🔒 NullSec Linux

Security-Focused Linux Distribution v5.0

by bad-antics development

     _   __      ____  _____              __    _                  
   / | / /_  __/ / / / ___/___  _____   / /   (_)___  __  ___  __
  /  |/ / / / / / /  \__ \/ _ \/ ___/  / /   / / __ \/ / / / |/_/
 / /|  / /_/ / / /  ___/ /  __/ /__   / /___/ / / / / /_/ />  <  
/_/ |_/\__,_/_/_/  /____/\___/\___/  /_____/_/_/ /_/\__,_/_/|_|  
                                                                  
       [ bad-antics development | Security Distribution v5.0 ]

---

🆕 What's New in v5.0

• 140+ Security Tools — 25 new tools added
• NullKia v3.0 Integrated — Mobile security framework built-in
• AI/ML Security Suite — LLM red teaming, ML model analysis
• Cloud Pentesting Edition — AWS/GCP/Azure/Kubernetes tools
• Hardware Hacking Edition — SDR, RFID, embedded systems
• Automotive Security — CAN bus, OBD-II, vehicle pentesting
• Custom Kernel 6.17.13 — Built from source with NullSec identity, zero upstream branding
• Wayland + Hyprland — Modern compositor option
• ARM64 Native — Full Apple Silicon & Raspberry Pi 5 support

---

📥 Getting NullSec Linux

⚡ Quick Install (On existing Debian/Ubuntu)

The fastest way to get started — installs NullSec tools and kernel on your existing system:

git clone https://github.com/bad-antics/nullsec-linux
cd nullsec-linux
sudo ./install.sh

🔨 Build From Source

Build a complete NullSec Linux image from scratch:

git clone https://github.com/bad-antics/nullsec-linux
cd nullsec-linux

# Build the custom kernel
cd kernel && ./build-kernel.sh && cd ..

# Build a full image (requires root, ~30 min)
sudo ./scripts/build-iso.sh --edition full --arch amd64

# Or build a specific edition
sudo ./scripts/build-iso.sh --edition lite      # Essential tools only
sudo ./scripts/build-iso.sh --edition live       # Live boot (RAM-only)
sudo ./scripts/build-iso.sh --edition cloud      # Cloud/K8s optimized
sudo ./scripts/build-iso.sh --edition hardware   # SDR/RFID/IoT tools

Build requirements: Debian 12+/Ubuntu 22.04+, 20GB free disk, debootstrap, squashfs-tools, xorriso

🌐 Pre-built ISOs

⚠️ Pre-built ISO images are coming soon. The v5.0.0 release currently includes the custom kernel packages and checksums. Full ISO builds for all editions will be uploaded as they're validated. Watch the releases page for updates.

Custom Kernel Only

If you just want the hardened kernel on your existing system:

# Download from releases
wget https://github.com/bad-antics/nullsec-linux/releases/download/kernel-6.17.13/linux-image-6.17.13+2-amd64_6.17.13-1_amd64.deb
wget https://github.com/bad-antics/nullsec-linux/releases/download/kernel-6.17.13/linux-headers-6.17.13+2-amd64_6.17.13-1_amd64.deb

# Verify checksums
wget https://github.com/bad-antics/nullsec-linux/releases/download/kernel-6.17.13/SHA256SUMS
sha256sum -c SHA256SUMS

# Install
sudo dpkg -i linux-image-*.deb linux-headers-*.deb
sudo update-grub && sudo reboot

---

🎯 Planned Editions (v5.0)

Edition	Description	Status
Full	Complete toolkit (140+ tools)	🔨 Building
Lite	Essential tools only	🔨 Building
Live Standard	Full toolkit in RAM	🔨 Building
Live Stealth	Anti-forensics, RAM-only	🔨 Building
Cloud Pentest	AWS/GCP/Azure/K8s	🔨 Building
Hardware Hacking	SDR/RFID/Embedded/IoT	🔨 Building
AI/ML Security	LLM red team, model analysis	🔨 Building
Automotive	CAN bus, OBD-II, vehicle sec	🔨 Building
NetInstall	Minimal, downloads during install	🔨 Building

---

🛡️ Security Features

Kernel Protection

• KASLR, SMEP/SMAP, PTI
• Retpoline (Spectre mitigation)
• Kernel module signing enforced
• Lockdown mode (integrity)
• KFENCE memory safety
• io_uring restrictions
• BPF hardening

Custom Kernel Build

NullSec Linux ships with a custom-compiled kernel built from upstream kernel.org sources. No Parrot, Debian, or Ubuntu branding remains — uname, /proc/version, and all build identity strings are NullSec-native.

Property	Value
Version	6.17.13+2-amd64
Source	kernel.org vanilla
Build ID	nullsec@nullsec.sh
/proc/version	NullSec 6.17.13-1nullsec1

See kernel/ for build scripts, configs, and documentation. Download pre-built .deb packages from Releases.

