Search Results for "kernel security"
Sort By:
Showing 108 open source projects for "kernel security"
View related business solutions-
Our Free Plans just got better! | Auth0You asked, we delivered! Auth0 is excited to expand our Free and Paid plans to include more options so you can focus on building, deploying, and scaling applications without having to worry about your security. Auth0 now, thank yourself later.
-
Context for your AI agentsBuild data pipelines that feed your AI models and agents without managing infrastructure. Crawl any website, transform content, and push directly to your preferred vector store. Use 10,000+ tools for RAG applications, AI assistants, and real-time knowledge bases. Monitor site changes, trigger workflows on new data, and keep your AIs fed with fresh, structured information. Cloud-native, API-first, and free to start until you need to scale.
-
1
Tetragon
eBPF-based Security Observability and Runtime Enforcement
...Synchronous monitoring, filtering, and enforcement completely in the kernel with eBPF. -
2
MemGuard
Secure software enclave for storage of sensitive information in memory
This package attempts to reduce the likelihood of sensitive data being exposed when in memory. It aims to support all major operating systems and is written in pure Go. Sensitive data is encrypted and authenticated in memory with XSalsa20Poly1305. The scheme used also defends against cold-boot attacks. Memory allocation bypasses the language runtime by using system calls to query the kernel for resources directly. This avoids interference from the garbage collector. Buffers that store... -
3
fswatch
A cross-platform file change monitor with multiple backends
A cross-platform file change monitor with multiple backends: Apple OS X File System Events API, BSD kqueue, Solaris/Illumos File Events Notification, Linux inotify and a stat()-based backend. fswatch is a file change monitor that receives notifications when the contents of the specified files or directories are modified. fswatch implements four kinds of monitors. A monitor based on the File System Events API of Apple OS X. A monitor based on kqueue, an event notification interface introduced... -
4
Yank Note
A Hackable Markdown Note Application for Programmers
A Hackable Markdown Note Application for Programmers. Version control, AI completion, mind map, documents encryption, code snippet running, integrated terminal, chart embedding, HTML applets, Reveal.js, plug-in, and macro replacement. Use Monaco kernel, optimize for Markdown editing, and have the same editing experience as VSCode. Support version control; Applets, runnable code blocks, tables, PlantUML, Drawio, macro replacements, etc., can be embedded in the document; support for OpenAI... -
Atera all-in-one platform IT management software with AI agentsAtera’s AI agents don’t just assist, they act. From detection to resolution, they handle incidents and requests instantly, taking your IT management from automated to autonomous.
-
5
Typhoon
Minimal and free Kubernetes distribution with Terraform
Typhoon is a minimal and free Kubernetes distribution. Minimal, stable base Kubernetes distribution. Declarative infrastructure and configuration. Free (freedom and cost) and privacy-respecting. Practical for labs, datacenters, and clouds. Typhoon distributes upstream Kubernetes, architectural conventions, and cluster addons, much like a GNU/Linux distribution provides the Linux kernel and userspace components. Typhoon provides a Terraform Module for each supported operating system and... -
6
Osquery
SQL operating system instrumentation and monitoring framework
Osquery is an operating system instrumentation framework for Windows, OS X (macOS), Linux, and FreeBSD. The tools make low-level operating system analytics and monitoring both performant and intuitive. Osquery exposes an operating system as a high-performance relational database. This allows you to write SQL queries to explore operating system data. With osquery, SQL tables represent abstract concepts such as running processes, loaded kernel modules, open network connections, browser... -
7
DSVPN
A dead simple VPN
DSVPN is a Dead Simple VPN, designed to address the most common use case for using a VPN. Runs on TCP. Works pretty much everywhere, including on public WiFi where only TCP/443 is open or reliable. Uses only modern cryptography, with formally verified implementations. Small and constant memory footprint. Doesn't perform any heap memory allocations. Small (~25 KB), with an equally small and readable code base. No external dependencies. Works out of the box. No lousy documentation to read. No... -
8
Trusted Boot (tboot) is an open source, pre- kernel/VMM module that uses Intel(R) Trusted Execution Technology (Intel(R) TXT) to perform a measured and verified launch of an OS kernel/VMM. mercurial repo: http://hg.code.sf.net/p/tboot/code.
-
9
Fast and transparent file system and swap encryption package for linux. No source code changes to linux kernel. Works with 6.x, 5.x, 4.x, 3.x, 2.6, 2.4, 2.2 and 2.0 kernels.
-
Grafana: The open and composable observability platformGrafana is the open source analytics & monitoring solution for every database.
-
10
BerserkArch
A bleeding-edge, security-centric Arch-based Linux distribution.
BerserkArch is a security-focused, performance-tuned Linux operating system (OS) based on Arch Linux, designed for developers, hackers, and technical users. A bleeding-edge, security-centric Arch-based Linux distribution crafted for hackers, developers, and nerds alike. Following the Arch Linux philosophy, it is designed to be highly customizable, allowing users to build their environment with only the components they need, rather than having a lot of pre-installed software like some other security distributions (e.g., Kali Linux). ... -
11
TOMOYO Linux is a LSM module which focuses on behavior of processes.TOMOYO Linux can be used as a system analysis tool as well as an access restriction tool like SELinux and Smack. TOMOYO Linux has been merged in Kernel 2.6.30.
