hardening

There are 63 repositories under hardening topic.

imthenachoman / How-To-Secure-A-Linux-Server
An evolving how-to guide for securing a Linux server.
cc-by-sa hardening hardening-steps linux linux-server security security-hardening server
22694
CISOfy / lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
auditing compliance devops devops-tools gdpr hardening hipaa linux pci-dss security-audit security-hardening security-scanner security-tools security-vulnerability shell system-hardening unix vulnerability-assessment vulnerability-detection vulnerability-scanners
Language:Shell 14818
prowler
prowler-cloud / prowler
Prowler is the Open Cloud Security for AWS, Azure, GCP, Kubernetes, M365 and more. As agent-less, it helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
aws azure cis-benchmark cloud cloudsecurity compliance cspm devsecops forensics gcp gdpr hacktoberfest hardening iam multi-cloud python security security-audit security-hardening security-tools
Language:Python 12293
drduh / YubiKey-Guide
Community guide to using YubiKey for GnuPG and SSH - protect secrets with hardware crypto.
gnupg gpg gpg-agent gpg-configuration hardening pgp remote-access rsa-cryptography security smartcard ssh yubikey
Language:HTML 11995
trimstray / the-practical-linux-hardening-guide
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
audit centos checklist cis guide hardening linux linux-hardening linux-security manual openscap pci-dss redhat-enterprise-linux security
10312
bunkerweb
bunkerity / bunkerweb
🛡️ Open-source and next-generation Web Application Firewall (WAF)
antibot bunkerized-nginx cybersecurity devops devsecops dnsbl docker hardening hosting kubernetes letsencrypt modsecurity nginx reverse-proxy security security-tuning swarm waf web-application-firewall web-security
Language:Python 9355
dev-sec / ansible-collection-hardening
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
ansible ansible-collection collection devsec hacktoberfest hardening linux mysql-hardening nginx nginx-hardening os-hardening playbook protection role ssh-hardening sysctl
Language:Jinja 4639
hardentools / hardentools
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
windows security hardening
Language:Go 3048
ComplianceAsCode / content
Security automation content in SCAP, Bash, Ansible, and other formats
security compliance scap xccdf oval cpe cce usgcb pci-dss ospp stig application-security security-tools security-hardening security-automation security-profile hardening information-security cybersecurity ansible
Language:Shell 2563
0x6d69636b / windows_hardening
HardeningKitty and Windows Hardening Settings
windows hardening security windows-10 blueteam defense audit powershell windows-hardening registry checklist compliance bsi cis security-baseline sisyphus stig windows-11 windows-server
Language:PowerShell 2548
PaulSec / awesome-windows-domain-hardening
A curated list of awesome Security Hardening techniques for Windows.
hardening security windows
1791
Windows-11-Guide
mikeroyal / Windows-11-Guide
Windows 10/11 Guide. Including Windows Security tools, Encryption, Nextcloud, Graphics, Gaming, Virtualization, Windows Subsystem for Linux (WSL 2), Software Apps, and Resources.
active-directory debloat gaming hardening nextcloud optimization privacy-protection tweaks uwp visual-studio-code windows-11 windows-defender windows-desktop windows-subsystem-linux windows-terminal windows10 windows11 winui winui3 wsl
Language:C# 1669
scipag / HardeningKitty
HardeningKitty - Checks and hardens your Windows configuration
windows windows-10 windows-server hardening audit checklist powershell defense blueteam security registry
Language:PowerShell 1641
GrapheneOS / hardened_malloc
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
malloc security memory-allocation malloc-library memory-allocator memory hardening slab-allocator quarantine grapheneos
Language:C 1597
konstruktoid / hardening
Hardening Ubuntu. Systemd edition.
hacktoberfest hardening information-security security security-automation security-compliance security-hardening security-tools shell systemd ubuntu ubuntu-server
Language:Shell 1508
stampery / mongoaudit
🔥 A powerful MongoDB auditing and pentesting tool 🔥
mongodb infosec pentesting encryption authentication database hardening cli
Language:Python 1327
Windows-Optimize-Harden-Debloat
simeononsecurity / Windows-Optimize-Harden-Debloat
Enhance the security and privacy of your Windows 10 and Windows 11 deployments with our fully optimized, hardened, and debloated script. Adhere to industry best practices and Department of Defense STIG/SRG requirements for optimal performance and security.
windows stig-compliant mitigations privacy automation debotnet windows10 hardware-requirements microsoft harden debloat cyber stigs windows-defender privacy-script windows-desktop windows-10 telemetry hardening security
Language:PowerShell 1321
Windows11_Hardening
beerisgood / Windows11_Hardening
a collection about Windows 11
defender-application-guard defender-credential-guard hardening microsoft security security-hardening windows windows-defender windows10 windows11
1262
nozaq / terraform-aws-secure-baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
terraform aws security security-hardening terraform-modules hardening cis-benchmark aws-auditing security-tools devops terraform-module
Language:HCL 1188
alichtman / stronghold
Easily configure macOS security settings from the terminal.
command-line command-line-tool hardening macos macos-setup osx security security-hardening
Language:Python 1150
grapheneX
grapheneX / grapheneX
Automated System Hardening Framework
hacktoberfest hardening hardening-commands security
Language:Python 1034
step-security / harden-runner
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.
actions egress-filtering github-actions hardening network-security runners runtime-security security-hardening supply-chain-security
Language:TypeScript 909
dev-sec / linux-baseline
DevSec Linux Baseline - InSpec Profile
audit baseline devsec hacktoberfest hardening inspec linux security
Language:Ruby 830
jvoisin / snuffleupagus
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
c elephant hardening php php-module php7 security security-hardening
Language:C 820
dev-sec / ansible-ssh-hardening
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
ansible ssh-configuration playbook role hardening protection ssh-server ssh-agent ssh-hardening ssh
Language:HTML 783
Jsitech / JShielder
Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
centos7 cis-benchmark hardening hardening-steps iptables lamp-deployer lamp-stack lemp-deployer linux linux-server modsecurity security-hardening system-hardening ubuntu-server ubuntu1604 ubuntu1804
Language:PHP 781
DenizParlak / Zeus
AWS Auditing & Hardening Tool
aws aws-auditing aws-hardening cloudtrail hardening
Language:Shell 710
roddhjav / apparmor.d
Full set of AppArmor policies
apparmor apparmor-profile apparmor-profiles hardening linux mandatory-access-control role-based-access-control security
Language:Go 671
konstruktoid / ansible-role-hardening
Ansible role to apply a security baseline. Systemd edition.
almalinux ansible auditd cmmc debian hacktoberfest hardening information-security security security-compliance security-hardening security-tools systemd ubuntu
Language:Jinja 600
Normation / rudder
Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.
configuration-management automation compliance continuous-configuration devops auditing hardening patch-management secops security security-posture
Language:Scala 596
dolevf / graphql-cop
Security Auditor Utility for GraphQL APIs
security penetration-testing auditing graphql hacking red-team blue-team hardening
Language:Python 542
lkrg-org / lkrg
Linux Kernel Runtime Guard
hardening integrity kernel linux security
Language:C 526
dev-sec / cis-docker-benchmark
CIS Docker Benchmark - InSpec Profile
cis-docker-benchmark docker hardening inspec security
Language:Ruby 520
xen0l / aws-gate
Better AWS SSM Session manager CLI client
aws aws-ssm session-manager cli ec2-instances ec2 aws-ssm-agent ssh access-control iam-access scp ssh-session ssh-support hardening
Language:Python 517
rust0258 / CKSS-Certified-Kubernetes-Security-Specialist
This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
certification cks cks-exam ckss cloud-native cluster cluster-hardening cncf golang hardening kubernetes kubernetes-platforms logging monitoring securing-kubernetes security vulnerabilities
Language:HTML 484
sektioneins / suhosin
SUHOSIN [수호신] for PHP 5.x - The PHP security extension.
hardening php suhosin
Language:C 466

