linux-security

There are 15 repositories under linux-security topic.

• trimstray / the-practical-linux-hardening-guide

  This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

  auditcentoschecklistcisguidehardeninglinuxlinux-hardeninglinux-securitymanualopenscappci-dssredhat-enterprise-linuxsecurity
  9851

• bytedance / Elkeid

  Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

  cwppedrhidslinux-securityraspsecurity
  Language:Go 2180

• sleventyeleven / linuxprivchecker

  linuxprivchecker.py -- a Linux Privilege Escalation Check Script

  oscposcp-toolshtblinux-privilege-escalationlinux-securitypentestingsecurityctf-toolspentest-toolshackthebox
  Language:Python 1527

• anti-ddos / Anti-DDOS

  🔒 Anti DDOS | Bash Script Project 🔒

  anti-ddosanti-ddos-protectionbashbash-scriptconfigurationddos-attackslinuxlinux-applinux-desktoplinux-distributionlinux-securitylinux-security-modulelinux-serversecuritysecurity-toolsshellshell-scriptshell-scriptsshellscripttool
  Language:Shell 1126

• microsoft / avml

  AVML - Acquire Volatile Memory for Linux

  linux-securitymemory-forensicsrust
  Language:Rust 838

• nluedtke / linux_kernel_cves

  Tracking CVEs for the linux Kernel

  cvelinuxlinux-kernellinux-securitysecurity-auditsecurity-vulnerabilitytrackertracking-cves
  Language:Vue 733

• Netflix-Skunkworks / stethoscope-app

  A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

  electronendpoint-securityhacktoberfestjavascriptlinux-securitymacos-securitysecurityusable-securitywindows-security
  Language:JavaScript 457

• gustavo-iniguez-goya / opensnitch

  OpenSnitch is a GNU/Linux application firewall

  application-firewalllinux-firewalllinux-securitylinuxfirewallnetwork-analysisnetwork-monitoringanomaly-detectioniptables
  Language:Python 394

• EmreOvunc / Linux-System-Management-Scripts-Tricks

  Linux Security & Linux Hardening & Linux Management & Linux Configuration

  linux-serverlinux-system-administrationlinux-shelllinux-securityiptablesdhcp-serverslinux-userslinux-networkswap-spacelinux-raidlinux-administrationlinux-hardeninglinux-dhcplinux-dnslinux-managementwordpress-installationsquid-proxysquid3linux-proxyhacktoberfest
  Language:Shell 144
• geo-nft

  wirefalls / geo-nft

  Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.

  nftablesnftables-geoipnetfilterfirewallsfirewall-rulesfirewall-configurationlinux-securitylinux-servergeoip-databasenftables-rulesgeo-ipgeoip-locationransomware-preventionmalware-protectionphishing-protectionddos-mitigationanti-malwareddos-protectionanti-phishingip-geolocation
  Language:Shell 113

• jwillyamz / ezEmu

  See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

  purpleteamadversary-emulationsecurity-testinglinux-securitymitre-attack
  Language:C# 102

• tomwechsler / Securing_Linux_Systems

  Linux security with three different distributions (Rocky Linux, Ubuntu and openSUSE)!

  linuxlinux-securityopensuserockylinuxsecurityubuntu
  Language:Shell 71

• Andromeda1957 / LinPwn

  Interactive Post Exploitation Tool

  post-exploitationsecurity-toolssecurityprivilege-escalationenumerationlinux-security
  Language:C++ 37

• TimesysGit / meta-timesys

  Vulnerability management tool that provides Yocto SBOM generation and CVE Analysis of target images.

  cveyocto-securitysecurity-vulnerabilityvigiles-cve-scannerlinux-securityyocto-linux-securitycve-scanningyocto-cve-analysisyocto-sbomspdx-sbom
  Language:BitBake 35

• parazyd / protecc

  Linux kernel module to fight against police terror

  police-terrorkillswitchphysical-securitykernel-modulelinux-securitylinux-kernel
  Language:C 29

• node3 / Linux-Security-Module

  Kernel programming: This is a simple kernel module implementation for enforcing access control policies using Linux Security Module framework.

  lsmlinux-kernellinux-security
  Language:C 28

• bcoles / so-check

  Checks for search order privilege escalation vectors in system environment, system shared objects and executable files in $PATH.

  privesclinux-auditlinux-security
  Language:Shell 17

• bcoles / linux-audit

  Lazily wraps various Linux system auditing tools

  linux-auditlinux-security
  Language:Shell 16

• Alterant / Tutorials

  Easy way to automate the complex task

  qnxqnx7security-vulnerabilitysecurity-toolssecurity-automationsecurity-auditsecurity-testingsecurity-hardeningsecurity-scannerhackinglinuxlinux-securitylinux-hacking-toolsyocto-linux-securitypentestingsecurity-teamvulnerability-assessment
  Language:HTML 14
• Linux-Basic-to-Advanced-Notes

