Open Source

The traditional VPN is dying. Not hyperbole — enterprise security teams are actively replacing perimeter-based access with zero-trust architectures. And Firezone is one of the most compelling open-source options in this space right now. After spending a week testing it on a $6 DigitalOcean VPS, here’s what stood out — and what didn’t. So first, the one-liner: Firezone is an open-source (Apache 2.0) zero-trust access platform built entirely on WireGuard. It gives teams resource-level access control with default-deny policies, SSO sync from Google Workspace or Microsoft Entra ID, and NAT hole-punching. You self-host it on a cheap VPS, or go with their managed cloud tier. Either way, the same Gateways work in both modes — so migrating later doesn’t hurt. ...

And the ads on Android have gotten worse — full-screen popups in free games, trackers embedded in utility apps, and video ads that buffer for 5 seconds before they even play. You can install AdGuard or Blokada and they work … up to a point. But they drain battery running as persistent services. Here’s the short answer: BlockAds is a free, open-source Magisk module that blocks ads at the system level without running a background app. And it uses curated host files from OISD and 1Hosts to catch ads and trackers before they even reach your phone. ...

Firezone: open-source zero-trust via WireGuard with Docker self-hosted deploy. Quick review of features, pricing, and comparison to Tailscale and Netbird.

You know the scenario. So you’re deep in a security assessment, and something about the HTTP traffic feels off. The response body looks different from what the frontend expects, or a third-party API call is silently failing. You need to intercept it, inspect it, maybe replay it — but spinning up BurpSuite just for a quick look feels like overkill. Here’s the short answer: Proxify is the lightweight alternative. It’s an open-source MITM proxy from ProjectDiscovery (the team behind Nuclei, 22K★) that captures, manipulates, and replays HTTP/HTTPS traffic — all from a single Go binary. The project sits at 3K★ on GitHub, ships in under 15MB, and has Docker images ready to go. And because it’s from ProjectDiscovery, you know the tooling DNA is solid. ...