hardening

imthenachoman / How-To-Secure-A-Linux-Server

CISOfy / lynis

prowler-cloud / prowler

drduh / YubiKey-Guide

trimstray / the-practical-linux-hardening-guide

bunkerity / bunkerweb

dev-sec / ansible-collection-hardening

hardentools / hardentools

ComplianceAsCode / content

0x6d69636b / windows_hardening

PaulSec / awesome-windows-domain-hardening

mikeroyal / Windows-11-Guide

scipag / HardeningKitty

GrapheneOS / hardened_malloc

konstruktoid / hardening

stampery / mongoaudit

simeononsecurity / Windows-Optimize-Harden-Debloat

beerisgood / Windows11_Hardening

nozaq / terraform-aws-secure-baseline

alichtman / stronghold

grapheneX / grapheneX

step-security / harden-runner

dev-sec / linux-baseline

jvoisin / snuffleupagus

dev-sec / ansible-ssh-hardening

Jsitech / JShielder

DenizParlak / Zeus

roddhjav / apparmor.d

konstruktoid / ansible-role-hardening

Normation / rudder

dolevf / graphql-cop

lkrg-org / lkrg

dev-sec / cis-docker-benchmark

xen0l / aws-gate

rust0258 / CKSS-Certified-Kubernetes-Security-Specialist

sektioneins / suhosin