Bulk encode with glob
data2image encode *.jpg *.pdf -o output/

# Pipe to stdout
data2image encode secret.txt --stdout > out.png

Decode files

# Single file
data2image decode image.d2i.png
# → original_filename.ext

# Bulk decode
data2image decode *.d2i.png -o restored/

The CLI shows progress indicators for bulk operations, making it perfect for scripting and CI pipelines.

Using the Library

Want to integrate Data2Image into your own project? The core library is MIT licensed:

npm install @data2image/core

Node.js Example

import { encode, decode } from "@data2image/core";
import { readFileSync, writeFileSync } from "fs";

// Encode
const fileData = readFileSync("document.pdf");
const pngBytes = encode(fileData, "document.pdf");
writeFileSync("document.pdf.d2i.png", pngBytes);

// Decode
const pngData = readFileSync("document.pdf.d2i.png");
const { filename, data } = decode(pngData);
console.log(filename); // "document.pdf"
writeFileSync(filename, data);

Browser Example

import { encode, decode } from "@data2image/core";

// Handle file upload
async function encodeFile(file) {
  const bytes = new Uint8Array(await file.arrayBuffer());
  const pngBytes = encode(bytes, file.name);

  // Create download
  const blob = new Blob([new Uint8Array(pngBytes)], { type: "image/png" });
  const url = URL.createObjectURL(blob);
  // ... trigger download
}

The library is fully typed with TypeScript and works across all modern JavaScript runtimes.

Use Cases

Where is this useful?

📤 Platform restrictions: share files on image-only platforms
💾 Visual backups: create PNG archives of important documents
🎨 Data art: create visual representations of file data
🧪 Security research: test data exfiltration vectors
📦 Archival: store data in formats accepted by archival image repositories

The Tech Stack

TypeScript for type safety and great DX
tsup for dual ESM + CJS builds
pako for deflate compression
upng-js for PNG encoding/decoding
Vite for the blazing-fast web interface
Vitest for comprehensive testing

The entire project is a monorepo with three packages:

@data2image/core (MIT): the encoder/decoder library
data2image (GPLv3): the CLI tool
Website (GPLv3): the drag-and-drop web app

We use a hybrid license model: the core library is permissively licensed (MIT) so you can use it anywhere, while the CLI and website are copyleft (GPLv3) to keep those tools open source.

Contributing

Data2Image is fully open source! We welcome contributions:

🐛 Bug reports: found a corrupted file? Let us know
✨ Feature requests: encryption? Different formats? Tell us!
🔧 Pull requests: code improvements are always welcome
📖 Documentation: help make the docs better

Check out the Contributing Guide to get started.

Try It Now!

🌐 Web App: https://benji377.github.io/data2image/
📦 npm (Library): npm install @data2image/core
⚡ CLI: npm install -g data2image
💻 GitHub: https://github.com/Benji377/data2image

Visualize Your WiFi Stability in the Linux Terminal with Wavemon

Benji377 — Wed, 11 Feb 2026 16:15:24 +0000

I recently discovered a CLI gem called Wavemon, and if you are running Linux on a laptop or a device with a wireless card, you need to check this out.

We've all been there: the internet feels "slow," but you aren't sure if it's your ISP, your router, or just bad signal reception in the corner of the room. wavemon is an ncurses-based monitor that gives you a live, dashboard-style view of your wireless hardware right in the terminal.

🛠️ How to Install

It is available in most standard repositories.

Debian/Ubuntu/Kali:

sudo apt install wavemon

Arch Linux:

sudo pacman -S wavemon

Fedora:

sudo dnf install wavemon

To run it, simply type:

sudo wavemon

(Note: sudo is often required to see the scan data and sensitive details).

🧐 Understanding the Dashboard

When you launch it, you are greeted with the F1 (Info) screen. It looks like a retro sci-fi dashboard, but every number tells a story. Here is how to read the most important parts:

1. Signal Level (The big bar)

This is the most critical metric. It is measured in dBm (decibel-milliwatts).

The confusing part: These numbers are negative. The closer to 0, the better.
The Scale:
-30 to -50 dBm: Excellent signal. You are likely very close to the router.
-50 to -67 dBm: Good signal. Perfect for streaming and gaming.
-67 to -70 dBm: Okay. Web browsing is fine, but you might notice lag in video calls.
-80 dBm or lower: Bad zone. Frequent disconnects and packet loss.

