#Hardening
Showing 60 of 84 repositories tagged #hardening, ranked by stars
An evolving how-to guide for securing a Linux server.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Prowler is the worldβs most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
Community guide to using YubiKey for GnuPG and SSH - protect secrets with hardware crypto.
π‘οΈ Open-source and cloud-native Web Application Firewall (WAF)
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Security automation content in SCAP, Bash, Ansible, and other formats
HardeningKitty and Windows Hardening Settings
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability/integration over time.
A curated list of awesome Security Hardening techniques for Windows.
HardeningKitty - Checks and hardens your Windows configuration
Hardening Ubuntu. Systemd edition.
Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.
π₯ A powerful MongoDB auditing and pentesting tool π₯
a collection about Windows 11
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Easily configure macOS security settings from the terminal.
Automated System Hardening Framework
DevSec Linux Baseline - InSpec Profile
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
Full set of AppArmor policies
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.
Security Auditor Utility for GraphQL APIs
Ansible role to apply a security baseline. Systemd edition.
Linux Kernel Runtime Guard
Miscellaneous Linux security hardening settings for Kicksecure and derivatives
Conveniently and reasonably harden NixOS.
CIS Docker Benchmark - InSpec Profile
Better AWS SSM Session manager CLI client
Security hardening guides for PVE and PBS, built on CIS Debian Benchmark with Proxmox specific best practices.
This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
vArmor is a cloud-native container hardening system that leverages AppArmor/BPF/Seccomp and NetworkProxy technologies to enforce access control from system calls to application protocols β protecting workloads including AI Agents.
This chef cookbook provides numerous security-related configurations, providing all-round base protection.
h2t (HTTP Hardening Tool) scans a website and suggests security headers to apply
:owl::mag_right: A simple tool to audit your AWS/GCP infrastructure for misconfiguration or potential security issues with plugins integration
Free Windows, Mac and Linux cleaner, scanner, and more.
Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Ansible playbooks of "How To Secure A Linux Server".
FIM is an Open Source Host-based file integrity monitoring tool that performs file system analysis, file integrity checking, real time alerting and provides Audit daemon data.
This Ansible role provides secure nginx configurations.
Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Phoenix is a suite of configurations & advanced modifications for Mozilla Firefox, designed to put the user first - with a focus on privacy, security, freedom, & usability.
Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.
π Function-level tracing tool for Seccomp profiling, with eBPF
My public notes about offensive security
This chef cookbook provides secure ssh-client and ssh-server configurations.
π‘οΈ Security & Privacy Hardening Tool for Windows 11 25H2 β 630+ Settings, 7 Modules, BAVR Pattern.
This Ansible role provides security configuration for MySQL.
This is a framework to test different ways of hardening a website. To avoid IP blocks, Tor is implemented (optional), and for invalid certificates, Urlib3 is implemented.
Automation Troubleshooting Framework to validate and report configuration, software installed, etc with bash, python, and your language of choice.
This chef cookbook provides windows hardening configurations for the DevSec Windows baseline profile.
Custom ADMX template focused on hardening Windows 10 & Windows 11 systems
π¨βπ« How to setup Ethereum 2.0 validator via dedicated server by OVHCloud βοΈ
Ansible playbook for Linux hardening
HPone - Docker Honeypot Manager
Secure package for WP CLI, built to provide an easier way of securing your WordPress installation
Ansible role to install a rootless Docker server