Data

Tools

Indexes

Applications

Experiments

Awesome

An open API service indexing awesome lists of open source software.

Projects in Awesome Lists tagged with linux-security

A curated list of projects in awesome lists tagged with linux-security .

https://github.com/trimstray/the-practical-linux-hardening-guide

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

audit centos checklist cis guide hardening linux linux-hardening linux-security manual openscap pci-dss redhat-enterprise-linux security

Last synced: 14 May 2025

https://github.com/bytedance/elkeid

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

cwpp edr hids linux-security rasp security

Last synced: 14 May 2025

https://github.com/bytedance/Elkeid

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

cwpp edr hids linux-security rasp security

Last synced: 30 Mar 2025

https://github.com/microsoft/avml

AVML - Acquire Volatile Memory for Linux

linux-security memory-forensics rust

Last synced: 14 May 2025

https://github.com/always-further/nono

Secure, kernel-enforced sandbox CLI and SDKs for AI agents. Capability-based isolation with secure key management, atomic rollback, cryptographic immutable audit chain of provenance. Run your agents in a zero-trust environment.

agent agentic-ai ai-agent-security ai-agents ai-security code-execution cybersecurity isolation linux-security llm mcp open-source prompt-injection runtime-security sandbox security sigstore supply-chain-security zero-trust

Last synced: 09 May 2026

https://github.com/netflix-skunkworks/stethoscope-app

A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

electron endpoint-security hacktoberfest javascript linux-security macos-security security usable-security windows-security

Last synced: 05 Apr 2025

https://github.com/Netflix-Skunkworks/stethoscope-app

A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

electron endpoint-security hacktoberfest javascript linux-security macos-security security usable-security windows-security

Last synced: 30 Mar 2025

https://github.com/wirefalls/geo-nft

Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.

anti-malware anti-phishing ddos-mitigation ddos-protection firewall-configuration firewall-rules firewalls geo-ip geoip-database geoip-location ip-geolocation linux-security linux-server malware-protection netfilter nftables nftables-geoip nftables-rules phishing-protection ransomware-prevention

Last synced: 12 Jul 2025

https://github.com/timesysgit/meta-timesys

Vulnerability management tool that provides Yocto SBOM generation and CVE Analysis of target images.

cve cve-scanning linux-security security-vulnerability spdx-sbom vigiles-cve-scanner yocto-cve-analysis yocto-linux-security yocto-sbom yocto-security

Last synced: 02 Apr 2026

https://github.com/nisamov/linuxcommands

🔵 Linux Commands es un repositorio creado para servir como guía y apoyo a usuarios o administradores de sistemas Linux

bash cheatsheet cli cmdline command-line devops learning linux linux-cheatsheet linux-commands linux-security linux-shell list shell shell-script sysadmin system-administration terminal tools unix

Last synced: 18 May 2026

https://github.com/parazyd/protecc

Linux kernel module to fight against police terror

kernel-module killswitch linux-kernel linux-security physical-security police-terror

Last synced: 23 Mar 2025

https://github.com/rfxn/brute-force-detection

Brute force detection with exponential-decay pressure scoring, 57 service rules, 8 firewall backends, GeoIP enrichment, and multi-channel alerting

bash brute-force-detection fail2ban-alternative firewall intrusion-prevention iptables linux-security log-analysis

Last synced: 12 Apr 2026

https://github.com/gensecaihq/ubuntu-security-hardening-script

This script automates the scanning process using the OpenSCAP Security Guid to hardening Ubuntu systems, aligning with DISA-STIG compliance for Ubuntu 20.04 LTS minimum. It includes a range of security enhancements and configurations designed to strengthen the security posture of Ubuntu servers.

disa-stig linux linux-hardening linux-security openscap security-enhanced-linux security-tools server-hardening server-security shell-script ubuntu ubuntu-server wbfoss

Last synced: 06 Oct 2025

https://github.com/tomwechsler/securing_linux_systems

Linux security with three different distributions (Rocky Linux, Ubuntu and openSUSE)!

