Repositories list

• sandfly-setup

  Public
  Sandfly Security Agentless Compromise and Intrusion Detection System For Linux

  linuxsecurityforensics+ 5intrusion-detectionsecurity-scannerintrusion-detection-systemsecurity-automationsecurity-tools

  Shell

  •

  Other

  •14•88•2•2•Updated Jan 21, 2026Jan 21, 2026

• sandflysecurity

  Public
  Python

  •

  Apache License 2.0

  •3•0•0•0•Updated Dec 15, 2025Dec 15, 2025

• sandflies-preview

  Public
  Sandfly modules for emerging threats and beta testing.

  Other

  •0•4•0•0•Updated Sep 29, 2025Sep 29, 2025

• sandfly-forensic-scripts

  Public
  Small scripts to help with Linux forensics and incident response.

  linuxrootkitsrootkit-detection

  Shell

  •

  Other

  •5•56•0•1•Updated Sep 29, 2025Sep 29, 2025

• sandfly-ssh-security-scanner

  Public
  Scripts to check for security issues with SSH keys and authorized_keys files on Linux and other Unix-like operating systems.

  Shell

  •

  Other

  •2•23•0•0•Updated Sep 29, 2025Sep 29, 2025

• sandfly-file-decloak

  Public
  Decloak Linux stealth rootkits hiding data with this simple memory mapped IO investigation tool.

  linuxrootkitincident-response+ 7malwareintrusion-detectionblueteammalware-detectionrootkit-hunterincident-response-toolingrootkit-kernel

  Python

  •

  Other

  •5•29•0•0•Updated Sep 29, 2025Sep 29, 2025

• sandfly-kernel-module-decloak

  Public
  Scripts to decloak Linux Loadable Kernel Module (LKM) stealth rootkits.

  linuxrootkitrootkits+ 1rootkit-detection

  Shell

  •

  MIT License

  •4•35•0•0•Updated Sep 28, 2025Sep 28, 2025

• elastic-connectors

  Public
  Official Elastic connectors for third-party data sources

  Python

  •

  Other

  •196•0•0•0•Updated Sep 2, 2025Sep 2, 2025

• sandfly-credentials-adapter-setup

  Public
  Sandfly Security external credential provider adapter

  Shell

  •

  Other

  •0•1•0•0•Updated Aug 7, 2024Aug 7, 2024

• sandfly-entropyscan

  Public
  Entropy scanner for Linux to detect packed or encrypted binaries related to malware. Finds malicious files and Linux processes and gives output with cryptograph…

  linuxsecurityincident-response+ 8malwareintrusion-detectionmalware-analysismalware-researchintrusion-detection-systemblueteamincident-response-tooling+ 1

  Go

  •

  Other

  •25•167•1•2•Updated Jun 11, 2024Jun 11, 2024

• sandfly-processdecloak

  Public
  Sandfly Linux Stealth Rootkit Decloaking Utility

  Go

  •

  Other

  •18•108•1•0•Updated Jan 19, 2023Jan 19, 2023