This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

🔒 Anti DDOS | Bash Script Project 🔒

AVML - Acquire Volatile Memory for Linux

Tracking CVEs for the linux Kernel

A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

OpenSnitch is a GNU/Linux application firewall

Linux Security & Linux Hardening & Linux Management & Linux Configuration

Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

Linux security with three different distributions (Rocky Linux, Ubuntu and openSUSE)!

Interactive Post Exploitation Tool

Vulnerability management tool that provides Yocto SBOM generation and CVE Analysis of target images.

Kernel programming: This is a simple kernel module implementation for enforcing access control policies using Linux Security Module framework.

Linux kernel module to fight against police terror

Linux Security Audit Tool

Checks for search order privilege escalation vectors in system environment, system shared objects and executable files in $PATH.

In-depth notes on Linux fundamentals, including command line usage, file system hierarchy, shell scripting, and essential tools for beginners and advanced users.

Lazily wraps various Linux system auditing tools