Security-focused Linux distribution with a custom kernel, zero telemetry, 5 specialized editions, and everything you need for red team, blue team, and research.
Purpose-built images for every security discipline. All hardened from the kernel up.
Full 140+ tool suite for general penetration testing and security research.
AWS, GCP, Azure, and Kubernetes security auditing tools pre-configured.
LLM red teaming, adversarial ML, model auditing, and prompt injection testing.
SDR, RFID, JTAG, fault injection, and embedded systems research tools.
CAN bus analysis, OBD-II diagnostics, UDS protocol, and key fob research.
Every layer of the stack is security-configured out of the box.
Built from vanilla kernel.org sources. KASLR, SMEP/SMAP, PTI, Retpoline, module signing, lockdown mode.
Completely stripped. No phone-home, no analytics, no tracking. Full disk encryption with LUKS2 + Argon2id.
nftables firewall, SYN cookies, IPv6 privacy extensions, Wireguard built-in, DNS-over-HTTPS.
PIE, Full RELRO, Stack canaries, FORTIFY_SOURCE=3, NX/DEP, CET/IBT, shadow stack, CFI.
AppArmor + SELinux profiles, Seccomp-bpf filters, namespace isolation, Landlock LSM, Bubblewrap.
Tor/I2P/Lokinet integration, MAC spoofing on boot, anti-forensics capabilities, stealth live boot.
Custom signing keys, TPM integration, IMA/EVM integrity measurement, verified boot chain.
AMD64, ARM64 (Raspberry Pi 5, Apple Silicon), RISC-V (StarFive VisionFive 2). Native on all.
Written in 15+ languages. Every tool purpose-built by the NullSec team.
| nullsec-injector | Rust | Memory-safe process injection |
| nullsec-shellcraft | Racket | Shellcode generation DSL |
| nullsec-exploit | C | Binary exploitation framework |
| nullsec-c2 | Go | Command & control server |
| nullsec-webfuzz | Rust | Web application fuzzer |
| nullsec-sqlinject | Python | SQL injection toolkit |
| nullsec-memcorrupt | Zig | Memory corruption analysis |
| nullsec-bingaze | C++20 | Binary analysis |
| nullsec-kernspy | Go | Kernel module analyzer |
| nullsec-hashwitch | Julia | Hash analysis engine |
| nullsec-netprobe | Nim | Stealthy network recon |
| nullsec-portscan | Elixir | Async port scanner |
| nullsec-netseer | Haskell | Traffic analysis |
| nullsec-dnsenum | Go | DNS enumeration |
| nullsec-arpwatch | C | ARP monitoring |
| nullsec-cppsentry | C++20 | Packet sentinel |
| nullsec-clusterguard | Erlang | Distributed IDS |
| nullsec-luashield | Lua | WAF rules engine |
| nullsec-beaconhunt | Go | C2 beacon detector |
| nullsec-cryptwrap | Ada | Formally verified crypto |
Flash, boot, hack. Zero configuration needed.
$ sudo dd if=nullsec-pro-5.0.iso of=/dev/sdX bs=4M status=progress 4.2 GB copied, 89s, 47.2 MB/s # Boot into NullSec Linux... $ nullsec-update β System packages updated β 140 security tools verified β Kernel 6.17.13 β current $ nullsec-harden --profile maximum β Kernel lockdown: integrity β AppArmor: enforcing β Firewall: locked β ASLR: full randomization $ nullsec-anon --tor --mac-spoof --dns-over-tor β Tor circuit established β MAC address randomized β DNS routing through Tor β You are anonymous. $ nullsec-framework NullSec Framework v5.0 140 tools loaded. Ready.
Whether you're attacking, defending, or researching β NullSec has your edition.
Full offensive toolkit with C2, exploitation, lateral movement, and persistence tools.
IDS, packet analysis, log correlation, C2 beacon detection, and incident response tools.
Binary analysis, crypto tools, pwn frameworks, web exploits β everything for competition day.
AWS, GCP, Azure, Kubernetes auditing. Terraform scanning. Container secrets extraction.
RAM analysis, disk imaging, timeline reconstruction, memory forensics, and evidence preservation.
LLM red teaming, prompt injection testing, adversarial ML, model auditing, data poisoning research.
Standard edition is free forever. Pro editions unlock hardened images and premium tools.
Native support for every major architecture and deployment target.
Standard 64-bit PCs, workstations, servers. Full edition support.
M1/M2/M3/M4 native via Asahi Linux. Full hardware acceleration.
Raspberry Pi 4/5, ARM servers. Drop-in SD card image.
StarFive VisionFive 2 support for emerging open hardware.
Containerized toolkit for CI/CD pipelines and cloud deployments.
Pre-built OVA, AMI, and GCP images. Deploy in minutes.
140+ tools. Custom kernel. Zero telemetry. Five editions. One download.