2. RX vs. TX Rates

You will see lines for rx rate and tx rate.

RX (Receive): How fast your computer can download data from the router.
TX (Transmit): How fast your computer can upload data to the router.

Note: These are "link speeds," not your internet speed. If your RX rate is 780 Mbit/s for example, that is the theoretical speed between you and the router. If you only pay your ISP for 100 Mbit/s internet, you will still only get 100 Mbit/s, but your local file transfers (like moving files to a NAS) will be blazing fast.

3. Link Quality

This is usually a percentage or a fraction (e.g., 57/70). It calculates the signal-to-noise ratio. If this drops below 40%, you are likely experiencing interference from neighbors or microwaves.

4. The "Retry" Count

Look for the line that says retries.

Low number: Good.
High number (rapidly increasing): This means your WiFi card is shouting data at the router, but the router isn't hearing it, so it has to shout again. This usually happens in crowded WiFi areas (apartment buildings) or when you are too far away.

💡 Pro Tips

F2 (Level Histogram): Press F2 to see a moving graph of your signal. Walk around your house with your laptop open to this screen. You can literally see the signal drop when you walk behind a thick concrete wall or a refrigerator.
F3 (Scan): Shows all other WiFi networks nearby. Great for seeing if your neighbors are clogging up your specific WiFi channel.

Summary

If you are debugging network issues or just want to feel like a hacker while checking your WiFi strength, wavemon is a must-have in your Linux toolkit.

Happy networking! 🐧

8 Hidden Linux CLI Gems

Benji377 — Wed, 14 Jan 2026 17:07:05 +0000

We all know ls, grep, and top. But digging through a typical Linux installation often reveals powerful utilities that sit unused simply because nobody told us they were there.

Here is a short list of the most useful command-line tools that might already be on your system, plus a few modern "superpowers" you should definitely add.

💎 The Hidden Gems

1. aria2 - The Ultra-Fast Downloader

Most people use wget or curl, but aria2 is a lightweight multiprotocol & multi-source download utility. It can split files into pieces and download them in parallel from multiple sources (HTTP, FTP, BitTorrent) simultaneously, maximizing your bandwidth.

Repository: aria2 on GitHub

Usage:

# Download a file using 4 parallel connections
aria2c -x4 http://example.com/large-iso-file.iso

2. btop - The TUI System Monitor

If you are still using top or even htop, you are missing out. btop provides a beautiful, mouse-clickable, gaming-style interface for monitoring CPU, memory, network, and processes. It features graphs, themes, and full process management.

Repository: btop on GitHub

Usage:

btop

3. duf - Disk Usage/Free (Better `df`)

A modern alternative to the old df command. It displays your disk usage in a colorful, easy-to-read table with bar graphs, grouping devices automatically so you don't have to decipher /dev/sda1 vs tmpfs.

Repository: duf on GitHub

Usage:

duf

4. tldr - Manual Pages for Humans

Standard man pages are comprehensive but often overwhelming. tldr is a community-driven collection of simplified man pages that gives you just the most common practical examples.

Repository: tldr pages

Usage:

# Forget how to use tar?
tldr tar

5. yt-dlp - The Ultimate Video Downloader

A fork of the famous youtube-dl. It is actively maintained, faster, and works on thousands of video sites (YouTube, Twitch, Vimeo, etc.). It is a powerhouse for archiving content or grabbing audio.

Repository: yt-dlp on GitHub

Usage:

# Download a video in the best available quality
yt-dlp "https://www.youtube.com/watch?v=..."

# Extract audio only as MP3
yt-dlp -x --audio-format mp3 "https://www.youtube.com/watch?v=..."

6. pv - Pipe Viewer

pv is a terminal-based tool for monitoring the progress of data through a pipeline. It allows you to see a progress bar, ETA, and speed for operations that normally show nothing (like cp, dd, or piping streams).

Homepage: ivarch.com/programs/pv

Usage:

# Create a progress bar for a file copy
pv largefile.iso > /backup/largefile.iso

7. plocate - Instant File Search

plocate is a much faster alternative to mlocate. It creates an index of your filesystem, allowing you to find any file on your drive instantly—far faster than using find.

