Linux

PhoneyC is a client-side honeypot that emulates vulnerable web browsers to detect and analyze malicious web content and browser-based exploits.

POFR is a Linux forensic data collection system that captures process execution, file access, and network activity for incident response and compliance analysis.

A tool for creating compact Linux memory dumps compatible with popular debugging tools.

OpenCanary is a multi-protocol network honeypot with low resource requirements and alerting capabilities.

A discontinued disk imaging utility originally developed by Intel that used block map files for efficient disk image copying operations.

An open-source penetration testing framework for social engineering with custom attack vectors.

DenyHosts is a script to block SSH server attacks by automatically preventing attackers after failed login attempts.

A Docker MultiStage build implementation that integrates CVE scanning into Alpine Linux container builds using Docker 17.05's build-time vulnerability assessment capabilities.

BunkerWeb is a next-generation and open-source Web Application Firewall (WAF) with seamless integration and user-friendly customization options.

Linux-based operating system intentionally vulnerable for cybersecurity practice.

A bash script that analyzes executable files to check security properties like PIE, RELRO, canaries, ASLR, and Fortify Source protections.

A comprehensive cheat sheet for Windows and Linux terminals and command lines, covering essential commands and syntax for various tasks.

CVE Ape is an open source tool that creates a local CVE database from the National Vulnerability Database for offline vulnerability searching by package name, vendor, or OS components.

A tool to locally check for signs of a rootkit with various checks and tests.

A hands-on cybersecurity laboratory environment for Gray Hat Hacking Chapter 29 that creates virtualized Docker and Kali Linux machines using Terraform for practical security training exercises.

A library and tools for accessing and analyzing Linux Logical Volume Manager (LVM) volume system format.

Firejail is a Linux sandbox program that isolates untrusted applications using kernel namespaces, seccomp-bpf, and capabilities to reduce security breach risks.

A comprehensive cheat sheet for accessing Windows systems from Linux hosts using smbclient and rpcclient tools, covering password management, user and group enumeration, and more.

A javascript malware analysis tool with backend code execution.

A collection of utilities for working with USB devices on Linux

Uploader honeypot designed to look like poor website security.

A setuid implementation of user namespaces that enables running unprivileged containers without root privileges as a secure alternative to traditional container runtimes.

An educational workshop providing hands-on training materials, lab environments, and tools for learning local privilege escalation techniques on Windows and Linux systems.

A Cross-Platform Forensic Framework for Google Chrome that allows investigation of history, downloads, bookmarks, cookies, and provides a full report.