š Problem: You notice a server āphoning homeā but canāt tell which process is responsible.
PortPulse helps:
- Trace any PID + its child processes
- See every connection with process ā port ā domain mapping
- Risk scoring for suspicious connections
- Generate quarantine rules (nftables)
- Export logs for compliance or SIEM
Two commands to full visibility:
curl -sSf https://raw.githubusercontent.com/the-shadow-0/PortPulse/main/scripts/install.sh | bash
sudo portpulse live
š” Bonus: real-time DNS query capture, container awareness, and risk scoring.
Open source ā GitHub: PortPulse
Iād love feedback from Linux devs & security engineers:
- Would you use this in production?
- What features would make it even better?
Top comments (0)