Skip to content
@sandflysecurity

Sandfly Security

Sandfly Security provides agentless intrusion detection and incident response for Linux. Find hackers without loading any software on your Linux endpoints

Popular repositories Loading

  1. sandfly-entropyscan sandfly-entropyscan Public

    Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

    Go 167 25

  2. sandfly-processdecloak sandfly-processdecloak Public

    Sandfly Linux Stealth Rootkit Decloaking Utility

    Go 108 18

  3. sandfly-setup sandfly-setup Public

    Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

    Shell 88 14

  4. sandfly-forensic-scripts sandfly-forensic-scripts Public

    Small scripts to help with Linux forensics and incident response.

    Shell 55 4

  5. sandfly-kernel-module-decloak sandfly-kernel-module-decloak Public

    Scripts to decloak Linux Loadable Kernel Module (LKM) stealth rootkits.

    Shell 35 4

  6. sandfly-file-decloak sandfly-file-decloak Public

    Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.

    Python 29 5

Repositories

Showing 10 of 11 repositories
  • sandflysecurity Public Forked from splunk-soar-connectors/sandflysecurity
    sandflysecurity/sandflysecurity’s past year of commit activity
    Python 0 Apache-2.0 3 0 0 Updated Dec 15, 2025
  • sandflies-preview Public

    Sandfly modules for emerging threats and beta testing.

    sandflysecurity/sandflies-preview’s past year of commit activity
    4 0 0 0 Updated Sep 29, 2025
  • sandfly-forensic-scripts Public

    Small scripts to help with Linux forensics and incident response.

    sandflysecurity/sandfly-forensic-scripts’s past year of commit activity
    Shell 55 4 0 0 Updated Sep 29, 2025
  • sandfly-ssh-security-scanner Public

    Scripts to check for security issues with SSH keys and authorized_keys files on Linux and other Unix-like operating systems.

    sandflysecurity/sandfly-ssh-security-scanner’s past year of commit activity
    Shell 23 2 0 0 Updated Sep 29, 2025
  • sandfly-file-decloak Public

    Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.

    sandflysecurity/sandfly-file-decloak’s past year of commit activity
    Python 29 5 0 0 Updated Sep 29, 2025
  • sandfly-kernel-module-decloak Public

    Scripts to decloak Linux Loadable Kernel Module (LKM) stealth rootkits.

    sandflysecurity/sandfly-kernel-module-decloak’s past year of commit activity
    Shell 35 MIT 4 0 0 Updated Sep 28, 2025
  • sandfly-setup Public

    Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

    sandflysecurity/sandfly-setup’s past year of commit activity
    Shell 88 14 2 2 Updated Sep 22, 2025
  • elastic-connectors Public Forked from elastic/connectors

    Official Elastic connectors for third-party data sources

    sandflysecurity/elastic-connectors’s past year of commit activity
    Python 0 198 0 0 Updated Sep 2, 2025
  • sandfly-credentials-adapter-setup Public

    Sandfly Security external credential provider adapter

    sandflysecurity/sandfly-credentials-adapter-setup’s past year of commit activity
    Shell 1 0 0 0 Updated Aug 7, 2024
  • sandfly-entropyscan Public

    Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.

    sandflysecurity/sandfly-entropyscan’s past year of commit activity
    Go 167 25 1 2 Updated Jun 11, 2024
View all repositories

People

This organization has no public members. You must be a member to see who’s a part of this organization.

Most used topics

Loading…