Linux kernel source tree

A new bootable USB solution.

Command-line JSON processor

Zstandard - Fast real-time compression algorithm

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

GoAccess is a real-time web log analyzer and interactive viewer that runs in a terminal in *nix systems or through your browser.

Capturing SSL/TLS plaintext without a CA certificate using eBPF. Supported on Linux/Android kernels for amd64/arm64.

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Official QEMU mirror. Please see https://www.qemu.org/contribute/ for how to submit changes to QEMU. Pull Requests are ignored. Please only use release tarballs from the QEMU website.

Nmap - the Network Mapper. Github mirror of official SVN repository.

Small and highly portable detection tests based on MITRE's ATT&CK.

proxychains ng (new generation) - a preloader which hooks calls to sockets in dynamically linked programs and redirects it through one or more socks/http proxies. continuation of the unmaintained p…

🐬 Feature-rich, stable and customizable Flipper Firmware

proxychains - a tool that forces any TCP connection made by any given application to follow through proxy like TOR or any other SOCKS4, SOCKS5 or HTTP(S) proxy. Supported auth-types: "user/pass" fo…

Linux namespaces and seccomp-bpf sandbox

Suricata is a network Intrusion Detection System, Intrusion Prevention System and Network Security Monitoring engine developed by the OISF and the Suricata community.

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

eBPF-based Security Observability and Runtime Enforcement

This project hosts security advisories and their accompanying proof-of-concepts related to research conducted at Google which impact non-Google owned code.

A kernel designed to run one and only one application in a virtualized environment

Postgres-native columnar storage extension

Pure Data as a plugin, with a new GUI

A Linux eBPF rootkit with a backdoor, C2, library injection, execution hijacking, persistence and stealth capabilities.

LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android. The tool supports acquir…

MetaCall: The ultimate polyglot programming experience.

kpatch - live kernel patching

Learning eBPF, published by O'Reilly - out now! Here's where you'll find a VM config for the examples, and more

TinySSH is small server (less than 100000 words of code)

A Virtual FIDO2 USB Device

Credentials Dumper for Linux using eBPF