looks cool! Forgive my ignorance, but what's the adv of this over using Docker on WSL2?

for me, the advantages are:

* In WSL2 I don't need to worry about, ports, mounts and data persistence (I think this is possible in docker but it needs more setup work)

* I don't need docker desktop running

in the end I think that both can solve the problem, I myself prefer wsl for my day to day tasks.

fyi docker works perfectly fine in wsl on Ubuntu and other distro using the standard installation method on Linux, no docker desktop needed.

i agree. why fix something that's not broken :D

sorry noob q, but do you mean that the company probably didn't think to search for the unencrypted traffic? I'm not sure if I understand why the encapsulated traffic being unencrypted is "advantageous" for the adversary

I think it's just that most scanning tools aren't trying to unwrap a TCP packet inside a TCP packet, so it bypassed their naive filters. Once a researcher spotted it, it was trivial to unwrap, but automated tooling would just see it as the outer TCP packet with some opaque data inside of it.

I would assume that the attacker's destination IP would show up on some dashboards somewhere though...

looks very cool prob a dumb q, but why is this geared specifically for hackers?

Most of the services we've developed at https://pico.sh are more-so geared to "power users". It was difficult to quantify that in a single word so hackers is where we landed. Being users of HN ourselves, it felt like the right term but any pico.sh service is open to anyone!