113 Open Source Hardening Software Projects
Free and open source hardening code projects including engines, APIs, generators, and tools.
The Practical Linux Hardening Guide 8816 ⭐
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
Lynis 9270 ⭐
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
Toniblyx Prowler 4762 ⭐
Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.
Ansible Os Hardening 2594 ⭐
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
Hardentools 2124 ⭐
Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
Awesome Windows Domain Hardening 1402 ⭐
A curated list of awesome Security Hardening techniques for Windows.
Ansible Ssh Hardening 764 ⭐
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
Terraform Aws Secure Baseline 814 ⭐
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
Snuffleupagus 551 ⭐
Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!
Hardened_malloc 669 ⭐
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
Chef Os Hardening 405 ⭐
This chef cookbook provides numerous security-related configurations, providing all-round base protection.
Puppet Os Hardening 245 ⭐
This puppet module provides numerous security-related configurations, providing all-round base protection.
Hardentheworld 164 ⭐
Harden the world is a community driven project to develop hardening guidelines and checklists for common software and devices.
Chef Ssh Hardening 149 ⭐
This chef cookbook provides secure ssh-client and ssh-server configurations.
Windows 10 Hardening 137 ⭐
An admittedly frivolous (and infrequently updated) attempt to harden Windows 10.
Citellus 86 ⭐
Automation Troubleshooting Framework to validate and report configuration, software installed, etc with bash, python, and your language of choice.
Chef Windows Hardening 86 ⭐
This chef cookbook provides windows hardening configurations for the DevSec Windows baseline profile.
Klaver Sysctl 92 ⭐
Linux/BSD kernel tuning and network security hardening optimizations, improving the performance of server systems via optimized sysctl tweaks
Doc Sle 75 ⭐
Official SUSE Linux Enterprise Documentation [Everyone, please use feature/ branches, create PRs and ensure CI runs successfully rather than just pushing to main!]
Nim Contra 45 ⭐
Lightweight Self-Documenting Design by Contract Programming and Security Hardened mode.
Fastaudit 26 ⭐
:shipit: A wordpress security auditor! Audit your wordpress application for security issues with even 1 request.
First Steps And Hardening In Ubuntu Server And Docker 24 ⭐
First Steps in Ubuntu (Server) / Hardening and Config With Docker
Dollarlinuxclub 23 ⭐
A guidelines for hardening including custom Debian kernels,headers,firmwares,tools,jail,sandbox and configs files
Ckss Certified Kubernetes Security Specialist 398 ⭐
This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
Certified Kubernetes Security Specialist 105 ⭐
References for CKS Exam Objectives - Certified Kubernetes Security Specialist
Cis Ubuntu 20.04 Ansible 131 ⭐
Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
Metabadger 98 ⭐
Prevent SSRF attacks on AWS EC2 via automated upgrades to the more secure Instance Metadata Service v2 (IMDSv2).
Sebaz 16 ⭐
Tool to check compliance with CIS Linux Benchmarks, specifically Distribution Independent, Debian 9 and Ubuntu 18.04 LTS, and generate spreadsheet and report of result.
Terraform Aws Secure Vpc 13 ⭐
A terraform module to create a VPC with secure default configurations.
Hardening Geniso 15 ⭐
Packer template to create a hardened Vagrant Ubuntu 20.04 server base box, and a OVF package.