Bauh

It's a little surprising that while there are battles being fought on the distro for which packaging format to use, the same revolution hasn't really affected the GUIs used to install them. Gnome's Software Center and KDE's Discovery are slowly incorporating new features, but they've changed very little in recent years. Distro-specific applications like elementary's AppCenter and Ubuntu's package and Snap stores can feel a little more like "app stores," but there's still plenty of room for other applications to innovate. And Arch Linux, with its multifarious packaging formats and its incredible user package repository, is one of the best places to try out any new ideas, especially one that aims to bridge the brave new worlds of Flatpak, Snap, and the AUR itself.

Bauh (pronounced ba-oo, apparently) attempts to do this by wrapping support for Flatpak, Snap, and AUR packaging types within its own simple discovery and package management UI. The best thing about Bauh is that it's very easy to use, and it makes a refreshing change to the command line or a package manager that has its origins in the crazy world of Debian or RPM dependencies. This is mostly thanks to its excellent design, which will first check and list any installed package for updates before letting you easily switch between whichever back end you prefer, as well as searches for installed and uninstalled packages. Packages can be installed with a simple click; the clean design always makes it clear whether you're installing a Flatpak, Snap, or AUR package, all of which are handled automatically and can be disabled individually if you'd rather not have results littered with AUR packages, for instance. It's obviously early days, but if this simple design continues while the application becomes more complex, Bauh is going to be a brilliant package manager.

One great little feature of Bauh is that it attaches itself to the system tray, so you can quickly ascertain whether any of your third-party packages need updating.

Project Website

https://github.com/vinifmor/bauh

Online security

Amass

The Open Web Application Security Project's Amass project (also known as OWASP Amass) is a serious tool that's been developed to help security experts analyze network traffic to and from a specific domain and its subdomains. It includes data gathering techniques built around open source information gathering that can be used to scan any domain and help identify potential targets, obviously in the hope you can fix them before anyone else uses Amass on your own sites. Its capabilities include basic enumeration and reverse DNS sweeping, certificate tracking, online API use, and access to web archives. A session will typically start with the intel argument, which you can use to find out more information about your selected domain. You can then get specific details using enum and generate images for analysis with viz. With that done, you can monitor changes in your analysis with the track command.

All of this control comes from the command line and the amass command. At its simplest, you can use amass with the enum argument for DNS enumeration against a domain name. This will return all the subdomains for a given domain. Similarly, you can use the net argument to effectively scan a network range using a CIDR for a slice of the same kind of information across a set of IP addresses. You don't need to be a security expert to get some value from all of this, because Amass can help you probe and better understand all kinds of domain infrastructure. It will also let you go deep into what systems might be exposed and where in a way that isn't otherwise easily achievable, especially with a single tool.

The HTML visualizations generated by Amass use the D3 JavaScript framework to create complex, beautiful, and bouncily interactive output.

Project Website

https://github.com/OWASP/Amass