security-hardening

There are 77 repositories under security-hardening topic.

• imthenachoman / How-To-Secure-A-Linux-Server

  An evolving how-to guide for securing a Linux server.

  linuxhardeninghardening-stepssecuritysecurity-hardeningserverlinux-servercc-by-sa
  19506

• CISOfy / lynis

  Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

  shelllinuxpci-dsscompliancesecurity-auditsecurity-hardeningsecurity-scannersecurity-vulnerabilityhipaaunixvulnerability-detectionvulnerability-scannersvulnerability-assessmentdevopsdevops-toolssystem-hardeninghardeningauditinggdprsecurity-tools
  Language:Shell 14645

• wazuh / wazuh

  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.

  securitycompliancelog-analysisvulnerability-detectioncybersecurityfile-integrity-monitoringinfosecmalware-detectioncloud-securitycontainer-securitysecurity-automationsecurity-toolssiemxdrconfiguration-assessementincident-responsepci-dsssecurity-auditsecurity-hardeningwazuh
  Language:C 13479
• prowler

  prowler-cloud / prowler

  Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more

  securitysecurity-toolssecurity-auditsecurity-hardeninghardeningawscis-benchmarkcompliancegdprforensicscloudwell-architecteddevsecopsazureiampythongcpmulti-cloudcspmcloudsecurity
  Language:Python 12101

• future-architect / vuls

  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

  vulsvulnerability-scannersgolanggolinuxfreebsdvulnerability-detectionsecuritysecurity-toolscybersecuritysecurity-vulnerabilitysecurity-scannersecurity-hardeningsecurity-automationsecurity-auditvulnerability-assessmentvulnerability-managementvulnerability-scannervulnerabilitiesadministrator
  Language:Go 11739

• decalage2 / awesome-security-hardening

  A collection of awesome security hardening guides, tools and other resources

  awesome-listsecuritysecurity-hardeningsecurity-toolswindows-hardeningcybersecuritycyber-securityinfosecbest-practicescis-benchmarksblueteamblue-teamcomputer-securitylinux-hardening
  5923

• undergroundwires / privacy.sexy

  Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy

  privacyprivacy-toolsprivacy-protectiontweaks-collectiondomain-driven-designsecurity-toolssecurity-hardeningbloatware-removalbloatwaredebotnetcleanupdebloaterdebloatwindows10macoslinuxwindows11cybersecuritysecuritysecurity-tool
  Language:TypeScript 4986

• immunant / c2rust

  Migrate C code to Rust

  transpilerrustsecurity-hardeningmigrationtranslationmemory-safety
  Language:Rust 4469

• pyllyukko / user.js

  user.js -- Firefox configuration hardening

  firefoxmozillamozilla-firefoxprivacysecuritysecurity-hardening
  Language:JavaScript 2793

• ComplianceAsCode / content

  Security automation content in SCAP, Bash, Ansible, and other formats

  securitycompliancescapxccdfovalcpecceusgcbpci-dssosppstigapplication-securitysecurity-toolssecurity-hardeningsecurity-automationsecurity-profilehardeninginformation-securitycybersecurityansible
  Language:Shell 2531

• HotCakeX / Harden-Windows-Security

  Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale https://github.com/HotCakeX/Harden-Windows-Security/blob/main/Rationale.md

  1st-party-securityapplicationcontrolbitlockerdefenderencryptionenterprise-securityfirewall-configurationhardenmoduleoperation-system-securitypowershellpowershell-scriptproactivesecuritysecurity-hardeningtpm2wdacwindowswindows11windowsdefender
  Language:C# 2360

• intika / Librefox

  Librefox: Firefox with privacy enhancements

  privacysecurityanti-fingerprintingsecurity-hardeningmozilla-firefoxmozillafirefoxaddonextensions-firewallfree-softwarefreedomlibrelibresoftwarelibre-softwarelinux-appmac-appandroid-applicationandroid-appwindows-appbrowser
  Language:JavaScript 1765
• sandboxed-api

  google / sandboxed-api

  Generate sandboxes for C/C++ libraries automatically

  sandboxingsandboxsecuritysecurity-hardeningcplusplus-17cplusplusapache-license-2sapi
  Language:C++ 1713

• google / go-safeweb

  Secure-by-default HTTP servers in Go.

  security-hardeningsecuritygolanghttp-serverhttp
  Language:Go 1483

• konstruktoid / hardening

  Hardening Ubuntu. Systemd edition.

  ubuntuubuntu-servershellhardeningsecuritysecurity-hardeningsystemdsecurity-toolssecurity-automationsecurity-complianceinformation-securityhacktoberfest
  Language:Shell 1483

• eliotsykes / rails-security-checklist

  :key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

  checklistrails-securityrailsrails-security-checklistruby-on-railssecurity-auditsecurity-hardeningsecurity
  Language:Ruby 1363

• denji / golang-tls

  Simple Golang HTTPS/TLS Examples

  http2https-serverhttpshttpclientgolanggoopenssllibresslawesometoolssecurity-hardeningsecurity-toolssecurity-auditsecurity-scannersecuresecurity
  1319
• Windows11_Hardening

  beerisgood / Windows11_Hardening

  a collection about Windows 11

  hardeningwindows10security-hardeningwindows-defenderdefender-credential-guarddefender-application-guardsecuritywindows11windowsmicrosoft
  1254

