Open-source projects categorized as Hardening Edit details

Top 23 Hardening Open-Source Projects

  • How-To-Secure-A-Linux-Server

    An evolving how-to guide for securing a Linux server.

    Project mention: Online game network security | reddit.com/r/gamedev | 2022-08-08
  • lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Project mention: RHEL hardening | reddit.com/r/linuxquestions | 2022-07-28
  • Scout APM

    Less time debugging, more time building. Scout APM allows you to find and fix performance issues with no hassle. Now with error monitoring and external services monitoring, Scout is a developer's best friend when it comes to application development.

  • prowler

    Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

    Project mention: Pentesting | reddit.com/r/AskNetsec | 2022-07-28

    To add onto what /u/mekkr_ has said; you can also use tools like Prowler to ensure your environment is compliant. Prowler also has conmon and forensic capabilities.

  • ansible-collection-hardening

    This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

    Project mention: Ansible for automation/ hardening. | reddit.com/r/ansible | 2022-08-10
  • bunkerweb

    🛡️ Make your web services secure by default !

    Project mention: Structure of my rebuilt HomeServer with Podman | reddit.com/r/selfhosted | 2022-08-10

    Right now I'm doing a similar setup but I want to use NGINX with integrated WAF.

  • hardentools

    Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

    Project mention: What should I do when Windows can't remove the virus? | reddit.com/r/antivirus | 2022-07-12

    Link: https://github.com/securitywithoutborders/hardentools

  • content

    Security automation content in SCAP, Bash, Ansible, and other formats (by ComplianceAsCode)

    Project mention: Ansible for automation/ hardening. | reddit.com/r/ansible | 2022-08-10
  • SonarLint

    Clean code begins in your IDE with SonarLint. Up your coding game and discover issues early. SonarLint is a free plugin that helps you find & fix bugs and security issues from the moment you start writing code. Install from your favorite IDE marketplace today.

  • windows_hardening

    Windows Hardening settings and configurations

    Project mention: How can I batch convert H264 to H265 this command on Window? | reddit.com/r/ffmpeg | 2022-07-04

    #1: "HardeningKitty was created to simplify the hardening of Windows. Now, HardeningKitty supports guidelines from Microsoft, CIS Benchmarks, DoD STIG and BSI SiSyPHuS Win10. And of course [their] own hardening list." | 20 comments #2: For those that work in IT Admin, what are the key Powershell Commands that every admin should know? #3: I wrote the mother-of-all onboarding scripts and now everyone blames me for everything...

  • mongoaudit

    🔥 A powerful MongoDB auditing and pentesting tool 🔥

  • lunasec

    LunaSec - Open Source AppSec platform that automatically notifies you the next time vulnerabilities like Log4Shell or node-ipc happen. Track your dependencies and builds in a centralized service. Get started in one-click via our GitHub App or host it yourself. https://github.com/apps/lunatrace-by-lunasec/

    Project mention: How to support open-source software and stay sane | news.ycombinator.com | 2022-08-03

    - Put the project into Awesome Lists so that people will actually find it (also helps with SEO)

    - Add a license to the repo and, if you really want people to trust it, add license headers to every file (I see _so many_ projects without even a LICENSE file. Without this, it's illegal to use the code at all!)

    Beyond all of that, Docs help a lot too, as does a "legit" looking website, but you can get away with pretty crappy docs if you do all of the above.

    0: https://github.com/lunasec-io/lunasec/

  • hardening

    Hardening Ubuntu. Systemd edition.

  • terraform-aws-secure-baseline

    Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

  • grapheneX

    Automated System Hardening Framework

  • hardened_malloc

    Hardened allocator designed for modern systems. It has integration into Android's Bionic libc and can be used externally with musl and glibc as a dynamic library for use on other Linux-based platforms. It will gain more portability / integration over time.

    Project mention: Few questions about GrapheneOS usability. | reddit.com/r/PrivacyGuides | 2022-08-07

    You should read the usage guide on the website https://grapheneos.org/. It will answer your questions.

  • snuffleupagus

    Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

    Project mention: Any reviews of Snuffleupagus based on actual experience? | reddit.com/r/PHP | 2022-05-08

    Having had to deal with a PHP exploit and still dealing with it I was looking around and came across jvoisin/snuffleupagus: Security module for php7 and php8 with is a successor to suhosin.

  • JShielder

    Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

    Project mention: JShielder: Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark | reddit.com/r/CKsTechNews | 2022-03-28

    Ansible role for Red Hat 7 CIS Baseline

    Project mention: How do you organize your folders when you have many projects and playbooks? | reddit.com/r/ansible | 2022-04-26
  • cis-docker-benchmark

    CIS Docker Benchmark - InSpec Profile

  • aws-gate

    Better AWS SSM Session manager CLI client

  • HardeningKitty

    Invoke-HardeningKitty - Checks and hardens your Windows configuration

  • ansible-role-hardening

    Ansible role to apply a security baseline. Systemd edition.

    Project mention: AKS worker-node host operating systems | reddit.com/r/AZURE | 2021-08-21

    Many thanks u/pixelavenger. While I did not (yet) find the specific CIS recommendation, but I did find this which indicates that disabling SCTP module is perhaps too strong a reaction if the only justification is disabling those networking features that are usually not used frequently (to reduce attack surface). Apparently there was a vulnerability in WebRTC's user-space SCTP implementation, which has hence been fixed. There seem to be no known vulnerabilities in linux kernel SCTP implementation. Do you think Azure Support might be requested to optionally enable SCTP kernel module in the images ? Thanks also for the idea about using Daemon-set approach, perhaps a bit kludgy for the needs, as one'd need to invent a way to synchronize the completion of Daemon-set's task of enabling SCTP and startup of application that needs SCTP. Still better than nothing at all.

  • Windows11_Hardening

    My Windows 11 x64 security hardening guide

    Project mention: Windows 10 / Mobile Security Hardening | reddit.com/r/PrivacyGuides | 2022-08-08

    Works also for Windows 10, although upgrading to Windows 11 would be recommended from a security standpoint: https://github.com/beerisgood/Windows11_Hardening


    Ansible role for Red Hat 7 STIG Baseline

    Project mention: My org will soon be using Ansible, because of me | reddit.com/r/sysadmin | 2022-07-18

    I have been using this to start the AMI baseline https://github.com/ansible-lockdown/RHEL7-STIG

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-08-10.

Hardening related posts


What are some of the best open-source Hardening projects? This list will help you:

Project Stars
1 How-To-Secure-A-Linux-Server 12,534
2 lynis 9,910
3 prowler 6,397
4 ansible-collection-hardening 2,837
5 bunkerweb 2,597
6 hardentools 2,289
7 content 1,630
8 windows_hardening 1,315
9 mongoaudit 1,252
10 lunasec 1,132
11 hardening 936
12 terraform-aws-secure-baseline 910
13 grapheneX 763
14 hardened_malloc 751
15 snuffleupagus 601
16 JShielder 590
17 RHEL7-CIS 429
18 cis-docker-benchmark 402
19 aws-gate 383
20 HardeningKitty 293
21 ansible-role-hardening 291
22 Windows11_Hardening 280
23 RHEL7-STIG 270
Find remote jobs at our new job board 99remotejobs.com. There are 3 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
SaaSHub - Software Alternatives and Reviews
SaaSHub helps you find the best software and product alternatives