This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Elkeid is an open source solution that can meet the security requirements of various workloads such as hosts, containers and K8s, and serverless. It is derived from ByteDance's internal best practices.

linuxprivchecker.py -- a Linux Privilege Escalation Check Script

Multi-engine Linux malware scanner with five detection stages (MD5, HEX pattern, YARA, ClamAV, statistical), real-time inotify monitoring, quarantine, and multi-channel alerting

AVML - Acquire Volatile Memory for Linux

Tracking CVEs for the linux Kernel

A desktop application that checks security-related settings and makes recommendations for improvements without requiring central device management or automated reporting.

OpenSnitch is a GNU/Linux application firewall

Open-source cross-platform endpoint detection engine for Windows, macOS, and Linux using ETW, ESF, eBPF, Sigma, YARA, IOCs, and ECS NDJSON alerts.

A modern, Rust-powered Linux scanner that unmasks hidden rootkits, stealthy eBPF tricks, and ghost processes in one fast sweep (50+ scanners)

Linux Security & Linux Hardening & Linux Management & Linux Configuration

Bash script to create nftables sets of country specific IP address ranges for use with firewall rulesets. The project provides a simple and flexible way to implement geolocation filtering with nftables. It can be a useful tool to reduce the chance of malware, ransomware and phishing attempts as well as mitigating the effects of DDoS attacks.

See adversary, do adversary: Simple execution of commands for defensive tuning/research (now with more ELF on the shelf)

iptables/netfilter firewall for Linux servers with stateful filtering, trust system, ipset block lists, SYN flood protection, VNET per-IP policies, and Docker support

This script automates the scanning process using the OpenSCAP Security Guid to hardening Ubuntu systems, aligning with DISA-STIG compliance for Ubuntu 24.04. LTS minimum. It includes a range of security enhancements and configurations designed to strengthen the security posture of Ubuntu servers.

Linux security with three different distributions (Rocky Linux, Ubuntu and openSUSE)!

A lightweight command sandbox for Linux, secure-by-default, built on Landlock.

Minimal no-libc Linux x86_64 ELF PoC build for Copy Fail (CVE-2026-31431)

Automated Linux environment initialization & post-installation setup script for Ubuntu/CentOS/RHEL. 支持开发环境一键配置、常用安全软件与 DevOps 工具链自动化安装、系统内核与网络参数深度性能优化和加固，世界杯备战

🧑‍💻 A comprehensive guide to Linux system administration, covering: 📜 Commands 👥 User Management 🌐 Networking 🔐 Permissions 📦 Package Management 💽 Disk Management 🛡️ Security 🤖 Automation ✅