Welcome to the OsintMachineGuide
This project is part of the proposal for the OPSEC-for-OSINT(OFO) repository. OFO is a collaborative community dedicated to assisting OSINT investigators with advanced OPSEC processes.
This project is part of the proposal for the OPSEC-for-OSINT(OFO) repository. OFO is a collaborative community dedicated to assisting OSINT investigators with advanced OPSEC processes.
While it is impossible to make a machine 100% impenetrable, given the capabilities, time, and resources of powerful adversaries, no online system can be considered completely secure. However, by following the settings in this GUIDE, it becomes significantly more challenging for an attacker to carry out their actions. Additionally, this machine is resistant to persistent malware, incorporating more than 18 advanced protection settings that cover the main types of attacks. See the main ones below
Transform Debian into Kicksecure, an operating system built with default hardening, covering key types of attacks.
Kicksecure protects Linux user accounts against brute force attacks by using pam tally2.
Kicksecure provides additional security hardening measures and user education for better protection from virus attacks.
Running low on RAM isn't a security problem with swap-file-creator. It will create an encrypted swap file.
Secure download + Installation and PGP key verification, done correctly, ensuring your VMs stay secure.
Rotating Proxy settings under the Tor service, ensuring your investigations remain private.
Kicksecure update servers know neither the identity nor IP address of the user because all upgrades are downloaded over Tor.
Kicksecure uses strong Kernel Hardening Settings as recommended by the Kernel Self Protection Project (KSPP).
Kicksecure offers a much requested Live Mode. After the session all data will be gone.
AppArmor profiles restrict the capabilities of commonly used, high-risk applications.
Linux User Account Separation is not always a given on Linux systems. In Kicksecure it is.
Kicksecure defeats time attacks on its users through Boot Clock Randomization and secure network time synchronization using sdwdate.
Kicksecure provides a much lower attack surface since there are no open server ports by default unlike in some other Linux distributions.
Without TCP ISN randomization, sensitive information about a system's CPU activity can be leaked through outgoing traffic, leaving it vulnerable to side-channel attacks. tirdad prevents that.
Strong entropy is required for computer security to ensure the unpredictability and randomness of cryptographic keys and other security-related processes. Kicksecure makes encryption more secure thanks to preinstalled random number generators.
Processo para download e verificação de assinatura do Tor Browser e configurações iniciais de segurança.
Instalação de Firewall + Configuração Hardening de Regas avançadas para garantir maior segurança!
Instale aplicativos focados em privacidade e OPSEC, como Kleopatra, KeePassXC, Zulu Crypt, e outras.
Access the frequently asked questions in the repository and get your doubts cleared right away!