GitHunt
BA

bad-antics/nullsec-linux

🐧 Security-focused Linux distribution with 140+ tools, custom kernel 6.17.13, AI assistant | 5 editions | Cloud, AI/ML, Automotive, Hardware hacking

blue-teamctfcybersecurityethical-hackingforensicshackinginfoseckali-alternativekali-linuxlinuxlinux-distroosintparrot-ospenetration-testingpentestpentestingred-teamsecuritysecurity-tools

🔒 NullSec Linux

Security-Focused Linux Distribution v5.0

by bad-antics development

License: NPL
Base
Tools
Version
GitHub

    _   __      ____  _____              __    _                  
   / | / /_  __/ / / / ___/___  _____   / /   (_)___  __  ___  __
  /  |/ / / / / / /  \__ \/ _ \/ ___/  / /   / / __ \/ / / / |/_/
 / /|  / /_/ / / /  ___/ /  __/ /__   / /___/ / / / / /_/ />  <  
/_/ |_/\__,_/_/_/  /____/\___/\___/  /_____/_/_/ /_/\__,_/_/|_|  
                                                                  
       [ bad-antics development | Security Distribution v5.0 ]

🆕 What's New in v5.0

  • 140+ Security Tools — 25 new tools added
  • NullKia v3.0 Integrated — Mobile security framework built-in
  • AI/ML Security Suite — LLM red teaming, ML model analysis
  • Cloud Pentesting Edition — AWS/GCP/Azure/Kubernetes tools
  • Hardware Hacking Edition — SDR, RFID, embedded systems
  • Automotive Security — CAN bus, OBD-II, vehicle pentesting
  • Custom Kernel 6.17.13 — Built from source with NullSec identity, zero upstream branding
  • Wayland + Hyprland — Modern compositor option
  • ARM64 Native — Full Apple Silicon & Raspberry Pi 5 support

📥 Official Downloads

🌐 Download Portal: bad-antics.github.io

💎 Premium Editions

Stripped, locked-down, production-ready images with enterprise-grade security.

Edition Description Size Download
NullSec Pro — Full Complete secure system 3.6 GB ISO
NullSec Pro — USB Bootable USB with encrypted persistence 4.5 GB IMG
NullSec Pro — Minimal CLI-only, minimal attack surface 980 MB ISO
NullSec Pro — Cloud AWS/GCP/Azure/K8s optimized 2.0 GB OVA/AMI
NullSec Pro — Hardware SDR/RFID/Embedded tools 4.8 GB ISO

Premium Features:

  • ✅ Kernel lockdown (KSPP, grsecurity principles)
  • ✅ Zero telemetry — completely stripped
  • ✅ Full disk encryption (LUKS2 + Argon2id)
  • ✅ Secure boot with custom keys
  • ✅ Anti-forensics capabilities
  • ✅ MAC spoofing on boot
  • ✅ Tor/I2P/Lokinet integration
  • ✅ 115+ security tools pre-installed

🐧 Standard Editions

Edition Description Size Download
Full Complete toolkit (140+ tools) 5.8 GB ISO
Lite Essential tools only 2.8 GB ISO
NetInstall Minimal, downloads during install 520 MB ISO

⚡ Live Boot Images

Boot directly without installation — leaves no trace on host system.

Edition Description Size Download
Live Standard Full toolkit in RAM 4.0 GB ISO
Live Stealth Anti-forensics, RAM-only 3.2 GB ISO
Live Forensics DFIR focused, read-only mounts 4.8 GB ISO
Live Air-Gapped No network stack, offline only 2.4 GB ISO

🎯 Specialized Editions (NEW in v5.0)

Edition Description Size Download
Cloud Pentest AWS/GCP/Azure/K8s security 3.5 GB ISO
Hardware Hacking SDR/RFID/Embedded/IoT 4.2 GB ISO
AI/ML Security LLM red team, model analysis 6.5 GB ISO
Automotive CAN bus, OBD-II, vehicle sec 3.8 GB ISO
Mobile Security NullKia + Android/iOS tools 4.0 GB ISO

🖥️ Architecture Support

Architecture Description Download
AMD64/x86_64 Standard 64-bit PCs All editions above
ARM64/aarch64 Raspberry Pi 4/5, ARM servers ISO
RISC-V StarFive VisionFive 2 ISO
Apple Silicon M1/M2/M3/M4 native IMG

🔍 Verify Downloads

# Download checksums
wget https://github.com/bad-antics/nullsec-linux/releases/download/v5.0/SHA256SUMS
wget https://github.com/bad-antics/nullsec-linux/releases/download/v5.0/SHA256SUMS.sig

# Verify checksum
sha256sum -c SHA256SUMS 2>/dev/null | grep nullsec

# GPG verification
gpg --keyserver keyserver.ubuntu.com --recv-keys B1F1881F70FB62A7
gpg --verify SHA256SUMS.sig SHA256SUMS

🛡️ Security Features

Kernel Protection

  • KASLR, SMEP/SMAP, PTI
  • Retpoline (Spectre mitigation)
  • Kernel module signing enforced
  • Lockdown mode (integrity)
  • KFENCE memory safety
  • io_uring restrictions
  • BPF hardening

Custom Kernel Build

NullSec Linux ships with a custom-compiled kernel built from upstream kernel.org sources.
No Parrot, Debian, or Ubuntu branding remains — uname, /proc/version, and all build
identity strings are NullSec-native.