linux linux-security opensuse rockylinux security ubuntu

Last synced: 08 Oct 2025

https://github.com/wbfoss/ubuntu-security-hardening-script

This script automates the scanning process using the OpenSCAP Security Guid to hardening Ubuntu systems, aligning with DISA-STIG compliance for Ubuntu 20.04 LTS minimum. It includes a range of security enhancements and configurations designed to strengthen the security posture of Ubuntu servers.

disa-stig linux linux-hardening linux-security openscap security-enhanced-linux security-tools server-hardening server-security shell-script ubuntu ubuntu-server wbfoss

Last synced: 11 Apr 2025

https://github.com/elliotsecops/system-monitor

A Bash script to monitor and display real-time CPU, memory, and disk usage of your system. The script refreshes every 5 seconds and includes error handling for robustness. // Un script Bash para monitorizar y mostrar en tiempo real el uso de CPU, memoria y disco de tu sistema. El script se actualiza cada 5 segundos e incluye gestión de errores.

bash-script linux-security security-audit sysadmin sysadmin-tool

Last synced: 24 Mar 2025

https://github.com/foxcpp/audit_pretty

Linux Auditing System logs pretty printer

linux-audit linux-security security

Last synced: 30 Oct 2025

https://github.com/nexusone23/noid-privacy-linux

🛡️ Privacy & Security Audit for Linux Desktops — 300+ checks, 42 sections, zero dependencies, pure Bash. AI-powered fixes with --ai flag.

ai-tools audit bash cybersecurity debian desktop-security fedora hardening linux linux-desktop linux-security noid-privacy privacy privacy-audit privacy-tools security security-audit shell-script ubuntu zero-dependencies

Last synced: 30 Apr 2026

https://github.com/foxcpp/ttyprompt

Ask for passwords on different tty to combat X11 keyloggers

gnupg linux-security pinentry

Last synced: 17 Dec 2025

https://github.com/foxcpp/secutils

Random security-related scripts for Linux systems

linux-security security

Last synced: 24 Mar 2025

https://github.com/jsmoreira02/catbinaries

Tool to make privilege escalation on linux systems easier, using GTFObins (get the f*** out Binaries) techniques

gtfobins hacking hacking-tool linux-security privilege-escalation shell-script

Last synced: 03 Aug 2025

https://github.com/lucho-a/auditing-linux

Script for auditing Linux (in particular Red Hat) plattforms in C, Ansi-style

auditing c-programming linux-security security-audit

Last synced: 04 Apr 2026

https://github.com/shroudsourav/linux-essentials-for-hackers

This repository will contain Linux basic commands which is going to help the user navigate and learn how to use the linux efficiently

commands-cheatsheet kali-linux linux linux-security linux-shell terminal

Last synced: 21 Feb 2026

https://github.com/Mutasem-mk4/procscope

Zero-overhead eBPF process tracer for Linux malware triage and incident response. Traces syscalls, network, and file events per-process without strace overhead.

bpf cli container-security ebpf forensics golang incident-response kali-linux kubernetes-security linux-security malware-analysis monitoring observability process-monitoring reverse-engineering runtime-security security-tools threat-detection threat-hunting tracing

Last synced: 28 Apr 2026

https://github.com/nstarke/embedded_linux_audit

A Set of tools for Auditing Embedded Linux Hosts

embedded environment-variables linux-security reverse-engineering u-boot uboot

Last synced: 01 Apr 2026

https://github.com/h2337/ghostscan

A modern, Rust-powered Linux scanner that unmasks hidden rootkits, stealthy eBPF tricks, and ghost processes in one fast sweep (45+ scanners)

antivirus linux-security malware-detection rootkit-detection scanner security security-scanner security-tools

Last synced: 09 Oct 2025

https://github.com/flashnuke/ssh-door

A stealth SSH backdoor leveraging PAM shared object (.so) injection to bypass authentication and gain SSH access.

authentication-bypass backdoor cybersecurity ethical-hacking linux linux-security offensive-security openssh pam pam-authentication pam-module pentesting security ssh ssh-backdoor

