Zigi monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack! Plus it reduces cycle time by up to 75%. Learn more →
Top 23 Shell Security Projects
Scripts to build your own IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2Project mention: IIIT JABALPUR HOSTEL'S ETHERNET | reddit.com/r/JEENEETards | 2022-11-16
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.Project mention: I’ve done some pentesting, cyber security, exploiting, ect…. courses and I realised there isn’t much on how to defend yourself. | reddit.com/r/Pentesting | 2022-11-23
For example this tool: https://github.com/CISOfy/lynis It scans the system for certain "best practice" configuration and informs you about what is set, what is not set, how to set it, and tells a bit about the implications.
Close all those tabs. Zigi will handle your updates.. Zigi monitors Jira and GitHub updates, pings you when PRs need approval and lets you take fast actions - all directly from Slack! Plus it reduces cycle time by up to 75%.
Guide to using YubiKey for GPG and SSHProject mention: How do you even use these things? | reddit.com/r/yubikey | 2022-11-24
If you want to use it for SSH (highly recommended is you use SSH) check out https://github.com/drduh/YubiKey-Guide or if you want I can post a summary I wrote for myself lol.
OSS-Fuzz - continuous fuzzing for open source software.Project mention: Mosh: An Interactive Remote Shell for Mobile Clients (2012) [pdf] | news.ycombinator.com | 2022-11-24
Yes, mosh has fuzz tests in oss-fuzz .
List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.Project mention: Using Prowler to Audit your AWS account for vulnerabilities. | dev.to | 2022-05-05
Few days ago I came across this repository and I found Prowler(Go Star the repo).
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.Project mention: Opensource equivalent of Sailpoint | reddit.com/r/sysadmin | 2022-09-25
You’re not going to find a shiny enterprise web ui for free but there are tools out there. If you just want to review AWS accounts, you can use prowler https://github.com/prowler-cloud/prowler
A collection of android security related resourcesProject mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31
Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.
Docker image to run an IPsec VPN server, with IPsec/L2TP, Cisco IPsec and IKEv2Project mention: Containers or not containers? | reddit.com/r/selfhosted | 2022-11-01
This is a multi-use bash script for Linux systems to audit wireless networks.Project mention: Panda Wireless PAU09 or ALFA AC1200 or ALFA AC1900 | reddit.com/r/Kalilinux | 2022-09-08
📖 Unofficial WireGuard Documentation: Setup, Usage, Configuration, and full example setups for VPNs supporting both servers & roaming clients.Project mention: WireGuard-docs: Setup, usage, configuration, and a full example (2019) | news.ycombinator.com | 2022-05-29
Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)Project mention: Does Google want thieves to unlock Android devices? | reddit.com/r/AndroidQuestions | 2022-08-18
There are only 10,000 possible 4-digit PIN codes. We can assume that it would take around 40 seconds for someone to try 5 of them. That means it would take 80,000 seconds to try all 10,000. That's 1,333 minutes or 22 hours of non-stop brute-forcing, and there are tools like this one to automate the process.
Let's make an annoyance free, better open internet, altogether!Project mention: re: Energized Lists | reddit.com/r/nextdns | 2022-11-25
their website is currently a blank page. See https://energized.pro
To fix the Docker and UFW security flaw without disabling iptablesProject mention: Need help setting up UFW killswitch with OpenVPN | reddit.com/r/linuxquestions | 2022-11-16
I'm using openmediavault 5 with UFW Killswitch configured to only use OpenVPN(Nord vpn). Configured plex, qBittorrent docker containers. Long story short, I got copyright infringement warning. Never had problem with previous ISP. So I investigated how it happened. Found out my DNS was set to ISP DNS in resolv.conf. Not sure how it got defaulted to router DNS. Also found a security issue with using Docker and UFW where docker ignores UFW rules: https://github.com/chaifeng/ufw-docker.
Create On Demand Disposable OpenVPN Endpoints on AWS.
Security automation content in SCAP, Bash, Ansible, and other formats (by ComplianceAsCode)Project mention: Ansible for automation/ hardening. | reddit.com/r/ansible | 2022-08-10
🔐CNCF Security Technical Advisory Group -- secure access, policy control, privacy, auditing, explainability and more!Project mention: Does Kubernetes support SELinux? | dev.to | 2022-07-07
As Daniel Walsh himself wrote in a blog post, CRI-O integrates very well with SELinux and prevents dangerous actions like a container loading an old, unmaintained and therefore potentially vulnerable kernel module and breaking out of the isolation. Additionally, the Kubernetes API itself contains resources to specifically configure SELinux labels for containers. Doesn't sound like something they would do for a tool that "doesn't work with Kubernetes", according to some. Also, the CNCF security whitepaper mentions SELinux as a tool that can be used to provide isolation and limit privileges, which is as much as we could expect from an high-level, architecturally-minded document.
EMBA - The firmware security analyzerProject mention: GitHub - e-m-b-a/emba: EMBA - The firmware security analyzer | reddit.com/r/RedSec | 2022-11-17
grep rough audit - source code auditing toolProject mention: Source Code Review Resources for Beginners | reddit.com/r/cybersecurity_help | 2022-07-20
Improve your security and privacy by blocking ads, tracking and malware domains.Project mention: is there anti tracking software that can be installed on Linux? If so, what is it? | reddit.com/r/PrivacyGuides | 2022-11-12
hblock works system-wide using your OSes built in hosts file.
Educational, CTF-styled labs for individuals interested in Memory ForensicsProject mention: MemLabs: Learn Memory Forensics through CTF-styled labs | reddit.com/r/netsec | 2022-08-31
✔️ wireguard-manager enables you to create and manage your own vpn under a minute.Project mention: Add WireGuard VPN on my exicting PI-hole+unbound ubuntu DNS server on my old laptop. | reddit.com/r/pihole | 2022-10-23
SSH-based "VPN for poors"
OSX and iOS related security toolsProject mention: Cybersecurity Repositories | reddit.com/r/netsecstudents | 2022-05-31
OSX and iOS Security
Truly a developer’s best friend. Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.
Shell Security related posts
How do you even use these things?
2 projects | reddit.com/r/yubikey | 24 Nov 2022
Mosh: An Interactive Remote Shell for Mobile Clients (2012) [pdf]
1 project | news.ycombinator.com | 24 Nov 2022
I’ve done some pentesting, cyber security, exploiting, ect…. courses and I realised there isn’t much on how to defend yourself.
1 project | reddit.com/r/Pentesting | 23 Nov 2022
Wazuh Agent build on alpine linux
10 projects | reddit.com/r/Wazuh | 16 Nov 2022
IIIT JABALPUR HOSTEL'S ETHERNET
1 project | reddit.com/r/JEENEETards | 16 Nov 2022
Best secured adblock
2 projects | reddit.com/r/PrivacyGuides | 15 Nov 2022
Java Fuzzing with Jazzer compared to Symflower
3 projects | dev.to | 15 Nov 2022
A note from our sponsor - Zigi
www.zigi.ai | 29 Nov 2022
What are some of the best open-source Security projects in Shell? This list will help you: