#Security-hardening

Showing 59 of 59 repositories tagged #security-hardening, ranked by stars

imthenachoman
imthenachoman
How-To-Secure-A-Linux-Server

An evolving how-to guide for securing a Linux server.

Score
100
★ 29.2k ⑂ 1.9k +1.0k/day
wazuh
wazuh
wazuh

Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

Score
98
★ 16.1k ⑂ 2.4k +4/day
C++
CISOfy
CISOfy
lynis

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

Score
100
★ 15.9k ⑂ 1.6k +28/day
Shell
prowler-cloud
prowler-cloud
prowler

Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Score
0
★ 14.1k ⑂ 2.2k +2/day
Python
future-architect
future-architect
vuls

Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

Score
100
★ 12.2k ⑂ 1.2k +1/day
Go
decalage2
decalage2
awesome-security-hardening

A collection of awesome security hardening guides, tools and other resources

Score
96
★ 6.4k ⑂ 670 +37/day
undergroundwires
undergroundwires
privacy.sexy

Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

Score
89
★ 5.8k ⑂ 278 +151/day
TypeScript
immunant
immunant
c2rust

Migrate C code to Rust

Score
0
★ 4.7k ⑂ 305 +6/day
Rust
HotCakeX
HotCakeX
Harden-Windows-Security

Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | SLSA Level 3 Compliant for Secure Development and Build Process | Apps Available on MS Store✨

Score
93
★ 4.5k ⑂ 320
C#
pyllyukko
pyllyukko
user.js

user.js -- Firefox configuration hardening

Score
87
★ 2.9k ⑂ 231
JavaScript
ComplianceAsCode
ComplianceAsCode
content

Security automation content in SCAP, Bash, Ansible, and other formats

Score
91
★ 2.8k ⑂ 813
Shell
intika
intika
Librefox

Librefox: Firefox with privacy enhancements

Score
53
★ 1.8k ⑂ 87
JavaScript
google
google
sandboxed-api

Generate sandboxes for C/C++ libraries automatically

Score
80
★ 1.8k ⑂ 194
C++
konstruktoid
konstruktoid
hardening

Hardening Ubuntu. Systemd edition.

Score
84
★ 1.7k ⑂ 402
Shell
google
google
go-safeweb

Secure-by-default HTTP servers in Go.

Score
50
★ 1.5k ⑂ 86
Go
eliotsykes
eliotsykes
rails-security-checklist

:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

Score
49
★ 1.4k ⑂ 93
Ruby
USBGuard
USBGuard
usbguard

USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

Score
69
★ 1.3k ⑂ 151
C++
denji
denji
golang-tls

Simple Golang HTTPS/TLS Examples

Score
0
★ 1.3k ⑂ 159
beerisgood
beerisgood
Windows11_Hardening

a collection about Windows 11

Score
47
★ 1.3k ⑂ 74
nozaq
nozaq
terraform-aws-secure-baseline

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Score
78
★ 1.2k ⑂ 376 +1/day
HCL
alichtman
alichtman
stronghold

Easily configure macOS security settings from the terminal.

Score
51
★ 1.2k ⑂ 261
Python
wazuh
wazuh
wazuh-docker

Wazuh - Docker containers

Score
82
★ 1.1k ⑂ 564 +2/day
Shell
vet-run
vet-run
vet

vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versions, and lint remote scripts before asking for your explicit approval to execute. Promoting a safer, more transparent way to handle remote code execution.

Score
42
★ 1.1k ⑂ 21 +5/day
Shell
jvoisin
jvoisin
snuffleupagus

Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

Score
71
★ 836 ⑂ 95
C
blabla1337
blabla1337
skf-flask

Security Knowledge Framework (SKF) Python Flask / Angular project

Score
44
★ 829 ⑂ 302
HTML
appvia
appvia
krane

Kubernetes RBAC static analysis & visualisation tool

Score
58
★ 740 ⑂ 34
Ruby
konstruktoid
konstruktoid
ansible-role-hardening

Ansible role to apply a security baseline. Systemd edition.

Score
67
★ 639 ⑂ 125
Jinja
slsa-framework
slsa-framework
slsa-github-generator

Language-agnostic SLSA provenance generation for Github Actions

Score
60
★ 585 ⑂ 188 +2/day
Go
wazuh
wazuh
wazuh-ruleset

Wazuh - Ruleset

Score
36
★ 523 ⑂ 232
Python
wazuh
wazuh
wazuh-dashboard-plugins

Plugins for Wazuh Dashboard

Score
73
★ 516 ⑂ 236
TypeScript
FusionAuth
FusionAuth
security-scripts

Scripts built from our Guide to User Data Security

Score
56
★ 446 ⑂ 34
Shell
marshyski
marshyski
quick-secure

Quickly secure UNIX/Linux systems

Score
29
★ 425 ⑂ 49
Shell
ikkisoft
ikkisoft
SerialKiller

Look-Ahead Java Deserialization Library

Score
31
★ 422 ⑂ 71
Java
wazuh
wazuh
wazuh-ansible

Wazuh - Ansible playbook

Score
64
★ 415 ⑂ 232 +1/day
Shell
SELinuxProject
SELinuxProject
refpolicy

SELinux Reference Policy v2

Score
62
★ 385 ⑂ 183
Python
wazuh
wazuh
wazuh-documentation

Wazuh - Project documentation

Score
76
★ 265 ⑂ 394
JavaScript
healthyhost
healthyhost
audit-vps-script

Run a security scan on your server and identify common gaps. Get your VPS ready for production.