Homepage: plocate.sesse.net

Usage:

# Update the database (usually runs automatically)
sudo updatedb

# Find any file containing "config" in the name
locate config

👾 The "Weird" Bonus

8. aplay (ALSA Utils) - Listen to your Data

aplay is standard on almost every Linux system (it's part of alsa-utils). While intended for audio files, it has a famous trick: it can play any file as raw PCM audio. This allows you to "hear" the structure of compiled code, images, or even your kernel.

Homepage: alsa-project.org

Usage:

⚠️ Warning: Lower your volume first! This produces loud static.

# Play a random ISO or binary file as CD-quality audio
aplay -f cd /path/to/any/file.iso

# Or listen to your mouse movements (if you have access)
sudo cat /dev/input/mice | aplay

🚀 Additional tools

These might not be installed by default, but they are the first things many power users install on a new machine.

fzf (Fuzzy Finder)

A general-purpose command-line fuzzy finder. It lets you search your command history, files, or processes by typing partial, fuzzy queries.

Install: sudo apt install fzf (Debian/Ubuntu)
Repo: junegunn/fzf

ripgrep (rg)

A line-oriented search tool that recursively searches the current directory for a regex pattern. It is faster than grep and automatically ignores files in .gitignore.

Install: sudo apt install ripgrep (Debian/Ubuntu)
Repo: BurntSushi/ripgrep

bat

A cat clone with syntax highlighting and Git integration. It makes reading code in the terminal a pleasant experience.

Install: sudo apt install bat (Debian/Ubuntu)
Repo: sharkdp/bat

How to export indicators from XSOAR to Splunk

Benji377 — Thu, 31 Jul 2025 16:00:00 +0000

Exporting LOLBAS Indicators from XSOAR to Splunk as a Threat Intelligence Feed

This blog post walks through how to export indicators (specifically from the LOLBAS project) from Cortex XSOAR into Splunk using the Generic Export Indicators Service and configure Splunk to ingest the feed as a Threat Intel Lookup.

Part 1: Setting Up XSOAR

Step 1: Enable LOLBAS Integration

First, you need to configure XSOAR to ingest indicators from LOLBAS.

Go to Settings → Integrations → Instances.
Search for the LOLBAS integration.
Click Add instance and configure it:

Set the fetch interval.
Make sure “Fetch Indicators” is enabled.
Provide any other required fields depending on the version of the integration.
1. Click Test to ensure the integration is working correctly.
2. Save and enable the instance.

This integration will regularly ingest indicators into XSOAR, usually as Tool-type indicators.

Step 2: Verify LOLBAS Indicators Are Ingested

To verify that the indicators are being pulled in:

Go to Threat Intel → Indicators.
Use the search bar to filter:

   sourceInstances:"LOLBAS Feed_instance_1"

Replace "LOLBAS Feed_instance_1" with the actual instance name you configured.

Note: You can’t use this exact query in automation or exports, but it works well in the UI for validation.

Step 3: Enable Generic Export Indicators Service

To make the indicators available to Splunk, we’ll expose them through a download endpoint.

Go back to Settings → Integrations → Instances.
Search for Generic Export Indicators Service (GEIS) by Palo Alto Networks.
Add a new instance.

This integration allows you to create a CSV or JSON export of indicators matching a query — accessible via a unique URL (e.g., for curl or use by Splunk).

Key Configuration Options:

Output Format: Choose CSV for Splunk compatibility.
Export Fields: Customize which fields to export (e.g., value, type, customFields.path, etc.).
Query: Here’s the tricky part:

At the time of writing, sourceInstances is not supported by GEIS. Instead, use tags to filter LOLBAS indicators.

For example, if your LOLBAS indicators are tagged with lolbas, use this query:

  tags:lolbas

💡 If your indicators aren’t already tagged, consider using a post-ingestion playbook to add consistent tags automatically.

You can test the GEIS query by using the !findIndicators command in the Playground:

!findIndicators query="tags:lolbas" size=10

Once satisfied, save the GEIS instance and note the URL it provides — you'll use this in Splunk.

Part 2: Setting Up Splunk

Now that your indicators are available as a CSV feed from XSOAR, let’s configure Splunk to pull it in as a threat intelligence source.

Splunk Enterprise Security supports polling external sources via the threatlist:// stanza in inputs.conf.

