An evolving how-to guide for securing a Linux server.
-
Updated
Mar 20, 2022
#
hardening
Here are 311 public repositories matching this topic...
Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.
linux
shell
auditing
devops
unix
security-audit
pci-dss
compliance
hardening
security-vulnerability
security-hardening
devops-tools
hipaa
vulnerability-detection
vulnerability-scanners
security-scanner
vulnerability-assessment
gdpr
security-tools
system-hardening
-
Updated
Mar 17, 2022 - Shell
This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
linux
checklist
security
cis
guide
centos
audit
manual
pci-dss
hardening
openscap
linux-security
linux-hardening
redhat-enterprise-linux
-
Updated
Apr 5, 2020
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.
aws
security
cis
security-audit
cloud
aws-cli
assessment
forensics
compliance
hardening
security-hardening
hipaa
cloudtrail
hacktoberfest
gdpr
security-tools
devsecops
cis-benchmark
aws-auditing
well-architected
-
Updated
Apr 7, 2022 - Shell
This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
linux
nginx
ansible
protection
collection
playbook
role
devsec
hardening
hacktoberfest
sysctl
ansible-collection
os-hardening
mysql-hardening
ssh-hardening
nginx-hardening
-
Updated
Mar 25, 2022 - Jinja
letsencrypt
docker
nginx
kubernetes
security
devops
hosting
reverse-proxy
clamav
cybersecurity
swarm
web-security
hardening
modsecurity
dnsbl
devsecops
antibot
crowdsec
bunkerized-nginx
security-tuning
-
Updated
Mar 20, 2022 - Python
Security automation content in SCAP, Bash, Ansible, and other formats
security
ansible
cybersecurity
pci-dss
application-security
compliance
scap
hardening
security-hardening
xccdf
oval
cpe
information-security
cce
usgcb
ospp
stig
security-automation
security-tools
security-profile
-
Updated
Apr 8, 2022 - Shell
-
Updated
Dec 2, 2020 - Python
Windows Hardening settings and configurations
windows
checklist
security
registry
powershell
audit
windows-10
hardening
defense
blueteam
windows-hardening
policy-analyzer
-
Updated
Mar 27, 2022 - PowerShell
LunaSec - Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service. Get started in one-click via our GitHub App or host it yourself. https://github.com/apps/lunatrace-by-lunasec/
security
dependency-analysis
cybersecurity
pci-dss
web-security
compliance
hardening
scanning
cve-scanning
tokenization
gdpr
security-tools
devsecops
zero-trust
soc2
privacy-by-design
sbom
scanning-tool
sbom-generator
log4shell
-
Updated
Apr 7, 2022 - TypeScript
2
enhancement
New feature or request
help wanted
Extra attention is needed
good first issue
Good for newcomers
Hacktoberfest
Hardening Ubuntu. Systemd edition.
shell
security
ubuntu
systemd
hardening
ubuntu-server
security-hardening
information-security
security-automation
security-tools
security-compliance
-
Updated
Apr 7, 2022 - Shell
Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.
aws
security
devops
terraform
hardening
security-hardening
terraform-modules
security-tools
cis-benchmark
aws-auditing
terraform-module
-
Updated
Mar 31, 2022 - HCL
This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.
-
Updated
Nov 16, 2020 - HTML
Automated System Hardening Framework
-
Updated
Oct 24, 2020 - Python
Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.
security
memory
memory-allocator
malloc
hardening
memory-allocation
quarantine
malloc-library
slab-allocator
grapheneos
-
Updated
Apr 5, 2022 - C
AWS Auditing & Hardening Tool
-
Updated
Feb 4, 2020 - Shell
WhiteWinterWolf
commented
May 1, 2021
I'm not confident in the security brought by the readonly_exec statement.
In the classical *nix DAC model, it is expected for unprivileged users to be able to change the write permission flag on files they own. Therefore, Snuffleupagus readonly_exec statement only relies on the hope that an attacker won't find a way to rely on this standard mechanism to prevent the execution of arbitrary
Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
linux
iptables
centos7
ubuntu1604
hardening
ubuntu-server
security-hardening
modsecurity
linux-server
lamp-stack
system-hardening
cis-benchmark
ubuntu1804
hardening-steps
lamp-deployer
lemp-deployer
-
Updated
Sep 21, 2020 - PHP
Ansible role for Red Hat 7 CIS Baseline
security
cis
ansible-role
rhel7
hardening
security-hardening
redhat7
compliance-as-code
compliance-automation
redhat-ansible
-
Updated
Mar 1, 2022 - YAML
This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.
kubernetes
golang
security
monitoring
cluster
logging
cncf
cloud-native
hardening
vulnerabilities
certification
cks
ckss
cks-exam
cluster-hardening
kubernetes-platforms
securing-kubernetes
-
Updated
Aug 31, 2021 - HTML
CIS Docker Benchmark - InSpec Profile
-
Updated
Mar 18, 2022 - Ruby
xen0l
commented
Apr 6, 2021
Every now and then happens that the instance fails to boot up and it would be good to have a way how to debug it, AWS just provided it. aws-gate should have support for this.
More https://aws.amazon.com/about-aws/whats-new/2021/03/introducing-ec2-serial-console/
Open
Type annotations
1
Improve this page
Add a description, image, and links to the hardening topic page so that developers can more easily learn about it.
Add this topic to your repo
To associate your repository with the hardening topic, visit your repo's landing page and select "manage topics."
https://github.com/0xmachos/mOSL is a good replacement until this is updated.
Basically, we should remove all settings that are no longer relevant, and add ones that are newly added.