  MaheshShukla1 / Linux-Basic-to-Advanced-Notes

  In-depth notes on Linux fundamentals, including command line usage, file system hierarchy, shell scripting, and essential tools for beginners and advanced users.

  command-linecybersecuritylinuxlinux-commandslinux-learninglinux-securitylinux-tutorialnetworkingshell-scriptingsystemadministrationlinux-operating-systemlinux-tips
  14

• foxcpp / audit_pretty

  Linux Auditing System logs pretty printer

  linux-auditlinux-securitysecurity
  Language:Python 12

• TimesysGit / vigiles-buildroot

  Vulnerability management tool that provides Buildroot SBOM generation and CVE Analysis of target images.

  cvebuildrootlinux-securitycve-scanningbuildroot-cvebuildroot-cve-analysisbuildroot-securitybuildroot-sbomspdx-sbom
  Language:Python 9

• TimesysGit / vigiles-openwrt

  Vulnerability management tool that provides OpenWRT SBOM generation and CVE Analysis of target images.

  openwrtcvecve-scanninglinux-securityopenwrt-cveopenwrt-securityopenwrt-sbomspdx-sbom
  Language:Python 9

• Brets0150 / DiamondHardLAMP

  A script to build and manage a Diamond Hard secure Linux, Apache MariaDB, PHP(LAMP) Webhosting server. Builds and configure a LAMP stack with AppArmor, ModSecurity, ClamAV, LetsEncrypt, Fail2Ban, OSSEC, and UnattendedUpgrades.

  lamp-stacklamp-setuplamp-serversecurity-toolslinux-hardeningubuntu-hardeninglinux-securityhardening
  Language:Shell 8

• Truvis / Splunk_TA_Truvis_Linux_History

  linuxsplunksplunk-applicationsplunk-addonhistorylinux-shelllinux-applinux-securitylinux-auditauditauditingaudit-loghistory-management
  7

• foxcpp / ttyprompt

  Ask for passwords on different tty to combat X11 keyloggers

  gnupgpinentrylinux-security
  Language:Go 6

• LazyAlpaka / ifrit

  Incident Forensic Response In Terminal script for linux

  dfirforensicincident-responselinuxlive-responsescriptshellterminaltriagebest-practicesinformation-gatheringinformation-securitylinux-securitycollection
  Language:Shell 6

• vivekcheravally / Linux-Security

  Preventing unauthorized invocation of open system call in Linux by running processes in sand-boxed environments using capability based authorization implemented in user space.

  linuxsecurity-hardeningoperating-systemcapability-basedaccess-controlsandboxinglinux-securityuserspaceuserspace-librarieswrapper-library
  Language:C 5

• Yanixos / sic

  Linux File Integrity Checker

  linux-securityfile-checksumfile-integrity-monitoring
  Language:Python 5

• Connorapple / PortScanBlocker

  A Cybersecurity tool to detect and block IPs conducting port scans on a host machine.

  cybersecuritycyber-securityport-scanningip-blockerip-blockingiptables-firewalliptableslinux-securitytcp
  Language:Python 4

• foxcpp / secutils

  Random security-related scripts for Linux systems

  securitylinux-security
  Language:Python 4

• HarryR / cummiboot

  Encrypted PCR locked EFI Linux bootloader with Microsoft Pluton

  efilinux-securitysecureboottpm2
  Language:C 4

• ramirak / LinuxSecuritySuite

  Secure your Linux machine by blocking unwanted traffic and monitor your system

  iptables-firewalllinux-securitypacket-filteringpython3security-suiteblock-listnetwork-discoverysnapshot-backup
  Language:Python 4

• samuelerickson977 / initharden

  A hardening script for Ubuntu 22.04 x86-64

  linuxlinux-hardeninglinux-securityubuntu2204lts
  Language:Shell 4

• alokemajumder / Ubuntu-Security-Hardening-Script

  This script automates the scanning process using the OpenSCAP Security Guid to hardening Ubuntu systems, aligning with DISA-STIG compliance for Ubuntu 20.04 LTS minimum. It includes a range of security enhancements and configurations designed to strengthen the security posture of Ubuntu servers.

  disa-stiglinuxlinux-hardeninglinux-securityopenscapsecurity-enhanced-linuxsecurity-toolsserver-hardeningserver-securityshell-scriptubuntuubuntu-server
  Language:Shell 3

• felipefacundes / Arch

  How to Install ArchLinux in an easy and intuitive way

  arch-linuxarchlinuxlinuxlinux-applinux-desktoplinux-kernellinux-securitylinux-security-modulelinux-serverlinux-servicelinux-setuplinux-shell
  Language:HTML 3