Binary Protection

• PIE, Full RELRO, Stack canaries
• FORTIFY_SOURCE=3
• NX/DEP, CET/IBT
• Shadow stack (x86_64)
• CFI (Control-Flow Integrity)

Network Security

• nftables firewall default
• IPv6 privacy extensions
• SYN cookies, reverse path filtering
• TCP timestamps disabled
• ICMP redirect disabled
• Wireguard built-in

Application Security

• AppArmor + SELinux profiles
• Seccomp-bpf filters
• Namespace isolation
• Landlock LSM
• IMA/EVM integrity
• Bubblewrap sandboxing

---

🛠️ Pre-Installed Security Tools (115+)

Offensive Security

Tool	Language	Purpose
nullsec-injector	Rust	Memory-safe process injection
nullsec-shellcraft	Racket	Shellcode generation DSL
nullsec-exploit	C	Binary exploitation framework
nullsec-c2	Go	Command & control server
nullsec-phish	Python	Phishing framework
nullsec-webfuzz	Rust	Web application fuzzer
nullsec-sqlinject	Python	SQL injection toolkit

Network Security

Tool	Language	Purpose
nullsec-netprobe	Nim	Stealthy network recon
nullsec-portscan	Elixir	Async port scanner
nullsec-netseer	Haskell	Traffic analysis
nullsec-sniffer	Clojure	Packet capture
nullsec-flowtrace	Haskell	Flow analyzer
nullsec-crystalrecon	Crystal	Network reconnaissance
nullsec-dnsenum	Go	DNS enumeration
nullsec-arpwatch	C	ARP monitoring

Binary Analysis

Tool	Language	Purpose
nullsec-memcorrupt	Zig	Memory corruption analysis
nullsec-bingaze	C++20	Binary analysis
nullsec-kernspy	Go	Kernel module analyzer
nullsec-zigscan	Zig	Binary entropy analyzer
nullsec-nimhunter	Nim	Memory forensics
nullsec-binarydiff	Rust	Binary diffing
nullsec-hexdump	Zig	Hex analysis

Cryptography

Tool	Language	Purpose
nullsec-cryptwrap	Ada/SPARK	Formally verified crypto
nullsec-hashwitch	Julia	Hash analysis
nullsec-adashield	Ada	Protocol validator
nullsec-vvault	V	Credential vault
nullsec-cryptoaudit	Rust	Crypto implementation audit

Defense & Detection

Tool	Language	Purpose
nullsec-cppsentry	C++20	Packet sentinel
nullsec-swiftsentinel	Swift	macOS event monitor
nullsec-kotlinguard	Kotlin	Container scanner
nullsec-clusterguard	Erlang	Distributed IDS
nullsec-luashield	Lua	WAF rules engine
nullsec-beaconhunt	Go	C2 beacon detector

OSINT & Recon

Tool	Language	Purpose
nullsec-reporaider	Clojure	Git secret scanner
nullsec-juliaprobe	Julia	Anomaly detector
nullsec-perlscrub	Perl	Log sanitizer
nullsec-shelltrace	Tcl	Command auditor
nullsec-fsharpsignal	F#	Signal correlator
nullsec-credscan	Python	Credential finder

Mobile Security

Tool	Language	Purpose
nullkia	Multi	Mobile security framework v3.0
nullsec-apkanalyzer	Kotlin	APK analysis
nullsec-iosextract	Swift	iOS forensics
nullsec-android	Java	Android security
nullsec-bluetooth	C	Bluetooth research

Cloud Security (NEW)

Tool	Language	Purpose
nullsec-cloudaudit	Go	Multi-cloud auditor
nullsec-k8sscan	Go	Kubernetes security scanner
nullsec-awsrecon	Python	AWS enumeration
nullsec-gcphunt	Go	GCP security
nullsec-azuresweep	C#	Azure auditor
nullsec-terraform-scan	Go	IaC security

AI/ML Security (NEW)

Tool	Language	Purpose
nullsec-llmred	Python	LLM red teaming
nullsec-promptinject	Python	Prompt injection testing
nullsec-modelaudit	Python	ML model security audit
nullsec-adversarial	Python	Adversarial ML
nullsec-datapoisoning	Python	Training data attacks

Hardware Hacking (NEW)

Tool	Language	Purpose
nullsec-sdr	C/Python	Software-defined radio
nullsec-rfid	C	RFID/NFC research
nullsec-canbus	C	CAN bus analysis
nullsec-jtag	C	JTAG/SWD tools
nullsec-glitch	Python	Fault injection
nullsec-uart	Python	UART/Serial tools

Automotive Security (NEW)

Tool	Language	Purpose
nullsec-carfuzz	C	CAN bus fuzzer
nullsec-obdii	Python	OBD-II toolkit
nullsec-uds	Python	UDS protocol tools
nullsec-keyfob	C	Key fob research