Reference:

Splunk Docs → Using Threat Intelligence in Splunk Enterprise Security

Example `inputs.conf` Entry for LOLBAS Feed:

[threatlist://dti-lolbas-indicator]
description = Raw indicator feed from LOLBAS
fields = name:$1,version:$2,CustomFields:$3
file_parser = line
delim_regex = ,
ignore_regex = (^#|^\s*$)
interval = 900
is_threatintel = true
max_age = -4h
max_size = 52428800
retries = 3
retry_interval = 60
skip_header_lines = 1
timeout = 30
type = dti-indicator
url = https://<xsoar-url>/instance/execute/<geis-instance-name>
workloads = []

Field Notes:

fields: Maps CSV columns to Splunk fields.
url: Replace with the actual GEIS URL from your XSOAR instance.
interval: Poll every 15 minutes.
is_threatintel: Set to true if you want it integrated into Splunk ES Threat Intelligence.

✅ Don’t forget to restart Splunk after modifying inputs.conf.

Optional: Add a Workload (Saved Search)

If you want to process the incoming data, such as filtering invalid entries or transforming fields, you can specify a workload, like a Saved Search:

workloads = [
    {"type": "savedsearch", "workload": "cleanup-lolbas-indicators"}
]

This lets you customize how LOLBAS data is cleaned or enriched after ingestion.

How to Build a Portable Offline Chat Server with a Raspberry Pi

Benji377 — Tue, 17 Jun 2025 19:55:45 +0000

Looking for a fun way to create a local chat network that works without internet, without installing any apps, and without any complex setup?

This guide will show you how to turn a Raspberry Pi into a portable IRC chat server. It hosts its own WiFi network, shows a captive portal, and lets users chat — all offline. No custom software involved — just a combination of existing tools configured to work together.

What This Is (and Isn’t)

This isn’t a new app or a programming project — it's a collection of freely available software and tutorials that, when set up properly, gives you:

A private WiFi access point
A captive portal (like those you see in cafés or airports)
An IRC server for chatting
An IRC client, accessible via browser or app
All hosted entirely on a Raspberry Pi — no downloads or internet needed

What You’ll Need

Hardware

Raspberry Pi 3B+ (or similar)
MicroSD card (16GB+ recommended)
Power supply
Ethernet cable (for setup phase)

Software Tools

Wireless AP: RaspAP
Captive Portal: Nodogsplash
IRC Server: Hybrid IRC
Web IRC Client: The Lounge
[Optional] Admin Panel: Webmin

Setup Guide

1. Set a Static IP on the Raspberry Pi

This is important for routing and for consistent access to your chat server (we’ll use 10.3.141.1 as an example).

Static IP Tutorial

2. Turn the Pi Into a Wireless Access Point

Using RaspAP, you can easily broadcast your own WiFi network from the Pi.

Wireless AP Guide

3. Connect Internet for Setup

You can connect your Pi to your PC via Ethernet and share internet access temporarily. This helps when downloading packages.

4. Install and Configure Nodogsplash

Nodogsplash is used to serve the captive portal page — the one users see when they connect to your network. It explains how to connect to the chat.

Follow the specific RaspAP integration guide:

Nodogsplash with RaspAP

You can use this custom HTML page for your captive portal:
Captive Portal Template (GitHub Gist)

5. Install and Configure the IRC Server

Install Hybrid IRC on the Pi and make sure it's listening on the correct interface (e.g., 10.3.141.1).

IRC Server Setup Tutorial →

You can test your server locally using an IRC client on your computer, like AdiIRC.

6. Install a Web IRC Client (Optional)

You can also install The Lounge on the Pi. It allows users to chat directly in the browser instead of using a separate IRC app.

7. Unplug the Ethernet Cable and Go Offline

Once everything is configured, you can unplug the Pi and use it as a completely offline system. Users connect via WiFi, see the captive portal, and are guided into the chat system.

DNSMasq Offline Mode (If Needed)

If you're running into issues with DNS resolution offline, try adding this line to your dnsmasq.conf:

# /etc/dnsmasq.conf or /etc/dnsmasq.d/custom.conf
address=/#/10.3.141.1

Create the file if it doesn't exist.

