Linux

Bash script for blocking domain access on Linux via iptables/ip6tables rules

Endian Firewall Community is a free, open-source Linux-based firewall solution that provides network security, VPN access, email protection, and traffic management features for home networks.

An open-source application firewall that monitors and controls network traffic with custom filtering rules and real-time visibility into application connections.

A comprehensive guide on Linux persistence mechanisms, focusing on scheduled tasks and jobs, their implementation, detection, and hunting strategies.

A comprehensive repository of red teaming resources including cheatsheets, detailed notes, automation scripts, and practice platforms covering multiple cybersecurity domains.

Kunai is a Linux-based system monitoring tool that provides real-time monitoring and threat hunting capabilities.

A next-generation file integrity monitoring and change detection system

A comprehensive Linux log analysis tool that streamlines the investigation of security incidents by extracting and organizing critical details from supported log files.

A collection of YARA rules for Windows, Linux, and Other threats.

An article in Phrack Magazine discussing the creation of shellcode for StrongARM/Linux architecture.

Scripts to automate the process of enumerating a Linux system through a Local File Inclusion (LFI) vulnerability.

mkCTF is a framework for creating and managing jeopardy-style CTF challenges with configurable structure and automated deployment capabilities.

A comprehensive guide to hardening OpenLDAP on Linux using AppArmor and systemd, providing a defense in depth approach to securing LDAP deployments.

A Linux privilege escalation auditing tool that identifies potential kernel vulnerabilities and suggests applicable exploits based on system analysis.

A bash-based anti-forensic script that monitors USB ports and triggers system shutdown when unauthorized devices are detected.

Modular Threat Hunting Tool & Framework

Drltrace is a dynamic API calls tracer for Windows and Linux applications.

The best security training environment for Developers and AppSec Professionals.

Open source application for retrieving passwords stored on a local computer with support for various software and platforms.

An anti-forensic Linux Kernel Module kill-switch for USB ports.

Instructions for setting up SIREN, including downloading Linux dependencies, cloning the repository, setting up virtual environment, installing pip requirements, running SIREN, setting up Snort on Pi, and MySQL setup.

Clevis is a pluggable framework that enables automated decryption of data and LUKS volumes through a pin-based plugin system.

Makes output from the tcpdump program easier to read and parse.

Fail2ban is a daemon that automatically bans IP addresses showing malicious behavior by monitoring log files and updating firewall rules to prevent brute-force attacks.