Automation & Framework

Tool	Language	Purpose
nullsec-framework	Python	Unified framework
nullsec-dlangaudit	D	Security auditor
nullsec-beacon	Erlang	Network beacon
nullsec-ocamlparse	OCaml	Policy parser

---

🚀 Quick Start

System Requirements

Component	Minimum	Recommended
CPU	64-bit x86_64/ARM64	Multi-core (4+)
RAM	4 GB	16 GB
Storage	30 GB	120 GB NVMe
Graphics	Any	Hardware accel

Create Bootable USB

# Linux/macOS
sudo dd if=nullsec-pro-5.0-amd64.iso of=/dev/sdX bs=4M status=progress conv=fsync

# Or use Ventoy for multi-ISO boot
sudo ventoy -i /dev/sdX
cp nullsec-*.iso /mnt/ventoy/

First Boot

# Update system
nullsec-update

# Fetch latest tools
nullsec-fetch

# Launch framework
nullsec-framework

# Apply security profile
nullsec-harden --profile maximum

# Start anonymity mode
nullsec-anon --tor --mac-spoof --dns-over-tor

# Launch NullKia (mobile)
nullkia --gui

---

📁 Directory Structure

/opt/nullsec/
├── bin/           # 115+ NullSec tools
├── configs/       # Configuration files
├── payloads/      # Payload templates
├── wordlists/     # Curated wordlists
├── scripts/       # Automation scripts
├── modules/       # Framework modules
├── ai/            # AI/ML models (NEW)
├── hardware/      # Hardware tool configs (NEW)
└── docs/          # Documentation

/etc/nullsec/
├── security/      # Security profiles
├── firewall/      # nftables rules
├── apparmor/      # AppArmor profiles
├── seccomp/       # Seccomp filters
├── integrity/     # IMA policies
└── cloud/         # Cloud provider configs (NEW)

---

🔗 Related Projects

Project	Description
nullsec-framework	Unified toolkit framework
nullkia	Mobile security framework v3.0
nullsec-payloads	Payload templates
nullsec-wordlists	Curated wordlists
nullsec-configs	Dotfiles & configs
bad-antics.github.io	Download portal

---

📋 Changelog

v5.0.0 (January 2026)

• 135+ tools (25 new)
• NullKia v3.0 integrated
• Cloud pentesting edition (AWS/GCP/Azure/K8s)
• AI/ML security suite (LLM red teaming)
• Hardware hacking edition (SDR/RFID/IoT)
• Automotive security tools (CAN bus)
• Custom Kernel 6.17.13 (built from source, NullSec-branded)
• Wayland + Hyprland compositor
• Full ARM64/Apple Silicon support
• Enhanced isolation (Landlock, CFI)

v4.0.0 (2025)

• 90+ tools
• NullKia v2.0
• Cloud edition
• Apple Silicon via Asahi

v3.0.0 (2024)

• Initial public release
• 60+ tools

---

📜 License

NullSec Public License v1.0 — For authorized security testing and education only.

---

🏷️ Keywords

linux distribution security distro penetration testing ethical hacking kali alternative parrot alternative red team blue team CTF cybersecurity hacking tools privacy anonymity DFIR OSINT bad-antics nullsec cloud security kubernetes aws ai security hardware hacking automotive security mobile security iot security

---

Developed with 💀 by bad-antics

NullSec Project © 2026 — Hack Ethically

🌐 Download Portal: bad-antics.github.io

---

⭐ Support the Project

If you find NullSec Linux useful, please consider:

• ⭐ Star this repository — helps others discover it!
• 🍴 Fork it — contribute improvements
• 📢 Share it — tell your security community

Related Projects (⭐ Star them too!)

Project	Description
⭐ nullsec-webfuzz	High-performance web fuzzer in Rust
⭐ blackflag-ecu	Professional ECU diagnostics & tuning
⭐ nullkia	Mobile security framework
⭐ mysterymachine	AI-powered recon & exploitation
⭐ n01d-forge	Rust/egui image burner with LUKS/VeraCrypt encryption
⭐ n01d-machine	Secure VM manager with Tor/VPN isolation
⭐ glowbarn-os	IoT security firmware framework
⭐ mirage	ML model security testing
⭐ ai-entropy-mapper	Neural network entropy analysis

🎯 Version 5.0 Highlights

• New AI/ML Security Edition - Tools for LLM red teaming, prompt injection testing
• Hardware Hacking Edition - SDR, RFID, glitch attacks, JTAG tools
• Automotive Edition - CAN bus, OBD-II, UDS protocol tools
• Apple Silicon Support - Native Asahi Linux builds
• RISC-V Support - For emerging hardware platforms

🔒 Security Features

• Full disk encryption by default
• AppArmor/SELinux profiles for all tools
• Hardened kernel configurations
• Secure boot support
• TPM integration