Captive Portal Instructions (What Users See)

When users connect to the WiFi network, they’ll be redirected to a captive portal that explains how to join the local chat. Here's an example of the message you can include:

Welcome to the Local Chat Server

You’re connected to a local IRC chat network hosted entirely on a Raspberry Pi.

No downloads needed. Just follow the steps below:

Click the button below to proceed. It may open an admin page — just close it if it appears.

You’ll be redirected to a browser-based IRC client where you can start chatting instantly.

To join a chat room, type: /join #general

You’re now chatting with others on the same WiFi!

Advanced Option:
If you prefer to use a dedicated IRC client (on your phone or computer), you can manually connect using:

Server Address: 10.3.141.1

Port: 6667

Password: Not required

Recommended clients:

Windows: AdiIRC

Android: CoreIRCLite

Final Thoughts

This setup is a fun way to explore:

Raspberry Pi networking
Offline-first apps
IRC
Captive portals
WiFi provisioning

All without needing to write any code or install anything on user devices.

Whether you're using this for LAN parties, workshops, classrooms, or just experimenting — it’s a great DIY project that repurposes old tools in a useful way.

Credits

pimylifeup.com – for most of the tutorials referenced in this project
Banner image by Yannick Pipke on Unsplash

Packaging and Distributing a Rust CLI for All Platforms - A Case Study with Tooka

Benji377 — Mon, 16 Jun 2025 22:45:41 +0000

Recently, I built a small Rust CLI tool called Tooka, and I wanted to share how I set it up to compile for all major systems — Windows, Linux, macOS — and how I handled packaging and distribution across app stores.

This post covers:

GitHub Actions setup
Cross-compilation with Rust
Packaging with cargo-packager
Distributing via Snapcraft, AUR, Winget, Docker, Cloudsmith, etc.
Real-world pitfalls (like GLIBC incompatibility)
And a full example Dockerfile

Introducing Tooka

Tooka is a tiny CLI that sorts files using YAML-based rules. It doesn’t use a GUI or any external dependencies — a design choice that makes packaging much easier across platforms.

Side note: Naming it Tooka turned out to be... suboptimal. There are way too many projects with similar names. But hey, too late to go back now. 😅

Repo: https://github.com/tooka-org/cli

GitHub Setup

I host Tooka on GitHub with some basic files to kick things off:

README.md
LICENSE
CODE_OF_CONDUCT.md
renovate.json — for dependency management via RenovateBot

If you're familiar with Dependabot, Renovate is a great alternative — and free for public repos. Here’s my renovate.json:

{
  "$schema": "https://docs.renovatebot.com/renovate-schema.json",
  "extends": ["config:recommended"],
  "lockFileMaintenance": {
    "enabled": true,
    "automerge": true
  },
  "packageRules": [
    {
      "matchUpdateTypes": ["minor", "patch"],
      "matchCurrentVersion": ">= 1.0.0",
      "automerge": true
    },
    {
      "matchDepTypes": ["devDependencies"],
      "automerge": true
    }
  ]
}

This setup ensures Cargo.lock stays clean and synced, and minor updates merge automatically.

Building and Packaging Releases

I use GitHub Actions to build Tooka for all platforms. The release process:

Compiles for Windows, macOS (Intel + Apple Silicon), and multiple Linux targets
Packages into .deb, .rpm, .dmg, .msi, .exe, and even AppImage
Uses cargo-packager for packaging
Creates a draft release with all artifacts for review

Here’s the release workflow, powered by a build matrix that handles platform-specific logic.

Bonus: I also use cargo-generate-rpm since RPM isn’t yet supported by cargo-packager.

GLIBC Pitfall on Linux

One real-world problem I hit: GLIBC incompatibilities.

If you compile on a newer distro (like Ubuntu 22.04), and your user runs it on something older (like Debian 10), your app might crash with errors like:

version `GLIBC_2.32' not found

To discover and debug this, I created a simple Dockerfile:

FROM debian:bookworm-slim

RUN apt-get update && apt-get install -y \
    curl wget jq ca-certificates && \
    apt-get clean && rm -rf /var/lib/apt/lists/*

RUN LATEST_URL=$(curl -s https://api.github.com/repos/tooka-org/cli/releases/latest | \
    jq -r '.assets[] | select(.name | endswith("_amd64.deb")) | .browser_download_url') && \
    wget -O tooka.deb "$LATEST_URL" && \
    dpkg -i tooka.deb && \
    rm tooka.deb

RUN useradd -ms /bin/bash tooka
USER tooka
WORKDIR /home/tooka/workspace

ENTRYPOINT ["/bin/bash"]

This container mimics a minimal Linux user environment and helped uncover runtime issues early.

