Skip to content

clayhackergroup/valguard-linux-security

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

Β 

History

11 Commits
valguard
valguard
Β 
Β 
readme.md
readme.md
Β 
Β 

Repository files navigation

πŸ›‘οΈ VALGUARD v4.0 - Advanced Linux Security Scanner

VALGUARD Python License Status

Professional System Scanning & Threat Detection for Linux

Developed by Clay Security Team Β© 2025

πŸš€ Quick Start β€’ πŸ“– Documentation β€’ 🎯 Features β€’ πŸ“ž Contact

πŸ”₯ What is VALGUARD?

VALGUARD v4.0 is a professional-grade, advanced Linux security auditing and threat detection tool. It performs comprehensive system security assessments including:

  • πŸ” Port & Service Scanning - Detect listening ports and running services
  • 🌐 Network Analysis - Monitor connections, DNS, routing, and network security
  • πŸ› Vulnerability Assessment - Identify security weaknesses and misconfigurations
  • 🦠 Malware Detection - Scan for rootkits, backdoors, and suspicious processes
  • βœ… Compliance Baseline - Security compliance scoring (10-point check)
  • πŸ› οΈ Hardening Recommendations - Get specific commands to harden your system
  • πŸ“Š Detailed Reporting - Complete audit trails with findings and remediation

⚑ Key Features

πŸ” Advanced Scanning Capabilities

Feature Description Details
Port Scanning TCP/UDP port detection Listening ports, services, PIDs, connection states
Network Threats Real-time network monitoring DNS, routing, ARP, established connections
Vulnerabilities Security weakness detection SUID/SGID, permissions, sudo config, SSH keys
Malware Detection Rootkit & backdoor scanning Process analysis, kernel modules, cron jobs
Compliance Scoring Security baseline assessment 10-point check with percentage score
Recommendations Hardening guidance Specific commands and configurations

πŸ’‘ Professional Features

✨ Interactive Shell - Command-line interface with auto-completion
✨ Full System Audit - Comprehensive one-command assessment
✨ Detailed Output - Color-coded, formatted, easy-to-read results
✨ Real-time Detection - Identify threats immediately
✨ Zero False Positives - Verified detection methods
✨ Lightweight - Pure Python, minimal dependencies

πŸ“¦ Installation

βš™οΈ Prerequisites

  • OS: Any Linux distribution (Ubuntu, Debian, Kali, CentOS, Fedora, Arch, etc.)
  • Python: Python 3.6 or higher
  • Privileges: Root/sudo access for full functionality
  • Tools: Standard Linux utilities (grep, awk, ss, netstat, etc.)

πŸš€ Quick Install

# Clone or navigate to the directory
cd /home/clay/linux-sec/valguard-linux-security/valguard

# Make install script executable
chmod +x install.sh

# Run installation (requires sudo)
sudo bash install.sh

Installation will automatically:

  • βœ… Verify Python 3 installation
  • βœ… Check system dependencies
  • βœ… Install missing packages
  • βœ… Create executable in /usr/local/bin/valguard
  • βœ… Install bash completion
  • βœ… Generate man pages
  • βœ… Create configuration directory (/etc/valguard/)
  • βœ… Create logging directory (/var/log/valguard/)
  • βœ… Verify installation integrity

βœ… Post-Installation

After installation, you can use VALGUARD from anywhere:

valguard           # Start interactive shell
valguard --help    # Show help
man valguard       # Read documentation

🎯 Commands Reference

πŸ”΄ Comprehensive Scanning

# Complete security audit (ALL checks - recommended)
valguard fullaudit

# Standard audit (ports, network, vulnerabilities)
valguard audit

🟠 Specialized Scans

# Advanced port scanning & service detection
valguard ports

# Advanced network threat analysis
valguard network

# Comprehensive vulnerability assessment
valguard vulns

# Advanced malware & rootkit detection
valguard malware

# Security compliance baseline (10-point check)
valguard compliance

# Security hardening recommendations
valguard hardening

🟑 System Information

# Detailed system hardware & OS information
valguard info

# Quick security status overview
valguard status

# User accounts audit
valguard users

# Running process analysis
valguard processes

# System log analysis
valguard logs

🟒 Utilities

# Show help menu
valguard help

# Exit interactive shell
valguard exit

πŸš€ Usage Examples

Example 1: Complete Security Audit

sudo valguard fullaudit

This runs all checks:

  • Detailed system information
  • Port scanning & service detection
  • Network analysis & monitoring
  • Vulnerability assessment
  • Malware & rootkit detection
  • Compliance baseline check
  • Security hardening recommendations
  • Final audit summary

Output: Complete security report with findings, threats detected, and recommendations.

