This layer provides security tools, hardening tools for Linux kernels and libraries for implementing security mechanisms.

Mailing list

Git repository

git:// web repo

Last commit: 5 days, 4 hours ago (master branch)


Recipe name Version Description
aircrack-ng 1.3 Aircrack-ng is a set of tools for auditing wireless networks
apparmor 2.13.2 AppArmor another MAC control system
bastille 3.2.1 Linux hardening tool
buck-security 0.7 Linux security scanner
ccs-tools 1.8.4 Tomoyo
checksec 1.11.1 Linux system security checks
checksecurity 2.0.15 basic system security checks
clamav 0.99.4 ClamAV anti-virus utility for Unix - command-line interface
cryptsetup-tpm-incubator 0.9.9 An extension to cryptsetup/LUKS that enables use of the TPM 2.0 via tpm2-tss
ding-libs 0.5.0 Dynamic hash table implementation
ecryptfs-utils 111 The eCryptfs mount helper and support libraries
fscryptctl 0.1.0 low-level tool handling Linux filesystem encryption
google-authenticator-libpam 1.05 Google Authenticator PAM module
ibmswtpm2 1332 IBM's Software TPM 2.0
ima-evm-utils 1.0+gitX IMA/EVM control utility
ima-policy-appraise-all 1.0 IMA sample simple appraise policy
ima-policy-hashed 1.0 IMA sample hash policy
ima-policy-simple 1.0 IMA sample simple policy
initramfs-framework-ima 1.0 IMA module for the modular initramfs system
integrity-image-minimal 1.0 An image as an exmaple for Ima support
isic 0.07 ISIC -- IP Stack Integrity Checker
keyutils 1.6 Linux Key Management Utilities
lib-perl 0.63 This is a small simple module which simplifies the manipulation of @INC at compile time. It is typically used to add extra directories to Perl's search path so that later 'use' or 'require' statements will find modules which are not located in the default search path.
libenv-perl 1.04 Perl module that imports environment variables as scalars or arrays
libgssglue 0.4 Exports a gssapi interface which calls other gssapi libraries
libhtp 0.5.29 LibHTP is a security-aware parser for the HTTP protocol and the related bits and pieces.
libldb 1.3.1 Hierarchical, reference counted memory pool system with destructors
libmhash Library of hashing algorithms.
libmspack 1.9.1 A library for Microsoft compression formats
libseccomp 2.4.1 interface to seccomp filtering mechanism
libtpm 0.6.0 LIBPM - Software TPM Library
libwhisker2-perl 2.5 Libwhisker is a Perl module geared specificly for HTTP testing.
lynis 2.7.5 Lynis is a free and open source security and auditing tool.
mmap-smack-test 1.0 Mmap binary used to test smack mmap attribute
ncrack 0.7 Network authentication cracking tool
nikto 2.1.6 web server scanner
openscap git
openscap 1.3.1
packagegroup-core-security 1.0 Security packagegroup for Poky
packagegroup-core-security-ptest 1.0 Security ptest packagegroup
packagegroup-ima-evm-utils 1.0 IMA/EVM userspace tools
paxctl 0.9 paxctl is a tool that allows PaX flags to be modified on a per-binary basis. PaX is part of common security-enhancing kernel patches and secure distributions, such as GrSecurity or Adamantix and Hardened Gen-too, respectively.
python-fail2ban Daemon to ban hosts that cause multiple authentication errors.
python-scapy 2.4.2 Network scanning and manipulation tool
python3-fail2ban Daemon to ban hosts that cause multiple authentication errors.
python3-scapy 2.4.2 Network scanning and manipulation tool
redhat-security 1.0 redhat security tools
samhain-client 4.3.2 Provides file integrity checking and log file monitoring/analysis
samhain-server 4.3.2 Provides file integrity checking and log file monitoring/analysis
samhain-standalone 4.3.2 Provides file integrity checking and log file monitoring/analysis
scap-security-guide v0.1.44+gitX
scap-security-guide 0.1.44
security-build-image 1.0 A small image for building meta-security packages
security-client-image 1.0 A Client side Security example
security-server-image 1.0 A Serve side image for Security example
security-test-image 1.0 A small image for testing meta-security packages
security-tpm2-image 1.0 A small image for building a tpm2 image for testing
smack 1.3.1 Selection of tools for developers working with Smack
smack-test 1.0 Smack test scripts
sssd 1.16.4 system security services daemon
suricata 4.1.3 The Suricata Engine is an Open Source Next Generation Intrusion Detection and Prevention Engine
swtpm 0.1.0 SWTPM - Software TPM Emulator
tcp-smack-test 1.0 Binary used to test smack tcp sockets
tpm2-abrmd 2.1.1 TPM2 Access Broker & Resource Manager
tpm2-pkcs11 0.9.9 A PKCS#11 interface for TPM2 hardware
tpm2-tcti-uefi 0.9.9 TCTI module for use with TSS2 libraries in UEFI environment
tpm2-tools 3.2.0 Tools for TPM2.
tpm2-totp 0.1.1 Attest the trustworthiness of a device against a human using time-based one-time passwords
tpm2-tss 2.2.3 Software stack for TPM2.
tpm2-tss-engine 1.0.0 The tpm2-tss-engine project implements a cryptographic engine for OpenSSL.
tripwire Tripwire: A system integrity assessment tool (IDS)
udp-smack-test 1.0 Binary used to test smack udp sockets
xmlsec1 1.2.27 XML Security Library is a C library based on LibXML2