Linux

Cilium is a networking, observability, and security solution with an eBPF-based dataplane.

A wrapper around jNetPcap for packet capturing with Clojure, available for Linux and Windows.

HoneyDrive is the premier honeypot Linux distro with over 10 pre-installed honeypot software packages and numerous analysis tools.

A daemon for blocking USB keystroke injection devices on Linux systems

OpenRASP is a runtime application self-protection solution that integrates into application servers to monitor and block threats in real-time using context-aware instrumentation.

Cutting-edge technology for developing security applications within the Linux kernel.

A KDE Plasma 4 widget that displays real-time traffic information for active network connections on Linux computers.

A combination of honeypot, monitoring tool, and alerting system for detecting insecure configurations.

Set up your own IPsec VPN server in just a few minutes with IPsec/L2TP, Cisco IPsec, and IKEv2.

BleachBit is an open-source system cleaning utility that removes temporary files and system artifacts to free disk space and protect user privacy.

A cross-platform security application that functions as a laptop kill cord, automatically locking or shutting down your computer when physically separated from you via a USB connection.

A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.

LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.

minikube is a local Kubernetes cluster management tool that enables developers to run and test Kubernetes applications on their local machines across multiple operating systems.

An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.

A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.

A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.

A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.

A comprehensive auditd configuration for Linux systems following best practices.

A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation.

A website for information on Linux and BSD distributions.

A network-triggered emergency tool that overwrites LUKS encryption headers with random data to prevent forced decryption in high-risk situations.

Taxii2 server for interacting with taxii services.

A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.