An evolving how-to guide for securing a Linux server.
-
Updated
Mar 20, 2022
#
security-hardening
Here are 276 public repositories matching this topic...
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
linux
shell
auditing
devops
unix
security-audit
pci-dss
compliance
hardening
security-vulnerability
security-hardening
devops-tools
hipaa
vulnerability-detection
vulnerability-scanners
security-scanner
vulnerability-assessment
gdpr
security-tools
system-hardening
-
Updated
Jul 20, 2022 - Shell
Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
go
linux
golang
freebsd
security
security-audit
administrator
cybersecurity
security-vulnerability
vulnerabilities
security-hardening
vulnerability-detection
vulnerability-management
vulnerability-scanners
security-scanner
vulnerability-assessment
vuls
security-automation
security-tools
vulnerability-scanner
-
Updated
Jul 19, 2022 - Go
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
aws
security
cis
security-audit
cloud
aws-cli
assessment
forensics
compliance
hardening
security-hardening
hipaa
cloudtrail
hacktoberfest
gdpr
security-tools
devsecops
cis-benchmark
aws-auditing
well-architected
-
Updated
Jul 21, 2022 - Shell
Wazuh - The Open Source Security Platform
security
elasticsearch
log-analysis
monitoring
incident-response
ids
intrusion-detection
pci-dss
compliance
security-hardening
loganalyzer
vulnerability-detection
ossec
openscap
wazuh
policy-monitoring
security-awareness
file-integrity-management
-
Updated
Jul 21, 2022 - C
A collection of awesome security hardening guides, tools and other resources
security
best-practices
cybersecurity
infosec
awesome-list
security-hardening
cyber-security
computer-security
blueteam
security-tools
blue-team
linux-hardening
cis-benchmarks
windows-hardening
-
Updated
Jun 29, 2022
Open
Update to clap3
user.js -- Firefox configuration hardening
-
Updated
Mar 28, 2022 - JavaScript
ggbecker
commented
Apr 20, 2022
Extend macro function that creates OCIL entries for package removed rules to support both package removed/installed rules using an extra parameter to define the behavior of the ocil_clause (the ocil clause "package is installed" for removed package rules and "package is not installed" for installed package rules)
https://github.com/ComplianceAsCode/content/blob/fe68fcd788b85eed7559e6174d71a67
good first issue
Good candidates to get started contributing to CaC.
Librefox: Firefox with privacy enhancements
firefox
security
privacy
browser
addon
freedom
mozilla
android-application
free-software
libre
mac-app
android-app
security-hardening
linux-app
mozilla-firefox
windows-app
anti-fingerprinting
libresoftware
libre-software
extensions-firewall
-
Updated
Mar 28, 2021 - JavaScript
Generates sandboxes for C/C++ libraries automatically
-
Updated
Jul 18, 2022 - C++
rails
checklist
security
security-audit
ruby-on-rails
security-hardening
rails-security
rails-security-checklist
-
Updated
Jul 17, 2022 - Ruby
Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑 🍆
macos
vuejs
privacy
domain-driven-design
macosx
cleanup
windows10
bloatware
security-hardening
tweaks-collection
security-tools
privacy-protection
debloat
privacy-tools
debotnet
spybot
debloater
bloatware-removal
-
Updated
Jul 20, 2022 - TypeScript
Simple Golang HTTPS/TLS Examples
go
golang
security
security-audit
awesome
tools
openssl
https
http2
secure
httpclient
libressl
security-hardening
https-server
security-scanner
security-tools
-
Updated
Nov 20, 2020
2
alichtman
commented
Oct 24, 2018
https://github.com/0xmachos/mOSL is a good replacement until this is updated.