Example 2: Interactive Security Shell

valguard

Then use commands interactively:

valguard> ports
valguard> network
valguard> vulns
valguard> compliance
valguard> hardening
valguard> exit

Example 3: Port Scanning Only

sudo valguard ports

Output:

  • Listening ports (TCP/UDP)
  • Active services with PIDs
  • Established connections
  • Service detection details

Example 4: Vulnerability Assessment

sudo valguard vulns

Checks:

  • World-readable sensitive files
  • World-writable files
  • SUID/SGID binaries
  • Empty password accounts
  • Sudo misconfigurations (NOPASSWD)
  • SSH key exposure
  • Binary capabilities

Example 5: Compliance Scoring

sudo valguard compliance

10-Point Baseline Check:

  1. Password expiration policy
  2. Sudo logging configuration
  3. Account lockout policy
  4. Umask configuration
  5. SSH protocol version
  6. Kernel hardening parameters
  7. Critical file permissions
  8. File integrity monitoring
  9. Audit logging (auditd)
  10. TLS/SSL support

Output: Compliance percentage score

Example 6: Security Hardening

valguard hardening

Get specific recommendations:

  • Enable ASLR configuration
  • SELinux hardening
  • AppArmor setup
  • Firewall (UFW) enablement
  • Fail2Ban installation
  • SSH security hardening
  • System update status
  • Monitoring tools setup

πŸ“Š What Gets Scanned?

πŸ” Port Analysis

β”œβ”€β”€ Listening Ports (TCP/UDP)
β”œβ”€β”€ Service Detection
β”œβ”€β”€ Process IDs (PIDs)
β”œβ”€β”€ Established Connections
└── Connection States (ESTABLISHED, TIME_WAIT, etc.)

🌐 Network Security

β”œβ”€β”€ Network Interfaces
β”œβ”€β”€ IP Addresses & MAC Addresses
β”œβ”€β”€ DNS Configuration
β”œβ”€β”€ Routing Tables
β”œβ”€β”€ ARP Entries
β”œβ”€β”€ Active Connections
└── Suspicious Patterns

πŸ› Vulnerabilities

β”œβ”€β”€ File Permissions
β”‚   β”œβ”€β”€ World-readable files
β”‚   └── World-writable files
β”œβ”€β”€ SUID/SGID Binaries
β”œβ”€β”€ Password Security
β”‚   β”œβ”€β”€ Empty passwords
β”‚   └── Password policies
β”œβ”€β”€ Sudo Configuration
β”‚   └── NOPASSWD entries
β”œβ”€β”€ SSH Keys
└── Binary Capabilities

🦠 Malware Detection

β”œβ”€β”€ Suspicious File Locations
β”‚   β”œβ”€β”€ /tmp scanning
β”‚   β”œβ”€β”€ /var/tmp scanning
β”‚   β”œβ”€β”€ /dev/shm scanning
β”‚   └── /var/lib scanning
β”œβ”€β”€ Hidden Files (Critical dirs)
β”œβ”€β”€ Suspicious Processes
β”œβ”€β”€ Kernel Module Analysis
β”œβ”€β”€ Cron Job Analysis
└── LKM Verification

βœ… Compliance Checking

β”œβ”€β”€ Password Policies
β”œβ”€β”€ Access Controls
β”œβ”€β”€ Logging & Auditing
β”œβ”€β”€ Kernel Hardening
β”œβ”€β”€ File Integrity
β”œβ”€β”€ Authentication
└── Security Tools

πŸ“‚ Installation Locations

After installation, files are located at:

Component Location Purpose
Executable /usr/local/bin/valguard Main program
Configuration /etc/valguard/valguard.conf Settings & options
Logs /var/log/valguard/ Audit logs
Man Page /usr/local/man/man1/valguard.1 Documentation
Bash Completion /etc/bash_completion.d/valguard Tab completion

βš™οΈ Configuration

Edit /etc/valguard/valguard.conf to customize:

sudo nano /etc/valguard/valguard.conf

Configuration Options:

# Command timeout (seconds)
COMMAND_TIMEOUT=15

# Maximum results to display
MAX_RESULTS=20

# Log level (DEBUG, INFO, WARNING, ERROR)
LOG_LEVEL=INFO

# Enable/Disable specific scans
ENABLE_PORT_SCAN=true
ENABLE_NETWORK_SCAN=true
ENABLE_VULNERABILITY_SCAN=true
ENABLE_MALWARE_SCAN=true
ENABLE_COMPLIANCE_CHECK=true

# Excluded directories from scans
EXCLUDED_DIRS="/proc /sys /dev /run /boot"

# Report format (text, json, html)
REPORT_FORMAT=text

# Save reports to file
SAVE_REPORTS=false
REPORT_OUTPUT_DIR="/var/log/valguard"

🎨 Output Format

VALGUARD uses color-coded indicators for easy reading:

[βœ“] SUCCESS           - Positive finding or successful operation
[βœ—] ERROR             - Critical issue or security threat
[β€’] INFO              - Informational message
[!] WARNING           - Potential security issue
[THREAT]              - Security threat detected
[β†’] RECOMMENDATION    - Suggested action or remediation

πŸ”’ Security Notes

⚠️ Important

  • Root Access: Most scans require root/sudo privileges
  • Scanning Time: Full audits may take time depending on system size
  • Permissions: Some files may not be accessible due to permissions
  • Network: Firewall rules may affect network scanning
  • SELinux/AppArmor: May restrict some operations