💡 Tip: Consider building with musl instead of glibc for max compatibility.

Distributing to App Stores

Distributing CLI tools to users across platforms is... complicated. But it’s doable.

Here’s where I published Tooka:

Snap Store
Winget (Windows)
AppImageHub
AUR (tooka-git)
Cloudsmith (for APT/RPM repos)

Snapcraft

Setting up Snapcraft is tricky at first — especially if you’re not on Debian/Ubuntu. But once it’s live, you can automate builds via GitHub and maintain it with a snap/ folder.

AUR

I created a -git package that pulls from the latest commit or release. AUR is great for Arch users but requires manual updates for non--git versions.

AppImage

AppImage is surprisingly easy with cargo-packager. Just pass the format and it’ll generate the artifact. Hosting is manual (I uploaded mine to GitHub releases). And you can then also publish it to the AppImage store

Winget

Winget setup requires a Windows box, but once configured, it’s mostly maintenance-free. I also added a GitHub Action to push new versions.

APT/RPM with Cloudsmith

Want sudo apt install tooka? You'll need to host your own APT repo. I used Cloudsmith — it’s free for small projects and super easy to automate.

Here’s my GitHub Action that uploads .deb and .rpm files to Cloudsmith on every release.

Docker Support

Tooka also has a Dockerfile for users who want to run it in a container without installing it locally.

This can also be used for:

Sandboxed usage
Reproducible testing
Musl-based builds

Other Notes

No support for Homebrew or Nix yet — still figuring those out. PRs welcome!
I built a minimal download page: https://tooka.deno.dev/download

Feedback Wanted

I’m still learning Rust, packaging, and everything in between. Tooka is just a side project, but I hope others can learn from it, fork it, or even improve on it.

If you have ideas, tips, or questions — I’d really love your feedback! Feel free to open issues, submit PRs, or leave a comment here.

Thanks for reading! ❤️

A Guide to Deleting Your Data from Unused Websites

Benji377 — Tue, 08 Apr 2025 16:35:30 +0000

Introduction

Many of us have experienced this scenario at some point – creating an account for a service, giving it a try, and eventually deciding to move on. Unfortunately, we often neglect to delete these accounts, leaving our personal information lingering on websites. This oversight can lead to unpleasant surprises in the future.

Why Should I Delete My Data?

Creating an account leaves a digital footprint on a service or website. Even if you decide to discontinue using it, your data remains stored, including your email, password, and other personal information. Worse yet, websites may continue using your data for spam emails and tracking purposes.

Another significant concern arises when websites become neglected, exposing them to security vulnerabilities. This puts your information at risk of being stolen, leading to potential identity theft or phishing attacks. To check if your email has been compromised, websites like Have I Been Pwned can help you track incidents of data breaches.

How Can I Delete My Data?

The optimal solution is to use a consolidated account, such as Google, for all your online activities. While this might compromise some privacy, managing a single secure account reduces your overall risk. Google also provides a guide on deleting unused services and apps, ensuring you maintain control over your account's access (Google Account Deletion Guide).

For websites without Google login options, consider using a temporary account (throwaway email and password) for experimental or one-time-use services. Alternatively, create a standard account and search for data deletion options on the website. Many platforms, especially those adhering to European laws, are mandated to offer this service.

Remember to utilize the account deletion option once you're done using a website or app.

Conclusion

While I'm not a security expert, my personal experience has taught me the importance of vigilance. Discovering that old accounts on breached websites exposed my email to unknown entities was a wake-up call. Now, I make it a practice to monitor and promptly delete accounts from websites I no longer need. Being proactive in safeguarding your digital presence is a small step that can have significant security benefits.

Tools to Automate GitHub Projects

Benji377 — Sat, 29 Mar 2025 20:04:37 +0000

Introduction

Automating GitHub projects can significantly streamline your workflow and enhance project efficiency. In this guide, we will explore a selection of free and user-friendly tools to help you fully automate your projects. Please note that setup instructions may vary based on your specific project requirements.

