HardenedLinux

We are "patient" zero, so we hardened ourselves!

Apr 13, 2026 - 5 minute read - Research

Stealthy RCE on Hardened Linux: noexec + Userland Execution PoC

Running arbitrary ELFs on noexec,nosuid,nodev mounts – without ever whispering execve(2) to the kernel. A straight-from-the-underground deep dive into the userland-exec toolkit. We built it. We drop it. We own the box. The Radical Threat Model (because “defense in depth” is just marketing until you test it) Sysadmins think they’ve won when they slap this on: mount -t tmpfs -o noexec,nosuid,nodev tmpfs /tmp/noexec_demo Add SELinux enforcing or a tight AppArmor profile and they call it a day.

Oct 13, 2024 - 16 minute read - Research

Container Hardening Process

This is a step-by-step guide to the container hardening process on the GNU/Linux operating system. A containerized application (Podman with Pandoc) has been created for demonstration. The process begins with applying a customized Seccomp policy profile created by analyzing system calls for the container process. Then, MAC tools (AppArmor and SELinux) are set up on the host OS to protect file systems from being accessed arbitrarily. There are some suggestions and discussions in the end about further hardening options.

Aug 20, 2024 - 21 minute read - Research

GNU/Linux Sandboxing - A Brief Review

This paper is an incomplete review of the sandbox solutions on the GNU/Linux operating system, which covers the often-used or commonly studied solutions. It also introduces the interfaces to be restricted by an application sandbox and discusses the idea of application sandboxing in the end. Hopefully, it can be a reference for the GNU/Linux communities, including users, package maintainers, and application developers.

Jan 17, 2024 - 6 minute read - Research

How to access websites hostile toward Tor through Tor

By Anonymous How to access websites hostile toward Tor through Tor Tor is an effective tool that allows us to access network services anonymously. Unfortunately, certain network services, often websites, have hostility towards Tor and employ various methods to block TCP connections originating from Tor exit nodes. However, they usually accept TCP connections that do not originate from Tor exits. Therefore, to access these Tor-hostile websites, one approach is to route the traffic through a proxy server after exiting the Tor network.