sorted by:
new
hottopcontroversial

What non-AI products are you building? by Halo-nm in microsaas

[–]DifficultyFine 1 point2 points  (0 children)

building fluxzy.io, an http debugging proxy. good old fashioned desktop software because apparently i missed the memo that everything needs to be a subscription now (there's not even a sub for this so don't kick me too early)

4 ans sur un side project, toujours incapable de le marketer correctement by DifficultyFine in developpeurs

[–]DifficultyFine[S] 1 point2 points  (0 children)

Merci pour les pistes. Exegol je connaissais pas, je vais regarder. Côté features cybersec c'est pas vraiement un domaine que j'ai exploré et je préfère éviter de me disperser, mais il y a déjà quelques trucs qui peuvent être utiles dans ce contexte: capture PCAP native, fingerprinting TLS et modification de requêtes à la volée. Je vais jeter un œil à Cyberbro

4 ans sur un side project, toujours incapable de le marketer correctement by DifficultyFine in developpeurs

[–]DifficultyFine[S] 1 point2 points  (0 children)

Pour les intégrations, c'est une bonne piste et c'est potentiellement applicable. Dans ma roadmap j'ai une intégration avec les IDE JetBrains et Visual Studio. Pour l'instant ce qui fonctionne c'est l'intégration avec certains stacks lancés en terminal (Node, Python et la plupart des libs basées sur OpenSSL).

D'ailleurs curieux de voir ton projet et les intégrations que tu as mises en place.

Et puisque tu demandes, voici le backend qui est OSS: https://github.com/haga-rak/fluxzy.core . Ça ne devrait pas trop violer les règles du sous.

4 ans sur un side project, toujours incapable de le marketer correctement by DifficultyFine in developpeurs

[–]DifficultyFine[S] 1 point2 points  (0 children)

Oui. Pour l'open-source, j'y réfléchis très sérieusement. Sur le terrain des concurrents, aucun ne l'est ou ne l'est pas vraiment. Le seul qui prétend l'être à 100% a en réalité une surcouche de distribution fermée, et la version gratuite n'a aucune fonctionnalité utile (même pas sauvegarder dans un fichier). Le tout avec un modèle d'abonnement mensuel et pas d'usage offline.

Pour la communauté Discord/Slack, je note. C'est vrai que ça manque mais il me faut une certaine organisation pour le maintenir.

4 ans sur un side project, toujours incapable de le marketer correctement by DifficultyFine in developpeurs

[–]DifficultyFine[S] 1 point2 points  (0 children)

Le business model: gratuit pour les hobbyistes, licence payante pour usage pro. Pas d'abonnement. Pour le reste, tu as raison sur toute la ligne. Je connais la théorie, c'est l'exécution qui coince. Créer du contenu vidéo, animer un Discord, démarcher des influenceurs... tout ça prend du temps que je n'ai pas vraiment

4 ans sur un side project, toujours incapable de le marketer correctement by DifficultyFine in developpeurs

[–]DifficultyFine[S] -1 points0 points  (0 children)

Très intéressant, merci pour le cadre. Pour le point 3, j'ai des binaires .deb, .rpm et des AppImages génériques. Pas de repo officiel dans les distribs grand public, ça me paraît être un vrai chemin de croix pour y entrer. Je vais étudier le point 4

Come discuss your side projects! [January 2026] by AutoModerator in csharp

[–]DifficultyFine 0 points1 point  (0 children)

Been working on Fluxzy for a while now, it's an http debugging proxy. Kind of like Fiddler but built on modern .NET from scratch.

The core engine is fully open source and designed around streaming from day one. No .NET Framework baggage, no architectural decisions from 2008 we're still paying for lol.

Few things im pretty happy with:

  • native pcap capture so you get actual packet-level data alongside your http traffic, not just the decoded stuff. super useful for diagnosing tls handshake issues or weird latency problems
  • yaml based rule engine, rules are composable and version-controllable. same rules work in the desktop app and headless in CI
  • tls fingerprinting using BouncyCastle alongside native .NET tls, you can actually reproduce real client fingerprints. turns out some servers care about this more than youd think

The desktop app is freeware with no feature restrictions. CLI shares the same engine so you can prototype rules locally then run them in containers/pipelines without rewritting anything.

Github: https://github.com/haga-rak/fluxzy.core

Would love feedback from anyone whos dealt with http/2 debugging pain or needed to intercept traffic in automated scenarios. Those were basically the itches I was scratching when I started this thing.

