#Security-hardening
Showing 59 of 59 repositories tagged #security-hardening, ranked by stars
An evolving how-to guide for securing a Linux server.
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
A collection of awesome security hardening guides, tools and other resources
Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
Migrate C code to Rust
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨
user.js -- Firefox configuration hardening
Security automation content in SCAP, Bash, Ansible, and other formats
Librefox: Firefox with privacy enhancements
Generate sandboxes for C/C++ libraries automatically
Hardening Ubuntu. Systemd edition.
Secure-by-default HTTP servers in Go.
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
Simple Golang HTTPS/TLS Examples
a collection about Windows 11
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Easily configure macOS security settings from the terminal.
Wazuh - Docker containers
vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versions, and lint remote scripts before asking for your explicit approval to execute. Promoting a safer, more transparent way to handle remote code execution.
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
Security Knowledge Framework (SKF) Python Flask / Angular project
Kubernetes RBAC static analysis & visualisation tool
Ansible role to apply a security baseline. Systemd edition.
Language-agnostic SLSA provenance generation for Github Actions
Wazuh - Ruleset
Plugins for Wazuh Dashboard
Scripts built from our Guide to User Data Security
Quickly secure UNIX/Linux systems
Look-Ahead Java Deserialization Library
Wazuh - Ansible playbook
SELinux Reference Policy v2
Wazuh - Project documentation
Run a security scan on your server and identify common gaps. Get your VPS ready for production.
Ansible playbooks of "How To Secure A Linux Server".
Welcome Cybersecurity's World. An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources in Cybersecurity.
Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.
Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.
Provides various Windows Server Active Directory (AD) security-focused reports.
This repository contains an Ansible Role for RHEL7 / CentOS based on the Center for Internet Security Benchmarks
Ansible playbook for Linux hardening
Ansible CentOS 7 - CIS Benchmark Hardening Script
Wazuh - RESTful API
Official Docker-maintained reusable GitHub Actions workflows to securely build container images
Compiles a json dataset using public sources that contains properties to aid in the detection and mitigation of over 1000 variants of ransomware.
Intercepts and filters requests to the EC2 Instance Metadata Service
I wish the world continues to be lively, I wish you and me are still you and me.
Enhance the security and compliance of your standalone Windows servers with our STIG script, specifically designed to meet DoD STIG/SRG requirements and NSACyber guidance. Achieve ultimate Windows Server protection with our easy-to-use script.
Secure Configuration for Nginx
A curated list of security resources for a Ruby on Rails application
Updated for 14.0. A half days worth of work can be done in seconds, with comprehensive logging, togglable secure/performance settings, and backups. Implements a broad, time-tested, thoroughly researched, cohesive group of hardening settings for FreeBSD. Any directive can be set, re-set, for administering, tuning, jails. Verify in /vendor.
Deep GCP security hardening via automated triage and state-aware IaC. Built to power rapid, agile task-force engagements and remediate complex brownfield environments at scale.
Scan your web apps for vulnerabilities, misconfigurations, and other security issues with the Pentest-Tools.com command-line program.
Ansible RHEL 7 - CIS Benchmark Hardening Script
This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.