Property Value
Version 6.17.13+2-amd64
Source kernel.org vanilla
Build ID nullsec@nullsec.sh
/proc/version NullSec 6.17.13-1nullsec1

See kernel/ for build scripts, configs, and documentation.
Download pre-built .deb packages from Releases.

Binary Protection

  • PIE, Full RELRO, Stack canaries
  • FORTIFY_SOURCE=3
  • NX/DEP, CET/IBT
  • Shadow stack (x86_64)
  • CFI (Control-Flow Integrity)

Network Security

  • nftables firewall default
  • IPv6 privacy extensions
  • SYN cookies, reverse path filtering
  • TCP timestamps disabled
  • ICMP redirect disabled
  • Wireguard built-in

Application Security

  • AppArmor + SELinux profiles
  • Seccomp-bpf filters
  • Namespace isolation
  • Landlock LSM
  • IMA/EVM integrity
  • Bubblewrap sandboxing

🛠️ Pre-Installed Security Tools (115+)

Offensive Security

Tool Language Purpose
nullsec-injector Rust Memory-safe process injection
nullsec-shellcraft Racket Shellcode generation DSL
nullsec-exploit C Binary exploitation framework
nullsec-c2 Go Command & control server
nullsec-phish Python Phishing framework
nullsec-webfuzz Rust Web application fuzzer
nullsec-sqlinject Python SQL injection toolkit

Network Security

Tool Language Purpose
nullsec-netprobe Nim Stealthy network recon
nullsec-portscan Elixir Async port scanner
nullsec-netseer Haskell Traffic analysis
nullsec-sniffer Clojure Packet capture
nullsec-flowtrace Haskell Flow analyzer
nullsec-crystalrecon Crystal Network reconnaissance
nullsec-dnsenum Go DNS enumeration
nullsec-arpwatch C ARP monitoring

Binary Analysis

Tool Language Purpose
nullsec-memcorrupt Zig Memory corruption analysis
nullsec-bingaze C++20 Binary analysis
nullsec-kernspy Go Kernel module analyzer
nullsec-zigscan Zig Binary entropy analyzer
nullsec-nimhunter Nim Memory forensics
nullsec-binarydiff Rust Binary diffing
nullsec-hexdump Zig Hex analysis

Cryptography

Tool Language Purpose
nullsec-cryptwrap Ada/SPARK Formally verified crypto
nullsec-hashwitch Julia Hash analysis
nullsec-adashield Ada Protocol validator
nullsec-vvault V Credential vault
nullsec-cryptoaudit Rust Crypto implementation audit

Defense & Detection

Tool Language Purpose
nullsec-cppsentry C++20 Packet sentinel
nullsec-swiftsentinel Swift macOS event monitor
nullsec-kotlinguard Kotlin Container scanner
nullsec-clusterguard Erlang Distributed IDS
nullsec-luashield Lua WAF rules engine
nullsec-beaconhunt Go C2 beacon detector

OSINT & Recon

Tool Language Purpose
nullsec-reporaider Clojure Git secret scanner
nullsec-juliaprobe Julia Anomaly detector
nullsec-perlscrub Perl Log sanitizer
nullsec-shelltrace Tcl Command auditor
nullsec-fsharpsignal F# Signal correlator
nullsec-credscan Python Credential finder

Mobile Security

Tool Language Purpose
nullkia Multi Mobile security framework v3.0
nullsec-apkanalyzer Kotlin APK analysis
nullsec-iosextract Swift iOS forensics
nullsec-android Java Android security
nullsec-bluetooth C Bluetooth research

Cloud Security (NEW)

Tool Language Purpose
nullsec-cloudaudit Go Multi-cloud auditor
nullsec-k8sscan Go Kubernetes security scanner
nullsec-awsrecon Python AWS enumeration
nullsec-gcphunt Go GCP security
nullsec-azuresweep C# Azure auditor
nullsec-terraform-scan Go IaC security

AI/ML Security (NEW)

Tool Language Purpose
nullsec-llmred Python LLM red teaming
nullsec-promptinject Python Prompt injection testing
nullsec-modelaudit Python ML model security audit
nullsec-adversarial Python Adversarial ML
nullsec-datapoisoning Python Training data attacks

Hardware Hacking (NEW)

Tool Language Purpose
nullsec-sdr C/Python Software-defined radio
nullsec-rfid C RFID/NFC research
nullsec-canbus C CAN bus analysis
nullsec-jtag C JTAG/SWD tools
nullsec-glitch Python Fault injection
nullsec-uart Python UART/Serial tools

Automotive Security (NEW)

