Skip to content
Ghost ProtocolOPEN SOURCE // LINUX SECURITY

DRAGON
KEEP_OS

Eleven Engines. One Binary. A Rust-powered Linux security tool for audit, defense, threat hunting, Linux security hardening, performance tuning, and live monitoring — all from a single CLI binary.

VIEW_ON_GITHUBSEE_SPECTER
SYSTEM_MODULES 01

SPECIALIST_ENGINES

Each engine is a focused Linux security tool — from auditing to Linux security hardening. Run them individually or all at once.

Sentinel

Security Auditor

  • Kernel security parameters
  • SSH configuration audit
  • Rootkit indicator detection
  • SUID binary scan
  • File permission analysis
  • Open port enumeration

Forge

Performance Tuner

  • CPU governor optimization
  • I/O scheduler tuning
  • Memory & swap analysis
  • Transparent Hugepages
  • GPU detection & config
  • 6 performance profiles

Warden

Live Monitor

  • Real-time TUI dashboard
  • Per-core CPU visualization
  • Memory & swap tracking
  • Process table view
  • Suspicious process alerts
  • Terminal-safe panic recovery

Bastion

Network Guardian

  • Firewall rule auditing
  • nftables & iptables support
  • Listening service analysis
  • DNS resolver verification
  • Network interface inventory
  • Exposed port detection

Citadel

System Hardener

  • Kernel hardening checks
  • Filesystem security audit
  • Service attack surface
  • Secure Boot verification
  • User account analysis
  • Automated sysctl hardening

Spectre

AI/ML Threat Scanner

  • AI model supply chain
  • Pickle deserialization risks
  • GPU memory exposure
  • ML framework CVEs
  • Jupyter security audit
  • CUDA driver checks

Aegis

Supply Chain Auditor

  • Package integrity verification
  • Dependency vulnerability scan
  • Repository trust validation
  • Binary provenance checks
  • GPG signature audit
  • Update policy review

Phantom

Anomaly Detector

  • Runtime behavior analysis
  • Process anomaly detection
  • File system change tracking
  • Network traffic profiling
  • Cron job monitoring
  • Login pattern analysis

Hydra

Malware Defense

  • Known malware signatures
  • Rootkit detection engine
  • Suspicious binary analysis
  • Hidden process detection
  • Kernel module integrity
  • Shared library validation

Drake

Ransomware Defense

  • Canary file monitoring
  • Encryption behavior detection
  • Backup integrity checks
  • Mass file rename detection
  • Shadow copy protection
  • Recovery point validation

Talon

Threat Hunter

  • IOC scanning
  • MITRE ATT&CK mapping
  • Threat feed integration
  • Persistence mechanism scan
  • Lateral movement detection
  • Command & control detection

FULL_SCAN

Run all eleven engines with a single command. Unified report with severity ratings.

dragonkeep scan
TERMINAL_OPS 02

CLI_REFERENCE

$ dragonkeep scanFull security audit across all engines
$ dragonkeep scan --engine sentinelRun a single engine
$ dragonkeep harden --dry-runPreview hardening without changes
$ dragonkeep tune --profile gamingApply a performance profile
$ dragonkeep monitorLaunch live TUI dashboard
$ dragonkeep firewallAudit firewall rules & open ports
$ dragonkeep report --format jsonExport findings as JSON
$ dragonkeep statusSystem snapshot (CPU, RAM, uptime)
ENGINE_CONFIG 03

PERF_TUNING

gaming

Maximum single-thread. Performance governor, deadline I/O, GPU power.

ai

GPU & throughput. BFQ scheduler, hugepages, compute-first.

creative

Balanced responsiveness. Low-latency audio/video workloads.

workstation

General productivity. Balanced CPU, conservative memory.

server

Stability & throughput. Conservative governor, mq-deadline I/O.

balanced

Safe defaults. Schedutil governor, auto I/O scheduler.

TIP: Always preview with dragonkeep tune --profile gaming --dry-run before applying changes.

ARCHITECTURE 04

BUILT_RIGHT

Dry-Run Safety

Preview every change before it touches your system. No surprises.

Zero Dependencies

Single Rust binary. No Python, no Node, no runtime. Just compile and run.

Flexible Output

Pretty, JSON, or Minimal formats. Pipe findings to any tool.

TOML Config

Fine-tune every engine with a single config file. Toggle checks on or off.

Severity Ratings

Critical, Warning, Info, Pass — prioritize what matters.

Report Archive

Save JSON reports for compliance audit trails and diffing.

LICENSING 05

FREE_&_PRO

Open-source at the core, with a Pro tier for teams and enterprises.

COMMUNITY

FREE

Open source // MIT License

  • Full security scan (all eleven engines)
  • Performance profiling & tuning
  • Live TUI monitor
  • Firewall auditing
  • JSON & pretty-print reports
  • TOML configuration
  • Community support (GitHub Issues)
GET_STARTED
PRO

PRO

$9/MO

Per machine // Annual billing available

  • Everything in Community
  • Automated hardening (apply fixes)
  • Scheduled scans & cron integration
  • Historical report diffing
  • Compliance templates (CIS, STIG)
  • Team dashboard & multi-host view
  • Priority email support
  • Early access to new engines
CONTACT_SALES

Need a custom deployment or volume licensing? Talk to us.

SECURE_YOUR_SYSTEM.
START_NOW.

One command to clone, build, and scan. Free, open source, and built in Rust.

INSTALLATION
$ git clone https://github.com/Ghosts-Protocol-Pvt-Ltd/DragonKeep.git$ cd DragonKeep && cargo build --release$ ./target/release/dragonkeep scan
VIEW_ON_GITHUBCONTACT_US

Built by Ghost Protocol — Linux // Rust 1.85+ // Single binary // MIT Licensed.