-
12
LLF-Tool-for-Linux
Low Level Format Tool for debian-based systems
This simple application performs a pseudo-low level format on your disks. It has minimal dependencies and runs on the system's own kernel modules (dd). WARNING! This process cannot be stopped! https://github.com/shampuan/LLF-Tool-for-Linux -
13
BashCore
A custom Debian live ISO with security tools, no GUI, only Bash.
BashCore is a Debian-based live ISO for security pros, networking enthusiasts, and students. Minimalist and GUI-free, it relies entirely on Bash. Lightweight, fast, GPU-ready, and now offering an optional PREEMPT_RT kernel, it provides a fresh environment on every boot, ideal for safe experimentation, learning, and diagnostics. Built with Debian live-build, MIT-licensed, no branding, telemetry, or tracking. -
14
stegfs is a steganographic file system in userspace. It uses the FUSE module which allows it to be incorporated into more than just the Linux Kernel, i.e. it's also known to work in FreeBSD :) For more details visit: https://albinoloverats.net/projects/stegfs
-
15
ttyrpld is a multi-OS kernel-level TTY keylogger and screenlogger with (a)synchronous replay support. It runs on Linux, Solaris, FreeBSD, NetBSD and OpenBSD.
-
16
nsjail
A lightweight process isolation tool that utilizes Linux namespaces
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security. It utilizes Linux namespace subsystem, resource limits, and the seccomp-bpf syscall filters of the Linux kernel. -
17
GoldBug - Encrypted Communications
Chat Messenger. E-Mail-Client. Websearch. Filetransfer.
GoldBug is a decentralized & secure communication suite that offers an integrated e-mail client, an instant messenger & a file transfer. Also included is an URL-RSS-DB & a p2p web search. Current vers. w/ McEliece Algorithm. GoldBug has been 2013 - 2023 ten years just another Graphical User Interface of the Spot-On Encryption Suite. Main GUI features: Minimal & colorful Interface with Tabs in the East. Microsoft & Qt MinGW deprecated Win32 & for Compiling: ●... -
18
Kernelhub
Kernel privilege escalation vulnerability collection
The original intention of making the project is for, learning, analyzing, and research the latest kernel vulnerabilities are not needed to see the system and related content. This project is a collection of proprietary, except for test failure or unspecified Exp, Demo GIF map. If there is an omission of the omission of CVE vulnerabilities, please join your issues and bring your use of code. Project code is prohibited from testing in a real environment! The reliability of the code is... -
19
Casper-fs
Casper-fs is a Custom LKM generator to protect and hide files.
Casper-fs is a Custom Hidden Linux Kernel Module generator. Each module works in the file system to protect and hide secret files.The motivation: An attacker can read every file in your machine in a bad situation. But if you have a Casper-fs custom module, the attacker will not find the hidden kernel module that has functions to turn any file invisible and protect to block read/remove/edit actions. My beginning purpose at this project is to protect my server, which is to protect my... -
20
HiddenWall
hidden firewall, custom firewall in kernel
HiddenWall is a Linux kernel module generator for custom rules with netfilter. (block ports, Hidden mode, rootkit functions etc). The motivation: on bad situation, attacker can put your iptables/ufw to fall... but if you have HiddenWall, the attacker will not find the hidden kernel module that block external access, because have a hook to netfilter on kernel land(think like a second layer for firewall). My beginning purpose at this project is protect my personal server, now is protect the... -
21
Kubesploit
Kubesploit is a cross-platform post-exploitation HTTP/2 Command
Kubesploit is a cross-platform post-exploitation HTTP/2 Command & Control server and agent dedicated for containerized environments written in Golang and built on top of Merlin project by Russel Van Tuyl. While researching Docker and Kubernetes, we noticed that most of the tools available today are aimed at passive scanning for vulnerabilities in the cluster, and there is a lack of more complex attack vector coverage. They might allow you to see the problem but not exploit it. It is... -
22
Linux Exploit Suggester 2
Next-Generation Linux Kernel Exploit Suggester
Linux Exploit Suggester 2 is a next-generation enumeration tool that helps identify potential local privilege-escalation vectors on Linux systems. It inspects the target kernel and OS release, compares that information against a curated database of known kernel vulnerabilities, and reports which exploit primitives are plausibly applicable to the host. The script can optionally download exploit proof-of-concept code from public exploit repositories to accelerate validation in controlled... -
23
Xtables-addons is a package that obsoletes the old patch-o-matic repository for the Linux kernel and iptables. Instead of patching the kernel source, extensions are built as modules and thus allow extending kernels without recompilation.
-
24
Parrot Project
Security, Development and Privacy Defense, all in one place.
Parrot is a cloud friendly operating system designed for Pentesting, Computer Forensic, Reverse engineering, Hacking, Cloud pentesting, privacy/anonimity and cryptography. Based on Debian and developed by Frozenbox network. -
25
keysniffer
Linux kernel mode debugfs keylogger
A Linux kernel module to grab keys pressed in the keyboard, or a keylogger. keysniffer was initially written with the US keyboard (and conforming laptops) in mind. By default it shows human-readable strings for the keys pressed. However, as keyboards evolved, more keys got added. So the module now supports a module parameter codes which shows the keycode shift_mask pair in hex (codes=1) or decimal (codes=2). You can lookup the keycodes in /usr/include/linux/input-event-codes.h. The...