Last synced: 09 Mar 2026

https://github.com/lousclues-labs/vigil

Linux file integrity monitor. Kernel-level filesystem watching, BLAKE3 hashing, HMAC-chained audit trail. Silent by default, local by design, deeply paranoid.

audit-trail baseline blake3 file-integrity-monitoring filesystem-monitor intrusion-detection linux-security

Last synced: 03 May 2026

https://github.com/gunh0/os-security-hub

🛡️ A comprehensive security auditing and hardening toolkit for multiple operating systems. Features automated compliance checks and security assessment tools based on industry standards and official security guidelines.

compliance golang hardening linux-security security security-audit security-scanning ubuntu xenserver

Last synced: 16 May 2026

https://github.com/defensia/agent

Lightweight security agent for Linux servers — SSH brute force, WAF, bot detection, Docker/Kubernetes native. Deploy via curl, Docker, Helm.

bot-detection brute-force container-security daemonset docker firewall go helm helm-chart intrusion-detection kubernetes linux linux-security owasp security server-security ssh waf

Last synced: 13 Apr 2026

https://github.com/false-systems/syva

Kernel-level eBPF enforcement for existing Kubernetes clusters. 7 LSM hooks watch every open, exec, kill, ptrace, and cgroup move — no runtime replacement needed.

bpf container-security containerd containers ebpf isolation kubernetes linux-security lsm rust

Last synced: 21 Apr 2026

https://github.com/gustavo-iniguez-goya/decloaker

A simple tool to uncover files, directories, and connections hidden by malware.

forensic-analysis forensics-tools linux-security malware-detection rootkit-detection security-scanner

Last synced: 25 Apr 2026

https://github.com/nevinshine/telos-runtime

A closed-loop security runtime preventing "The Great Exfiltration" and Indirect Prompt Injection in Autonomous AI Agents.

agentic-ai ebpf golang linux-security llm-security lsm prompt-injection python runtime-security systems-research taint-tracking xdp zero-trust

Last synced: 01 Feb 2026

https://github.com/zyazosk/seculogrt

A real-time Linux Security Event Monitoring System built and tested on Arch Linux, using a FastAPI WebSocket backend and a React frontend.

arch-linux fastapi linux-security log-analysis reactjs real-time-monitoring websocket

Last synced: 09 May 2026

https://github.com/hosteons/fail2ban-auto-installer-with-jail

This script installs and configures Fail2Ban with automatic detection of available services (SSH, Apache, Nginx), and enables appropriate jails by hosteons.com

almalinux auto-installer bash-script brute-force brute-force-protection centos debian fail2ban fail2ban-script firewall hosteons linux-security server-hardening ssh-protection ubuntu

Last synced: 08 May 2026

https://github.com/alexandreboutrik/bouclier-bleu

A modular Next-Generation Antivirus (NGAV) and Endpoint Detection & Response (EDR) for Linux, leveraging eBPF (LSM) and Rust for memory-safe userland.

bpf-lsm c ebpf edr libbpf linux-security ngav ransomware rust telemetry

Last synced: 21 Apr 2026

https://github.com/labex-labs/hands-on-network-scanning-with-nmap-on-linux

Master network scanning with Nmap on Linux! Learn practical techniques for host discovery, port scanning, OS detection, and firewall evasion through hands-on labs.

command-line course cybersecurity ethical-hacking hands-on labex labs linux-security linux-tools network-analysis network-scanning network-security nmap penetration-testing port-scanning programming scripting security-auditing

Last synced: 09 Feb 2026

https://github.com/hosteons/linux-malware-scanner

A simple one-click script to scan your Linux server for rootkits and malware using ClamAV and RKHunter. Automatically installs required tools, updates virus definitions, and performs a thorough scan. Ideal for Ubuntu, Debian, CentOS, and AlmaLinux. Maintained by Hosteons.com

almaliux bash-script centos clamav debian hosteons linux linux-security malware-scanner rkhunter rootkit-scanner system-security ubuntu vps-security

Last synced: 28 Apr 2026

https://github.com/u66u/securotron

A simple and user-friendly shell tool to increase security on linux distributions

bash config linux linux-security secure security security-tools shell ssh utility

Last synced: 08 May 2026