Tools for Automation

1. Automatic Tests and Builds

GitHub Actions

GitHub Actions is a powerful tool for automating builds and tests. By creating a YAML file with instructions, you can seamlessly execute tasks, such as cross-compiling your application for different operating systems. GitHub Actions also supports the execution of applications, allowing you to build and test your code effortlessly. More details can be found here.

2. Check Test Coverage

Codecov

Combine GitHub Action tests with Codecov to keep track of test coverage in your code. Codecov provides insights into how much of your code is covered by tests, ensuring comprehensive testing. You can find Codecov in the GitHub Marketplace, and additional information is available here.

3. Automatic Dependency Management

Dependency management can be challenging, but tools like Dependabot and Renovate Bot can help.

Dependabot

Dependabot not only notifies you of available updates but also manages dependencies by creating branches and pull requests. It alerts you about vulnerabilities in external dependencies. Learn more here.

Renovate Bot

Renovate Bot provides more control over dependency updates. It allows you to gauge the potential impact of new dependencies and easily set up Automerge for automatic pull request merging. Learn about Renovate Bot here.

4. Automatic Anomaly Detection

When collaborating on code, it's crucial to detect anomalies in pull requests. GitHub provides tools to address this issue.

Dependabot

In addition to managing dependencies, Dependabot can alert you to vulnerabilities in external dependencies. Be cautious about its depth in the dependency tree. More details can be found here.

CodeQL

CodeQL focuses on finding vulnerabilities within your code. It runs on each commit and pull request, providing a green check for successful analysis. Check out CodeQL here.

5. Automatic Translations Fetching

If your project involves translations, make the process smoother with Crowdin.

Crowdin

Crowdin simplifies translation management by syncing translations from GitHub to its dashboard. Translators can contribute without interacting with GitHub directly. Learn more about Crowdin here.

6. Automatic Benchmarks

Consider using Bencher to collect and display performance data.

Bencher

Bencher allows you to gather performance data from various sources and set performance change limits. It's a valuable tool for monitoring project performance. Explore Bencher here.

Conclusion

While these tools may take time to set up, the long-term benefits of automation are substantial. Choose tools based on your project's needs, and enjoy the time and effort saved. Providing direct feedback on changes' impact, ensuring security, and keeping translations up-to-date are essential aspects of a well-maintained project. Experiment with these tools, and discover the automation strategy that best suits your workflow.

Grafana Speed Monitor: Setting Up an Internet Monitor with Raspberry Pi

Benji377 — Tue, 11 Mar 2025 11:30:38 +0000

Introduction

Upon moving to a new place, I encountered widespread Wi-Fi complaints, leading technicians to attribute occasional outages to excessive gaming. Skeptical of this explanation, I decided to set up my own Internet monitor using a Raspberry Pi. In this guide, I'll walk you through creating your own monitor to assess and validate your internet speed, potentially debunking misleading claims from your Internet Service Provider (ISP).

Prerequisites

Before diving into the setup, ensure you have the following:

Raspberry Pi or Linux device
SSH access or direct access with monitor and keyboard
Stable power supply for continuous operation

Setup

1. Update and Install Dependencies

Ensure your system is up to date:

sudo apt update && sudo apt upgrade -y

Install necessary packages:

sudo apt-get install -y python3-pip git python3-venv build-tools build-essentials

2. Clone Repository

Clone the internet-pi repository from geerlingguy on GitHub:

git clone https://github.com/geerlingguy/internet-pi.git && cd internet-pi

3. Install Required Tools

Install pipx for managing the Python virtual environment:

python3 -m pip install --user pipx
python3 -m pipx ensurepath
# Logout and log back in for changes to take effect
pipx install --include-deps ansible

4. Configure Ansible

Install Ansible Galaxy requirements:

ansible-galaxy install -r requirements.yml

Install Python requirements:

pip install PyYAML cython

5. Copy Configuration Files

Make copies of the example configuration files and customize them:

cp example.config.yml config.yml
cp example.inventory.ini inventory.ini

6. Modify Configuration

Edit the config.yml file to tailor the monitoring settings to your needs.

nano config.yml

Example Config:

...
# Internet monitoring configuration.
monitoring_enable: true
monitoring_grafana_admin_password: "SuperSecretPassword"
monitoring_speedtest_interval: 10m
monitoring_ping_interval: 5s
monitoring_ping_hosts:  # [URL];[HUMAN_READABLE_NAME]
  - http://www.google.com/;google.com
  - https://github.com/;github.com
...

