Sandfly Security

All

9 repositories

elastic-connectors
Public
Official Elastic connectors for third-party data sources
Python
•
Other
•174•0•0•0•Updated Jul 29, 2025Jul 29, 2025
sandfly-setup
Public
Sandfly Security Agentless Compromise and Intrusion Detection System For Linux
linux security forensics intrusion-detection security-scanner intrusion-detection-system security-automation security-tools
Shell
•
Other
•14•80•2•0•Updated Jul 14, 2025Jul 14, 2025
sandfly-forensic-scripts
Public
Small scripts to help with Linux forensics and incident response.
Shell
•
Other
•4•51•0•0•Updated Jun 15, 2025Jun 15, 2025
sandfly-credentials-adapter-setup
Public
Sandfly Security external credential provider adapter
Shell
•
Other
•0•1•0•0•Updated Aug 7, 2024Aug 7, 2024
sandfly-entropyscan
Public
Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptographic hashes.
linux incident-response intrusion-detection intrusion-detection-system blueteam incident-response-tooling blueteamin security malware malware-analysis
Go
•
Other
•24•158•1•1•Updated Jun 11, 2024Jun 11, 2024
sandflies-preview
Public
Sandfly modules for emerging threats and beta testing.
Other
•0•4•0•0•Updated Apr 4, 2024Apr 4, 2024
sandfly-ssh-security-scanner
Public
Scripts to check for security issues with SSH keys and authorized_keys files on Linux and other Unix-like operating systems.
Shell
•
Other
•2•22•0•0•Updated Jun 27, 2023Jun 27, 2023
sandfly-processdecloak
Public
Sandfly Linux Stealth Rootkit Decloaking Utility
Go
•
Other
•17•101•1•1•Updated Jan 19, 2023Jan 19, 2023
sandfly-file-decloak
Public
Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.
linux rootkit incident-response malware intrusion-detection blueteam malware-detection rootkit-hunter incident-response-tooling rootkit-kernel
Python
•
Other
•5•25•0•0•Updated Nov 15, 2022Nov 15, 2022