There are 15 repositories under linux-security topic.
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.
linuxprivchecker.py -- a Linux Privilege Escalation Check Script
Tracking CVEs for the linux Kernel
A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.
OpenSnitch is a GNU/Linux application firewall
Linux Security & Linux Hardening & Linux Management & Linux Configuration
Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.
See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)
Linux security with three different distributions (Rocky Linux, Ubuntu and openSUSE)!
Interactive Post Exploitation Tool
Vulnerability management tool that provides Yocto SBOM generation and CVE Analysis of target images.
Kernel programming: This is a simple kernel module implementation for enforcing access control policies using Linux Security Module framework.
Checks for search order privilege escalation vectors in system environment, system shared objects and executable files in $PATH.
In-depth notes on Linux fundamentals, including command line usage, file system hierarchy, shell scripting, and essential tools for beginners and advanced users.
Vulnerability management tool that provides Buildroot SBOM generation and CVE Analysis of target images.
Vulnerability management tool that provides OpenWRT SBOM generation and CVE Analysis of target images.
A script to build and manage a Diamond Hard secure Linux, Apache MariaDB, PHP(LAMP) Webhosting server. Builds and configure a LAMP stack with AppArmor, ModSecurity, ClamAV, LetsEncrypt, Fail2Ban, OSSEC, and UnattendedUpgrades.
Incident Forensic Response In Terminal script for linux
Preventing unauthorized invocation of open system call in Linux by running processes in sand-boxed environments using capability based authorization implemented in user space.
A Cybersecurity tool to detect and block IPs conducting port scans on a host machine.
Secure your Linux machine by blocking unwanted traffic and monitor your system
A hardening script for Ubuntu 22.04 x86-64
This script automates the scanning process using the OpenSCAP Security Guid to hardening Ubuntu systems, aligning with DISA-STIG compliance for Ubuntu 20.04 LTS minimum. It includes a range of security enhancements and configurations designed to strengthen the security posture of Ubuntu servers.
How to Install ArchLinux in an easy and intuitive way