Top 23 Shell Security Projects

• setup-ipsec-vpn

  6 16,381 9.0 Shell

  Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

  Project mention: Well it's been sitting on my desk for years now | reddit.com/r/ProgrammerHumor | 2021-09-19

  I use this one: https://github.com/hwdsl2/setup-ipsec-vpn

• lynis

  23 8,810 9.0 Shell

  Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

  

  Project mention: T440p is a really nice machine. | reddit.com/r/thinkpad | 2021-09-12

• Nanos

  github.com/nanovms

  sponsored

  Run Linux Software Faster and Safer than Linux with Unikernels.

  

• oss-fuzz

  8 6,649 9.8 Shell

  OSS-Fuzz - continuous fuzzing for open source software.

  

  Project mention: FuzzBench: Open Fuzzer Benchmarking Platform and Service | news.ycombinator.com | 2021-08-20

• YubiKey-Guide

  27 6,256 6.2 Shell

  Guide to using YubiKey for GPG and SSH

  Project mention: password management with pass and git | dev.to | 2021-09-19

  You can setup Yubikey with pass and store the private keys on the key itself. This requires quite some setup time.

• my-arsenal-of-aws-security-tools

  2 6,244 5.7 Shell

  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

  Project mention: Aws Cloud Security | reddit.com/r/aws | 2021-07-12

  Your question is lacking some context or detail, none the less here is a great repo of AWS security tools to play with: https://github.com/toniblyx/my-arsenal-of-aws-security-tools

• android-security-awesome

  0 5,490 4.7 Shell

  A collection of android security related resources

• docker-ipsec-vpn-server

  3 4,206 8.7 Shell

  Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2

  Project mention: Docker hostname resolution within container running VPN server | reddit.com/r/docker | 2021-08-14

  I'm running an L2TP VPN server using this image: https://github.com/hwdsl2/docker-ipsec-vpn-server. This works great, but while connected to the VPN, the docker hostname resolution doesn't work (https://docs.docker.com/compose/networking/). For example, if I run a container called "postgres", I can use that hostname from other containers to resolve the IP (e.g. 172.0.18.6) for that container. Shouldn't I be able to use those same hostnames in my browser too while I'm connected to VPN?

• Scout APM

  scoutapm.com

  sponsored

  Scout APM: A developer's best friend. Try free for 14-days. Scout APM uses tracing logic that ties bottlenecks to source code so you know the exact line of code causing performance issues and can get back to building a great product faster.

  

• prowler

  2 3,891 9.0 Shell

  Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains all CIS controls and many more additional checks that help on GDPR, HIPAA and other security frameworks.

  Project mention: What tooling is used for monitoring security policy in the cloud? | reddit.com/r/CloudSecurityPros | 2021-08-22

  Set up Prowler on an EC2 instance and run it via cron job daily. Use the CISl2 group as a parameter and run this against all of your accounts. This will get you to a good starting point.

• airgeddon

  1 3,631 8.9 Shell

  This is a multi-use bash script for Linux systems to audit wireless networks.

  Project mention: v1s1t0r1sh3r3/airgeddon - This is a multi-use bash script for Linux systems to audit wireless networks. | reddit.com/r/GithubSecurityTools | 2021-01-12

• wstg

  9 3,577 8.2 Shell

  The Web Security Testing Guide is a comprehensive Open Source guide to testing the security of web applications and web services.

  

  Project mention: Ajuda em Cyber Segurança | reddit.com/r/brdev | 2021-08-09

• wireguard-docs

  7 3,099 3.3 Shell

  📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients.

  Project mention: GitHub - pirate/wireguard-docs: 📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients. | reddit.com/r/bag_o_news | 2021-08-19

• autoVPN

  0 1,948 0.0 Shell

  Create On Demand Disposable OpenVPN Endpoints on AWS.

• block

  44 1,717 9.8 Shell

  Let's make an annoyance free, better open internet, altogether!

  

  Project mention: People may not be hiding effectively from Facebook | reddit.com/r/privatelife | 2021-09-19

• Android-PIN-Bruteforce

  8 1,575 8.6 Shell

  Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)

  Project mention: Screen Broken, Need help unlocking device blindly. | reddit.com/r/GalaxyS7 | 2021-06-17

  Try looking up for screen rentals from repair shops, they rental may out displays for retrieving data. This might help as well

• ufw-docker

  14 1,250 1.0 Shell

  To fix the Docker and UFW security flaw without disabling iptables

  Project mention: Docker and UFW | reddit.com/r/docker | 2021-08-18

• xiringuito

  1 987 0.0 Shell

  SSH-based "VPN for poors"

  Project mention: Ask HN: Rewrite Project or Abandon It? | news.ycombinator.com | 2021-01-05

  Hi people,

  I need your advice and opinion.

