Linux

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

A tool to locally check for signs of a rootkit with various checks and tests.

A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.

A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.

Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.

A comprehensive cheat sheet for accessing Windows systems from Linux hosts using smbclient and rpcclient tools, covering password management, user and group enumeration, and more.

A javascript malware analysis tool with backend code execution.

A collection of utilities for working with USB devices on Linux

Uploader honeypot designed to look like poor website security.

A setuid implementation of user namespaces that enables running unprivileged containers without root privileges as a secure alternative to traditional container runtimes.

An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.

A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.

Semi-tethered jailbreak for iPhone 5s to iPhone X, running iOS 12.0 and up, using the 'checkm8' bootrom exploit.

CrossC2 is a cross-platform payload generator that extends CobaltStrike's capabilities to Linux and macOS environments for red team operations.

CredStash is a credential management tool that securely stores and retrieves sensitive information using AWS KMS encryption.

Falco is a CNCF graduated runtime security tool that monitors Linux kernel events and syscalls to detect abnormal behavior and security threats in cloud native environments.

A simpler version of a honeypot that looks for connections from external parties and performs a specific action, usually blacklisting.

Vulnerability scanner for Linux/FreeBSD, written in Go, agent-less, informs users of vulnerabilities related to the system and affected servers.

A deprecated digital forensics tool by Netflix that helped investigators scope compromises across AWS cloud instances by identifying behavioral differences and outliers during security incidents.

wxHexEditor is a free cross-platform hex editor and disk editor for editing binary files, disk devices, and logical drives with data manipulation and checksum calculation features.

Guidance on securing NFS in Red Hat Enterprise Linux 7

An evolving how-to guide for securing a Linux server with detailed steps and explanations.

Honeypot for Telnet service with configurable settings.

Python tool for remotely or locally dumping RAM of a Linux client for digital forensics analysis.