hardening

An evolving how-to guide for securing a Linux server.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

🛡️ Make your web services secure by default !

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

Security automation content in SCAP, Bash, Ansible, and other formats

HardeningKitty and Windows Hardening settings and configurations

A curated list of awesome Security Hardening techniques for Windows.

🔥 A powerful MongoDB auditing and pentesting tool 🔥

Easily configure macOS security settings from the terminal.

Hardening Ubuntu. Systemd edition.

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.

Automated System Hardening Framework

This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.

AWS Auditing & Hardening Tool

DevSec Linux Baseline - InSpec Profile

Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark