content
AMDH
Our great sponsors
content | AMDH | |
---|---|---|
7 | 1 | |
2,068 | 184 | |
2.4% | - | |
10.0 | 1.6 | |
7 days ago | about 1 year ago | |
Shell | Python | |
GNU General Public License v3.0 or later | GNU General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
content
- Oracle linux CIS benchmark
-
FIPS 140 and MacOS
For starters there's an entire NIST project for macOS Security Compliance - https://github.com/usnistgov/macos_security this will make your life a million times easier to meet a lot of the technical controls required for compliance. Nothing like this really exists for Windows or Linux(closest is Compliance As Code https://github.com/ComplianceAsCode/content)
- Ansible for automation/ hardening.
- I wrote a Script to bring firefox into dISA STIG compliance on RHEL 7 & 8 systems.
- hardening a RHEL8 VM using OpenSCAP and DISA STIG
-
CIS Benchmarking Git Community
I haven't used this in a while but take a look at ComplianceAsCode it is attempting to apply controls for each of the different benchmarks on different OSes. It might have what you are looking for, plus you can always contribute back any changes you make to help others.
- ComplianceAsCode/content: Security automation content in SCAP, OSCAL, Bash, Ansible, and other formats
AMDH
-
Open source app like Bouncer for temporary permissions?
If your device gets android 11 update it would have been easier . For now you can harden android and thus avoid any access to your data from 3rd party . Since you have old version its better to root and install stock ram that does that or install app like App ops and Storage isolation
What are some alternatives?
flake8-bandit - Automated security testing using bandit and flake8.
Android-PIN-Bruteforce - Unlock an Android phone (or device) by bruteforcing the lockscreen PIN. Turn your Kali Nethunter phone into a bruteforce PIN cracker for Android devices! (no root, no adb)
hardening - Hardening Ubuntu. Systemd edition.
mvt - MVT (Mobile Verification Toolkit) helps with conducting forensics of mobile devices in order to find signs of a potential compromise.
ansible-role-hardening - Ansible role to apply a security baseline. Systemd edition.
Mobile-Security-Framework-MobSF - Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.
ansible-role-rhel8-stig - DISA STIG for Red Hat Enterprise Linux 8 - Ansible role generated from ComplianceAsCode Project
BunkerWeb - 🛡️ Make your web services secure by default !
prowler - Prowler is an Open Source Security tool for AWS, Azure, GCP and Kubernetes to do security assessments, audits, incident response, compliance, continuous monitoring, hardening and forensics readiness. Includes CIS, NIST 800, NIST CSF, CISA, FedRAMP, PCI-DSS, GDPR, HIPAA, FFIEC, SOC2, GXP, Well-Architected Security, ENS and more
urlRecon - :pencil: urlRecon - Info Gathering or Recon tool for Urls -> Retrieves * Whois information of the domain * DNS Details of the domain * Server Fingerprint * IP geolocation of the server
lunasec - LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/
IPED - IPED Digital Forensic Tool. It is an open source software that can be used to process and analyze digital evidence, often seized at crime scenes by law enforcement or in a corporate investigation by private examiners.