• USBGuard / usbguard

  USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

  usbusb-devicesc-plus-plusrule-languagesecuritysecurity-hardeningwhitelistblacklistlinuxhacktoberfest
  Language:C++ 1250

• nozaq / terraform-aws-secure-baseline

  Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

  terraformawssecuritysecurity-hardeningterraform-moduleshardeningcis-benchmarkaws-auditingsecurity-toolsdevopsterraform-module
  Language:HCL 1183

• alichtman / stronghold

  Easily configure macOS security settings from the terminal.

  macos-setupmacossecurityosxsecurity-hardeninghardeningcommand-line-toolcommand-line
  Language:Python 1143

• wazuh / wazuh-docker

  Wazuh - Docker containers

  wazuhdockerossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringelasticsearchsecurity-hardeninglog-analysisidspci-dssfile-integrity-managementsecurity-awarenessvulnerability-detectionincident-responsehacktoberfesthacktoberfest-accepted
  Language:Shell 906

• step-security / harden-runner

  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

  github-actionsactionssupply-chain-securityhardeningsecurity-hardeningrunnersegress-filteringnetwork-securityruntime-security
  Language:TypeScript 877

• blabla1337 / skf-flask

  Security Knowledge Framework (SKF) Python Flask / Angular project

  owasp-skfsecure-by-defaultsecure-codingsecuritysecurity-auditsecurity-frameworksecurity-hardeningsecurity-knowledgesecurity-requirementssecurity-standardssecurity-training
  Language:HTML 818

• jvoisin / snuffleupagus

  Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

  php7securityhardeningcphpelephantphp-modulesecurity-hardening
  Language:PHP 818

• Jsitech / JShielder

  Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

  linuxcis-benchmarklinux-serverhardeningubuntu-servercentos7lamp-stackhardening-stepsiptablesubuntu1604ubuntu1804security-hardeningsystem-hardeningmodsecuritylamp-deployerlemp-deployer
  Language:PHP 779

• appvia / krane

  Kubernetes RBAC static analysis & visualisation tool

  kubernetesrbacanalysisvisualisationredisgraphstatic-analysisrbac-configurationrbac-rolesrbac-managementk8srole-based-access-controlsecurity-toolssecurity-scannersecuritysecurity-hardening
  Language:Ruby 727

• konstruktoid / ansible-role-hardening

  Ansible role to apply a security baseline. Systemd edition.

  ansiblesystemdauditdubuntucentoshardeningsecuritysecurity-hardeningvagrantopenscapinformation-securitysecurity-toolssecurity-compliancedebianalmalinuxhacktoberfestamazon-linux
  Language:Jinja 596

• Anon-Planet / thgtoa

  The comprehensive guide for online anonymity and OpSec.

  activismanonymityanonymity-enhancementanonymizationprivacyprivacy-enhancing-technologiesprivacy-onlineprivacy-protectionqubes-ossecuritysecurity-hardeningtorwhonixlinuxmacosprivacy-toolstailsveracryptwindowsopsec
  Language:HTML 531

• wazuh / wazuh-dashboard-plugins

  Plugins for Wazuh Dashboard

  wazuhossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringopenscapsecurity-hardeningidspci-dssfile-integrity-managementsecurity-awarenesslog-analysisvulnerability-detectionincident-responsegdpropensearch-dashboardsopensearch-plugins
  Language:TypeScript 485

• wazuh / wazuh-ruleset

  Wazuh - Ruleset

  wazuhossecsecurityloganalyzercompliancemonitoringintrusion-detectionpolicy-monitoringelasticsearchopenscapsecurity-hardeningidspci-dssfile-integrity-managementsecurity-awarenesslog-analysisvulnerability-detectionincident-response
  Language:Python 479

• slsa-framework / slsa-github-generator

  Language-agnostic SLSA provenance generation for Github Actions

  securitysecurity-hardeningsecurity-toolsslsaslsaprovenance
  Language:Go 460

• FusionAuth / security-scripts

  Scripts built from our Guide to User Data Security

  security-hardeningchef-recipessecurityfusionauth
  Language:Shell 445
• PHP-Login-System

  msaad1999 / PHP-Login-System

  Embeddable and Secure PHP Authentication System with Login, Signup, User Profiles, Profile Editing, Account Verification via Email, Password Reset System, Remember-Me Feature and more.

  authentication-frameworklogin-systemaccount-verificationphpaccount-activationremember-mepassword-resetsecurecsrf-protectionheader-injectionsql-injection-filterersecurity-hardeningprofile-editingregistrationphp-loginprofile-imagedatabaseprofile-pagesqlprofile
  Language:PHP 443

• cagataycali / xss-listener

  🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.

  security-hardeningsecurity-toolsxssxss-attacksxss-harvestxss-harvester
  Language:JavaScript 435

• marshyski / quick-secure

  Quickly secure UNIX/Linux systems

  linuxsecuritysecurity-hardeningdockerdocker-security
  Language:Shell 417