Linux

A utility package that monitors hard drive health through SMART technology to detect and prevent disk failures before data loss occurs.

LinEnum is a tool for Linux enumeration that provides detailed system information and performs various checks and tasks.

minikube is a local Kubernetes cluster management tool that enables developers to run and test Kubernetes applications on their local machines across multiple operating systems.

An alternative to the auditd daemon with goals of safety, speed, JSON output, and pluggable pipelines connecting to the Linux kernel via netlink.

A Linux process injection tool that uses ptrace() to inject assembly-based shellcode into running processes without NULL byte restrictions.

A comprehensive repository of payloads and bypass techniques for web application security testing and penetration testing across multiple platforms and attack vectors.

A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.

A comprehensive auditd configuration for Linux systems following best practices.

A lightweight bash script IOC scanner for Linux/Unix/macOS systems that detects malicious indicators through hash matching, filename analysis, string searches, and C2 server identification without requiring installation.

A website for information on Linux and BSD distributions.

A network-triggered emergency tool that overwrites LUKS encryption headers with random data to prevent forced decryption in high-risk situations.

Taxii2 server for interacting with taxii services.

A guide on basic Linux privilege escalation techniques including enumeration, data analysis, exploit customization, and trial and error.

LiME is a Linux Memory Extractor tool for acquiring volatile memory from Linux and Linux-based devices, including Android, with features like full memory captures and minimal process footprint.

Procmon for Linux is a reimagining of the classic Procmon tool from Windows, allowing Linux developers to trace syscall activity efficiently.

An endpoint monitoring tool for Linux and macOS that reports file, socket, and process events to Zeek.

pcapfex is a forensic tool that extracts files from packet capture data by analyzing network traffic and identifying embedded file content.

Sysmon for Linux is a tool that monitors and logs system activity with advanced filtering to identify malicious activity.

edb is a powerful debugger for Linux binaries, enhancing reverse engineering efforts with a user-friendly interface and extensible plugins.

OCyara performs OCR on images and PDF files to extract text content and scan it against Yara rules for malware detection.

Buildah is a command-line tool for building and managing container images in OCI and Docker formats without requiring a running daemon.

High interaction honeypot solution for Linux systems with data control and integrity features.

Sysdig is a universal system visibility tool that provides deep monitoring and analysis capabilities for traditional systems and containerized environments through system call tracing and network activity monitoring.

CyLR is a Live Response Collection tool for quickly and securely collecting forensic artifacts from hosts with NTFS file systems.