Score
50
★ 264 ⑂ 15
Shell
moltenbit
moltenbit
How-To-Secure-A-Linux-Server-With-Ansible

Ansible playbooks of "How To Secure A Linux Server".

Score
83
★ 250 ⑂ 42 +4/day
paulveillard
paulveillard
cybersecurity

Welcome Cybersecurity's World. An ongoing & curated collection of awesome software best practices and techniques, libraries and frameworks, E-books and videos, websites, blog posts, links to github Repositories, technical guidelines and important resources in Cybersecurity.

Score
27
★ 234 ⑂ 54
Python
jekil
jekil
hardentheworld

Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.

Score
22
★ 192 ⑂ 18
Python
OWASP
OWASP
ASST

OWASP ASST (Automated Software Security Toolkit) | A Novel Open Source Web Security Scanner.

Score
24
★ 189 ⑂ 40
JavaScript
simeononsecurity
simeononsecurity
Standalone-Windows-STIG-Script

Create a compliant and secure Windows 10/11 system with our Gold Master image creation tool. Adhere to DoD STIG/SRG Requirements and NSA Cybersecurity guidance for standalone Windows systems with ease, using our ultimate STIG script.

Score
0
★ 188 ⑂ 25
PowerShell
ziesemer
ziesemer
ad-privileged-audit

Provides various Windows Server Active Directory (AD) security-focused reports.

Score
33
★ 111 ⑂ 17 +1/day
PowerShell
HarryHarcourt
HarryHarcourt
Ansible-RHEL7-CIS-Benchmarks

This repository contains an Ansible Role for RHEL7 / CentOS based on the Center for Internet Security Benchmarks

Score
33
★ 104 ⑂ 72
Python
pyllyukko
pyllyukko
harden.yml

Ansible playbook for Linux hardening

Score
40
★ 98 ⑂ 12
Jinja
rdiers
rdiers
CentOS7-CIS

Ansible CentOS 7 - CIS Benchmark Hardening Script

Score
17
★ 89 ⑂ 56
Shell
wazuh
wazuh
wazuh-api

Wazuh - RESTful API

Score
18
★ 81 ⑂ 63
JavaScript
docker
docker
github-builder

Official Docker-maintained reusable GitHub Actions workflows to securely build container images

Score
38
★ 74 ⑂ 18 +1/day
codingo
codingo
Ransomware-Json-Dataset

Compiles a json dataset using public sources that contains properties to aid in the detection and mitigation of over 1000 variants of ransomware.

Score
16
★ 73 ⑂ 18
Python
cperciva
cperciva
imds-filterd

Intercepts and filters requests to the EC2 Instance Metadata Service

Score
4
★ 72 ⑂ 2
C
AI0TSec
AI0TSec
Blog

I wish the world continues to be lively, I wish you and me are still you and me.

Score
11
★ 70 ⑂ 12
simeononsecurity
simeononsecurity
Standalone-Windows-Server-STIG-Script

Enhance the security and compliance of your standalone Windows servers with our STIG script, specifically designed to meet DoD STIG/SRG requirements and NSACyber guidance. Achieve ultimate Windows Server protection with our easy-to-use script.

Score
9
★ 66 ⑂ 13
PowerShell
michyweb
michyweb
nginx-security-conf

Secure Configuration for Nginx

Score
13
★ 64 ⑂ 20
0xedward
0xedward
awesome-rails-security

A curated list of security resources for a Ruby on Rails application

Score
7
★ 62 ⑂ 12
wravoc
wravoc
harden-freebsd

Updated for 14.0. A half days worth of work can be done in seconds, with comprehensive logging, togglable secure/performance settings, and backups. Implements a broad, time-tested, thoroughly researched, cohesive group of hardening settings for FreeBSD. Any directive can be set, re-set, for administering, tuning, jails. Verify in /vendor.

Score
2
★ 55 ⑂ 9
Python
GoogleCloudPlatform
GoogleCloudPlatform
gcp-hardening-toolkit

Deep GCP security hardening via automated triage and state-aware IaC. Built to power rapid, agile task-force engagements and remediate complex brownfield environments at scale.

Score
67
★ 39 ⑂ 11
HCL
pentesttoolscom
pentesttoolscom
pentesttools-github-action

Scan your web apps for vulnerabilities, misconfigurations, and other security issues with the Pentest-Tools.com command-line program.

Score
20
★ 35 ⑂ 1
Dockerfile
rdiers
rdiers
RHEL7-CIS

Ansible RHEL 7 - CIS Benchmark Hardening Script

Score
0
★ 31 ⑂ 39
Shell
13ihsan92
13ihsan92
Security-Blue-Team

This repository will describe the details surrounding the SIEM (wazuh) mini project, which will cover all aspects of topology design, deployment, rules, integration, and fine tune.

Score
0
★ 30 ⑂ 5
Related Topics
#security#security-tools#hardening#security-audit#compliance#vulnerability-detection#cybersecurity#linux#pci-dss#security-automation#ansible#incident-response

© 2026 GitRepoTrend · GitHub repositories by topic · Updated weekly