Basically, we should remove all settings that are no longer relevant, and add ones that are newly added.
enhancement
New feature or request
help wanted
Extra attention is needed
good first issue
Good for newcomers
Hacktoberfest
Hardening Ubuntu. Systemd edition.
shell
security
ubuntu
systemd
hardening
ubuntu-server
security-hardening
information-security
security-automation
security-tools
security-compliance
-
Updated
Jul 19, 2022 - Shell
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
aws
security
devops
terraform
hardening
security-hardening
terraform-modules
security-tools
cis-benchmark
aws-auditing
terraform-module
-
Updated
Jul 12, 2022 - HCL
USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)
linux
security
c-plus-plus
whitelist
blacklist
usb
security-hardening
usb-devices
rule-language
hacktoberfest
-
Updated
May 26, 2022 - C++
Security Knowledge Framework (SKF) Python Flask / Angular project
security
security-audit
secure-by-default
security-hardening
security-training
secure-coding
security-framework
security-standards
owasp-skf
security-knowledge
security-requirements
-
Updated
Jul 8, 2022 - HTML
xXx-caillou-xXx
commented
Aug 11, 2019
Hi,
It seems like there is an error in the reporting of invalid configuration.
Using this configuration file:
# This
# is
# a
# comment
sp.does_not_exist.enable();I get:
PHP message: PHP Fatal error: [snuffleupagus][config] Invalid configuration file in Unknown on line 0
I'm using the latest version of master, with php7.3-fpm.
I can do a PR for this, but I
Continuously monitor your AWS attack surface and evaluate services for configurations that can lead to degradation of confidentiality, integrity or availability. All results can be exported to Security Hub, JSON, CSV, Databases, and more for further aggregation and analysis.
security-audit
compliance
security-hardening
aws-security
monitoring-tool
security-tools
devsecops
soar
security-engineering
cloud-security
aws-audit
cloud-auditing
security-monitoring
well-architected
cloud-compliance-reporting
security-hub
aws-compliance
continuous-compliance
attack-surface-management
-
Updated
Jun 14, 2022 - Python
Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
linux
iptables
centos7
ubuntu1604
hardening
ubuntu-server
security-hardening
modsecurity
linux-server
lamp-stack
system-hardening
cis-benchmark
ubuntu1804
hardening-steps
lamp-deployer
lemp-deployer
-
Updated
Sep 21, 2020 - PHP
2
empijei
commented
Nov 22, 2021
A nice feature of http.Mux is that it can be used as a handler, so users can set up separate parts of an application on separate muxes that share a common configuration (e.g. a set of interceptors) and then install them on the root mux.
This is currently not possible with GSW, and we should seriously consider doing it.
Open Source Security Guide
security
best-practices
owasp
cybersecurity
penetration-testing
compliance
vulnerabilities
security-hardening
vulnerability-detection
cve-scanning
vulnerability-scanners
security-automation
security-tools
privacy-protection
redteam
pentesting-tools
blueteaming
kubernetes-security
digital-forensic-readiness
awesome-security
-
Updated
Jul 19, 2022 - Go
Kubernetes RBAC static analysis & visualisation tool
kubernetes
security
analysis
static-analysis
visualisation
rbac
k8s
role-based-access-control
security-hardening
security-scanner
security-tools
rbac-management
rbac-configuration
redisgraph
rbac-roles
-
Updated
Jul 13, 2022 - Ruby
Ansible playbook roles for security
-
Updated
Sep 7, 2018
Scripts built from our Guide to User Data Security
-
Updated
Oct 21, 2018 - Shell
Ansible role for Red Hat 7 CIS Baseline
security
cis
ansible-role
rhel7
hardening
security-hardening
redhat7
compliance-as-code
compliance-automation
redhat-ansible
-
Updated
Jul 13, 2022 - YAML
-
Updated
Jun 28, 2022 - JavaScript
Quickly secure UNIX/Linux systems
-
Updated
Mar 9, 2020 - Shell
Improve this page
Add a description, image, and links to the security-hardening topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the security-hardening topic, visit your repo's landing page and select "manage topics."
Clap3 deprecated YAML support, so we need to rewrite command-line parsing to use the new APIs.