Tool Language Purpose
nullsec-carfuzz C CAN bus fuzzer
nullsec-obdii Python OBD-II toolkit
nullsec-uds Python UDS protocol tools
nullsec-keyfob C Key fob research

Automation & Framework

Tool Language Purpose
nullsec-framework Python Unified framework
nullsec-dlangaudit D Security auditor
nullsec-beacon Erlang Network beacon
nullsec-ocamlparse OCaml Policy parser

🚀 Quick Start

System Requirements

Component Minimum Recommended
CPU 64-bit x86_64/ARM64 Multi-core (4+)
RAM 4 GB 16 GB
Storage 30 GB 120 GB NVMe
Graphics Any Hardware accel

Create Bootable USB

# Linux/macOS
sudo dd if=nullsec-pro-5.0-amd64.iso of=/dev/sdX bs=4M status=progress conv=fsync

# Or use Ventoy for multi-ISO boot
sudo ventoy -i /dev/sdX
cp nullsec-*.iso /mnt/ventoy/

First Boot

# Update system
nullsec-update

# Fetch latest tools
nullsec-fetch

# Launch framework
nullsec-framework

# Apply security profile
nullsec-harden --profile maximum

# Start anonymity mode
nullsec-anon --tor --mac-spoof --dns-over-tor

# Launch NullKia (mobile)
nullkia --gui

📁 Directory Structure

/opt/nullsec/
├── bin/           # 115+ NullSec tools
├── configs/       # Configuration files
├── payloads/      # Payload templates
├── wordlists/     # Curated wordlists
├── scripts/       # Automation scripts
├── modules/       # Framework modules
├── ai/            # AI/ML models (NEW)
├── hardware/      # Hardware tool configs (NEW)
└── docs/          # Documentation

/etc/nullsec/
├── security/      # Security profiles
├── firewall/      # nftables rules
├── apparmor/      # AppArmor profiles
├── seccomp/       # Seccomp filters
├── integrity/     # IMA policies
└── cloud/         # Cloud provider configs (NEW)

🔗 Related Projects

Project Description
nullsec-framework Unified toolkit framework
nullkia Mobile security framework v3.0
nullsec-payloads Payload templates
nullsec-wordlists Curated wordlists
nullsec-configs Dotfiles & configs
bad-antics.github.io Download portal

📋 Changelog

v5.0.0 (January 2026)

  • 140+ tools (25 new)
  • NullKia v3.0 integrated
  • Cloud pentesting edition (AWS/GCP/Azure/K8s)
  • AI/ML security suite (LLM red teaming)
  • Hardware hacking edition (SDR/RFID/IoT)
  • Automotive security tools (CAN bus)
  • Custom Kernel 6.17.13 (built from source, NullSec-branded)
  • Wayland + Hyprland compositor
  • Full ARM64/Apple Silicon support
  • Enhanced isolation (Landlock, CFI)

v4.0.0 (2025)

  • 90+ tools
  • NullKia v2.0
  • Cloud edition
  • Apple Silicon via Asahi

v3.0.0 (2024)

  • Initial public release
  • 60+ tools

📜 License

NullSec Public License v1.0 — For authorized security testing and education only.

🏷️ Keywords

linux distribution security distro penetration testing ethical hacking
kali alternative parrot alternative red team blue team CTF
cybersecurity hacking tools privacy anonymity DFIR OSINT
bad-antics nullsec cloud security kubernetes aws ai security
hardware hacking automotive security mobile security iot security

Developed with 💀 by bad-antics

NullSec Project © 2026 — Hack Ethically

🌐 Download Portal: bad-antics.github.io

GitHub
Website

⭐ Support the Project

If you find NullSec Linux useful, please consider:

  • ⭐ Star this repository — helps others discover it!
  • 🍴 Fork it — contribute improvements
  • 📢 Share it — tell your security community
Project Description
nullsec-webfuzz High-performance web fuzzer in Rust
blackflag-ecu Professional ECU diagnostics & tuning
nullkia Mobile security framework
mysterymachine AI-powered recon & exploitation
n01d-forge Rust/egui image burner with LUKS/VeraCrypt encryption
n01d-machine Secure VM manager with Tor/VPN isolation
glowbarn-os IoT security firmware framework
mirage ML model security testing
ai-entropy-mapper Neural network entropy analysis

🎯 Version 5.0 Highlights

  • New AI/ML Security Edition - Tools for LLM red teaming, prompt injection testing
  • Hardware Hacking Edition - SDR, RFID, glitch attacks, JTAG tools
  • Automotive Edition - CAN bus, OBD-II, UDS protocol tools
  • Apple Silicon Support - Native Asahi Linux builds
  • RISC-V Support - For emerging hardware platforms

🔒 Security Features

  • Full disk encryption by default
  • AppArmor/SELinux profiles for all tools
  • Hardened kernel configurations
  • Secure boot support
  • TPM integration

Languages

Shell26.2%Rust16.1%C14.5%Go12.9%Zig12.8%Ruby10.4%Python7.0%

Contributors

BA
MIT License
Created January 21, 2026
Updated March 11, 2026
bad-antics/nullsec-linux | GitHunt