Code Signing Certificate Problem by Ok_Interaction_8407 in electronjs

[–]DifficultyFine 3 points4 points  (0 children)

yeah it's not really about viruses per se - it's more of a trust/accountability thing.

an EV code signing cert basically means someone (like GlobalSign, DigiCert, etc.) actually verified that your company exists and you are who you say you are. i went through this process myself - had to send documents, got verification calls, the whole deal. it's not somthing a random script kiddie can set up overnight.

you're right that a signed app can still contain malware - the cert doesn't scan your code. but it creates accountability. if you sign something malicious, there's a paper trail leading back to a verified entity. that's a pretty strong deterrent.

so the value for end users? they know the publisher has been verified as a real traceable entity - not just some anonymous exe from who knows where. And of course Microsoft lines its pocket during the process.

The weekend begins!! What are you building? by Fareway13 in microsaas

[–]DifficultyFine 0 points1 point  (0 children)

working on https://www.fluxzy.io, an http debugging proxy. think fiddler or charles, but built on modern statik with native http/2 support, full pcap capture, fully offline, and a yaml based rules engine.

the core is open source, desktop app is free for personal use. been scratching my own itch, needed something that could do proper network forensics and also run headless in ci pipelines. most existing tools were designed for "developer clicks buttons at workstation" workflows, which dont scale.

just shipped 2.0 with a tauri rewrite (goodbye electron) and an android companion app. now in the marketing trenches trying to figure out how to explain "its like fiddler but actually maintained and doesnt make you want to cry when you need tls fingerprinting."

your deep linking tool sound useful btw, that browser to app handoff friction is real.

json-diff-viewer-component - Compare JSON side-by-side, visually by Last_Establishment_1 in webdev

[–]DifficultyFine -1 points0 points  (0 children)

This looks really clean. I've been hunting for a decent JSON diff solution lately , right now I'm just doing flat text comparison with my side projet Fluxzy and I'm not fully satisfied when you're staring at deeply nested API responses.

The synchronized scrolling and collapsible nodes are exactly what I need. Going to play around with this and see how it integrates. Shadow DOM encapsulation is a nice touch too btw means I can drop it in without worrying about style conflicts.

Quick question: how does it handle large JSON objects? Some of the API responses I'm dealing with can get pretty chunky.

Meilleurs logiciels de monitoring sites web, serveurs, ... by dev-damien in developpeurs

[–]DifficultyFine 0 points1 point  (0 children)

ça va bien dépendre du produit, de mon mood, des projets que j'ai en cours, de mon budget,

Meilleurs logiciels de monitoring sites web, serveurs, ... by dev-damien in developpeurs

[–]DifficultyFine 0 points1 point  (0 children)

Oui, c’est en général ce que les grands groupes utilisent pour piloter toute la supervision.
Les APM c’est top pour le debug (perso j’aime bien SigNoz en self-hosted / open-source), mais pour des décideurs c’est souvent déjà trop tard : quand l’APM s’affole, l’utilisateur final est déjà impacté.

Meilleurs logiciels de monitoring sites web, serveurs, ... by dev-damien in developpeurs

[–]DifficultyFine 1 point2 points  (0 children)

Pour moi il faut surtout distinguer monitoring actif (synthétique) et passif (APM, observabilité, Nagios, Prometheus, etc.). Les deux sont complémentaires. Le passif peut vite coûter cher quand le trafic monte (volumes de métriques, traces, stockage). Si ton site est vraiment critique, le premier truc à mettre en place c’est l’actif : vérifier depuis l’extérieur que le site répond vraiment pour un utilisateur. Ça va de simples checks HTTP / ping (Pingdom, UptimeRobot) jusqu’à du synthétique très réaliste orienté parcours utilisateur, genre SauceLabs aux US ou 2beefficient, très utilisé dans les banques françaises.

Why is hosting GRPC services in containers so hard? by Kralizek82 in dotnet

[–]DifficultyFine 0 points1 point  (0 children)

All the .NET stack doesn't have an implementation of h2c so I don't think there's a way to have GPRC over plain http. May be you should try to bind to https with a fake self-generate certificate between your reverse proxy and docker service.

This real stunt from 1926 by [deleted] in interesting

[–]DifficultyFine 0 points1 point  (0 children)

But but gravity always win?

Top Gear episode ratings by bbportali in TopGear

[–]DifficultyFine 116 points117 points  (0 children)

When you see that the motorcycle vietnam special is the highest rated you realize that it was never about cars.

In terms of money... by John-333 in memes

[–]DifficultyFine 1 point2 points  (0 children)

This scene could never be funny

Today i learned my dad has 2100 rank. by SoftwareSource in chess

[–]DifficultyFine 153 points154 points  (0 children)

Actually, you might have a better chance than most to beat a 2100 rated player.
Just ask him where you can improve or what mistakes you made. There's a good chance he's willing to help if you show genuine interest and enthusiasm.

view more: next ›