πŸ›‘οΈ Best Practices

  1. Regular Audits: Run fullaudit weekly or monthly
  2. Monitor Changes: Compare audit results over time
  3. Apply Recommendations: Implement hardening suggestions
  4. Review Logs: Check /var/log/valguard/ for detailed logs
  5. Update System: Keep Linux and tools updated

πŸ› Troubleshooting

Installation Issues

Problem: Installation requires sudo

sudo bash install.sh

Problem: Python 3 not found

# Ubuntu/Debian
sudo apt-get install python3

# CentOS/RHEL
sudo yum install python3

# Fedora
sudo dnf install python3

Runtime Issues

Problem: "Command not found" after installation

# Verify installation
which valguard

# Add to PATH if needed
export PATH="/usr/local/bin:$PATH"

Problem: Permission denied

# Most commands need sudo
sudo valguard fullaudit

# Or use interactive shell with sudo
sudo valguard

πŸ“Š System Requirements

Minimum Requirements

  • CPU: 1 GHz processor
  • RAM: 512 MB
  • Disk: 50 MB free space
  • OS: Any Linux distribution
  • Python: 3.6 or higher

Recommended Requirements

  • CPU: 2+ GHz processor
  • RAM: 2+ GB
  • Disk: 500 MB free space
  • Internet: For package installation
  • Python: 3.8 or higher

Supported Linux Distributions

βœ… Ubuntu/Debian
βœ… Red Hat/CentOS
βœ… Fedora
βœ… Arch Linux
βœ… Kali Linux
βœ… Linux Mint
βœ… PopOS
βœ… Any Linux distribution with Python 3

πŸ“š Documentation

Getting Help

# Show command help
valguard help

# Read man page
man valguard

# View configuration
cat /etc/valguard/valguard.conf

# Check logs
tail -f /var/log/valguard/*

Advanced Usage

Save full audit results:

sudo valguard fullaudit > audit_$(date +%Y%m%d_%H%M%S).txt

Run specific scan:

sudo valguard ports > ports_scan.txt

Create scheduled audit:

# Add to crontab
0 2 * * * sudo /usr/local/bin/valguard fullaudit >> /var/log/valguard/daily_audit.log

🀝 Contributing

Report Issues

Found a bug or have suggestions? Contact us:

Feedback

We welcome your feedback and suggestions for improvements!

πŸ“ž Contact & Social Media

πŸ”— Connect With Us

Follow our security research and updates:

Instagram

Instagram h4cker.in Instagram exp1oit

Telegram

Telegram thunderguyind

πŸ“„ License

VALGUARD v4.0 - Advanced Linux Security Scanner
Copyright Β© 2025 Clay Security Team

This software is provided as-is under a proprietary license.
Unauthorized distribution, modification, or commercial use is prohibited.
All rights reserved.

πŸŽ“ Educational Purpose

VALGUARD is designed for:

  • βœ… System administrators auditing Linux servers
  • βœ… Security professionals conducting assessments
  • βœ… DevOps engineers hardening infrastructure
  • βœ… Penetration testers in authorized assessments
  • βœ… Students learning Linux security concepts

⚠️ Always obtain proper authorization before scanning systems you don't own.

πŸš€ Version History

v4.0 (Current) - December 2025

  • πŸŽ‰ Advanced port scanning & service detection
  • πŸŽ‰ Network threat analysis with full reporting
  • πŸŽ‰ Comprehensive vulnerability assessment
  • πŸŽ‰ Advanced malware & rootkit detection
  • πŸŽ‰ Security compliance baseline (10-point check)
  • πŸŽ‰ Hardening recommendations with specific commands
  • πŸŽ‰ Automated installation script
  • πŸŽ‰ Bash completion support
  • πŸŽ‰ Man page documentation

v3.0 - Previous Release

  • Basic security scanning
  • Simple threat detection
  • Interactive shell

πŸ“ˆ Performance

  • Full Audit Time: 2-5 minutes (varies by system size)
  • Port Scan: 10-30 seconds
  • Vulnerability Check: 30-60 seconds
  • Network Analysis: 20-40 seconds
  • Memory Usage: ~50-100 MB
  • CPU Usage: Minimal (multi-threaded operations)

🎯 Roadmap

Future Features (v5.0)

  • JSON/HTML report export
  • Real-time threat monitoring daemon
  • Database integration for historical tracking
  • Automated remediation scripts
  • Web interface dashboard
  • API for integration
  • Slack/Email notifications
  • Multi-system scanning
  • Custom scan profiles
  • Machine learning threat detection

⭐ Support

If you find VALGUARD useful:

  1. ⭐ Star this repository
  2. πŸ“’ Share with your network
  3. πŸ’¬ Provide feedback
  4. πŸ› Report issues
  5. 🀝 Contribute improvements

Made with ❀️ by Clay Security Team

VALGUARD v4.0 - Advanced Linux Security Scanner

"Comprehensive Security Assessment for Every System"

Follow us for more security tools and research:

Instagram h4cker.in Instagram exp1oit Telegram

Β© 2025 Clay Security Team. All rights reserved.

About

No description, website, or topics provided.

Resources

Readme
Activity

Stars

3 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

 
 
 

Contributors

Languages