security-hardening
There are 316 repositories under security-hardening topic.
imthenachoman/How-To-Secure-A-Linux-Server
An evolving how-to guide for securing a Linux server.
CISOfy/lynis
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
wazuh/wazuh
Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
prowler-cloud/prowler
Prowler is the Open Cloud Security platform for AWS, Azure, GCP, Kubernetes, M365 and more. It helps for continuous monitoring, security assessments & audits, incident response, compliance, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, ENS and more
future-architect/vuls
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
decalage2/awesome-security-hardening
A collection of awesome security hardening guides, tools and other resources
undergroundwires/privacy.sexy
Open-source tool to enforce privacy & security best-practices on Windows, macOS and Linux, because privacy is sexy
immunant/c2rust
Migrate C code to Rust
HotCakeX/Harden-Windows-Security
Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels
pyllyukko/user.js
user.js -- Firefox configuration hardening
ComplianceAsCode/content
Security automation content in SCAP, Bash, Ansible, and other formats
intika/Librefox
Librefox: Firefox with privacy enhancements
google/sandboxed-api
Generate sandboxes for C/C++ libraries automatically
google/go-safeweb
Secure-by-default HTTP servers in Go.
konstruktoid/hardening
Hardening Ubuntu. Systemd edition.
eliotsykes/rails-security-checklist
:key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
denji/golang-tls
Simple Golang HTTPS/TLS Examples
beerisgood/Windows11_Hardening
a collection about Windows 11
USBGuard/usbguard
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
nozaq/terraform-aws-secure-baseline
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
alichtman/stronghold
Easily configure macOS security settings from the terminal.
vet-run/vet
vet is a command-line tool that acts as a safety net for the risky curl | bash pattern. It lets you inspect, diff against previous versions, and lint remote scripts before asking for your explicit approval to execute. Promoting a safer, more transparent way to handle remote code execution.
wazuh/wazuh-docker
Wazuh - Docker containers
step-security/harden-runner
Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.
blabla1337/skf-flask
Security Knowledge Framework (SKF) Python Flask / Angular project
jvoisin/snuffleupagus
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
Jsitech/JShielder
Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
appvia/krane
Kubernetes RBAC static analysis & visualisation tool
konstruktoid/ansible-role-hardening
Ansible role to apply a security baseline. Systemd edition.
Anon-Planet/thgtoa
The comprehensive guide for online anonymity and OpSec.
slsa-framework/slsa-github-generator
Language-agnostic SLSA provenance generation for Github Actions
wazuh/wazuh-dashboard-plugins
Plugins for Wazuh Dashboard
wazuh/wazuh-ruleset
Wazuh - Ruleset
msaad1999/PHP-Login-System
Embeddable and Secure PHP Authentication System with Login, Signup, User Profiles, Profile Editing, Account Verification via Email, Password Reset System, Remember-Me Feature and more.
FusionAuth/security-scripts
Scripts built from our Guide to User Data Security
talsec/Free-RASP-Community
SDK providing app protection and threat monitoring for mobile devices. Works with Flutter, React Native, Android and iOS. Shield your app with free RASP. Detect reverse engineering, root (Magisk), jailbreak, Frida, emulators, bots, tampering and integrity issues, obfuscation, VPN usage, malware, and monitor device identification and fingerprint.