  I have a project on GitHub that I wasn't updating for a while:

  https://github.com/ivanilves/xiringuito

  And it still works kinda OK for me, but technically it's a hard to maintain gibberish and I'm thinking about rewriting it in a statically compiled language, add unit testing and be able to incorporate different advanced features without making myself and others cry.

  HOWEVER: I doubt this makes sense and fear to just lose time on it.

  Could you please help me with a decision:

  If you think it's worth rewriting, add a GitHub star on https://github.com/ivanilves/xiringuito

  If you think it's a pile of shite and it should die, no problem, just ignore it :)

  It already has 954 stars for now and if number of stars goes 1k+ this month, I'll rewrite it. If not, it would be a sign it's a [c/t]rap and I need to run away and forget ;)

  THANK YOU!

• sig-security

  10 931 0.0 Shell

  🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!

  

  Project mention: CNCF - Secure Supply Chain Assessment | reddit.com/r/kubernetes | 2021-08-03

  Evaluating your supply chain security: a framework for supply chain evaluation

• MemLabs

  1 835 2.3 Shell

  Educational, CTF-styled labs for individuals interested in Memory Forensics

  Project mention: I saw my definition of a worst case scenario today, all because the client didn't want to spend a little bit of money a couple years ago. | reddit.com/r/sysadmin | 2021-04-22

  I think your best bet to start today is to start looking at self-education options (all over youtube, reddit, google) and start shopping for jobs that either have big training budgets or are at a service provider/vendor that offers IR and try to move laterally within it. You'd be surprised by what you get from just shooting your shot. You could consider some really basic certs like Sec + (avoid CEH like the plague unless you're gov't.) or Blue Team Level 1. I like to watch guys like 13cubed, or the surviving digital forensics podcasts and courses. Also just stay aware of infosec news from sources like brian krebs or cyberwire daily. Some other things to think about are ashemery.com/dfir.html and https://github.com/stuxnet999/MemLabs for some good exercises. Don't feel bad for using walkthroughs your first few times. SANS 3 minutes max is also great for quick topics in DFIR

• hblock

  5 832 8.3 Shell

  Improve your security and privacy by blocking ads, tracking and malware domains.

  Project mention: Block ADS by yourself without using an Adblock. ¿How? | reddit.com/r/uBlockOrigin | 2021-06-27

  The hosts file (I'm talking about GNU/Linux) may be a bit confusing at first, but once you get used to it, it's a great system wide solution. You could also use a tool that uses the hosts file, which may make your life easier. I'd recommend hblock

• hardening

  3 790 7.5 Shell

  Hardening Ubuntu. Systemd edition.

  Project mention: Industry Standard Linux Hardening Script [Ubuntu Server] | reddit.com/r/cybersecurity | 2021-07-28

  Are there any Linux(Ubuntu Server in my case) hardening scripts that abides to any well known industry standards. I can only find some scripts on Github like this one - https://github.com/konstruktoid/hardening

• htshells

  1 747 0.8 Shell

  Self contained htaccess shells and attacks

  Project mention: Null | news.ycombinator.com | 2021-01-13

  Found some GitHub issues [1] with something similar: an enterprise firewall blocking a repo because it contained the string "arglebargleglopglyf" [2] in some tests.

  The text was flagged as malicious because of its presence in the repo github.com/wireghoul/htshells [3]. However, the whole point of the word in the htshells repo is that it's an invalid command that breaks Apache, so it could have been almost any random string.

  [1] https://github.com/search?q=arglebargleglopglyf&type=issues

  [2] https://mume.org/help/arglebargle

  [3] https://github.com/wireghoul/htshells/blob/master/dos/apache...

• wireguard-manager

  8 656 9.6 Shell

  ✔️ wireguard-manager enables you to build and manage your own vpn under a minute.

  

  Project mention: Any guides to setup wireguard on a VPS? | reddit.com/r/WireGuard | 2021-09-18

  This repo is a good place to start

• kalitorify

  2 610 0.0 Shell

  Transparent proxy through Tor for Kali Linux OS

  Project mention: kalitorify v1.26.2 - Shell script for transparent proxy through Tor network. | reddit.com/r/Kalilinux | 2021-09-14

  Pull requests

Index

Sponsored

SaaSHub - Software Alternatives and Reviews

SaaSHub helps you find the best software and product alternatives

www.saashub.com