🔐 Problem: You notice a server “phoning home” but can’t tell which process is responsible.
PortPulse helps:
- Trace any PID + its child processes
- See every connection with process → port → domain mapping
- Risk scoring for suspicious connections
- Generate quarantine rules (nftables)
- Export logs for compliance or SIEM
Two commands to full visibility:
curl -sSf https://raw.githubusercontent.com/the-shadow-0/PortPulse/main/scripts/install.sh | bash
sudo portpulse live
💡 Bonus: real-time DNS query capture, container awareness, and risk scoring.
Open source → GitHub: PortPulse
I’d love feedback from Linux devs & security engineers:
- Would you use this in production?
- What features would make it even better?
Top comments (0)