Tip: Exit with CRTL+X, then press Y to confirm and Enter.

7. Modify Inventory

Edit the inventory.ini file if running the monitor on the Raspberry Pi:

nano inventory.ini

Example Inventory:

[internet_pi]
#10.0.100.52 ansible_user=pi

# Comment out the previous line and uncomment this to run inside Raspberry Pi.
127.0.0.1 ansible_connection=local ansible_user=pi

8. Run the Playbook

Execute the playbook:

ansible-playbook main.yml

If issues arise, check Docker settings with:

nano tasks/docker.yml

Conclusion

Connecting to Grafana

Access the monitor by entering your Raspberry Pi's IP and port 3030 in a web browser, e.g., http://10.0.128.45:3030.

Login Credentials

Username: admin
Password: the one set in the config.yaml file during step 8

Exporting Data

Export historical data by clicking on the three dots in the upper right corner of any widget, selecting Inspect and Data, and choosing export options such as CSV.

Final Thoughts

This monitor served as crucial evidence in addressing internet issues, providing real-time data reflecting the user experience. The Raspberry Pi mimics a typical user, capturing the nuances of the internet connection. Visualizing the data through Grafana is not only informative but also fascinating. Check out my dashboard after just a few days:

Credits

This guide draws heavy inspiration from Jeff Geerling and his comprehensive guide: https://www.jeffgeerling.com/blog/2021/monitor-your-internet-raspberry-pi

Forem: Benji377

OpenMusic - My first Open source project

OpenMusic (formerly SocyMusic)

The Spark of Inspiration

The Learning Curve

The Setback

The Lessons Learned

In Retrospect

Data2Image - Hide Any File Inside a PNG Image

What is Data2Image?

How It Works

Using the Web App

Encoding Files

Decoding Files

Using the CLI

Encode files

Decode files

Using the Library

Node.js Example

Browser Example

Use Cases

The Tech Stack

Contributing

Try It Now!

Visualize Your WiFi Stability in the Linux Terminal with Wavemon

🛠️ How to Install

🧐 Understanding the Dashboard

1. Signal Level (The big bar)

2. RX vs. TX Rates

3. Link Quality

4. The "Retry" Count

💡 Pro Tips

Summary

8 Hidden Linux CLI Gems

💎 The Hidden Gems

1. aria2 - The Ultra-Fast Downloader

Usage:

2. btop - The TUI System Monitor

Usage:

3. duf - Disk Usage/Free (Better df)

Usage:

4. tldr - Manual Pages for Humans

Usage:

5. yt-dlp - The Ultimate Video Downloader

Usage:

6. pv - Pipe Viewer

Usage:

7. plocate - Instant File Search

Usage:

👾 The "Weird" Bonus

8. aplay (ALSA Utils) - Listen to your Data

Usage:

🚀 Additional tools

fzf (Fuzzy Finder)

ripgrep (rg)

bat

How to export indicators from XSOAR to Splunk

Exporting LOLBAS Indicators from XSOAR to Splunk as a Threat Intelligence Feed

Part 1: Setting Up XSOAR

Step 1: Enable LOLBAS Integration

Step 2: Verify LOLBAS Indicators Are Ingested

Step 3: Enable Generic Export Indicators Service

Key Configuration Options:

Part 2: Setting Up Splunk

Reference:

Example inputs.conf Entry for LOLBAS Feed:

Field Notes:

Optional: Add a Workload (Saved Search)

How to Build a Portable Offline Chat Server with a Raspberry Pi

What This Is (and Isn’t)

What You’ll Need

Hardware

Software Tools

Setup Guide

1. Set a Static IP on the Raspberry Pi

2. Turn the Pi Into a Wireless Access Point

3. Connect Internet for Setup

4. Install and Configure Nodogsplash

5. Install and Configure the IRC Server

6. Install a Web IRC Client (Optional)

3. duf - Disk Usage/Free (Better `df`)

Example `inputs.conf` Entry for LOLBAS Feed: