security-hardening

Open-source projects categorized as security-hardening Edit details

Top 23 security-hardening Open-Source Projects

  • How-To-Secure-A-Linux-Server

    An evolving how-to guide for securing a Linux server.

    Project mention: Selfhosting Security for Cloud Providers like Hetzner | reddit.com/r/selfhosted | 2022-09-25

    I suggest these resources: - Some fundamentals: https://www.cyberciti.biz/tips/linux-security.html - One of the best imho ( exhaustive list ): https://github.com/imthenachoman/How-To-Secure-A-Linux-Server - Ansible playbook to harden security by Jeff Geerling: https://github.com/geerlingguy/ansible-role-security - OAWSP Check list ( targeted for web apps... and honestly a bit overkill ): https://github.com/0xRadi/OWASP-Web-Checklist

  • lynis

    Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

    Project mention: Linux security | reddit.com/r/sysadmin | 2022-09-16
  • talent.io

    Download talent.io’s Tech Salary Report. Median salaries, most in-demand technologies, state of the remote work... all you need to know your worth on the market by tech recruitment platform talent.io

  • vuls

    Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices

    Project mention: Scan for vulnerabilities? | reddit.com/r/debian | 2022-08-23
  • prowler

    Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 240 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks.

    Project mention: Opensource equivalent of Sailpoint | reddit.com/r/sysadmin | 2022-09-25

    You’re not going to find a shiny enterprise web ui for free but there are tools out there. If you just want to review AWS accounts, you can use prowler https://github.com/prowler-cloud/prowler

  • Wazuh

    Wazuh - The Open Source Security Platform

    Project mention: Wazuh · The Open Source Security Platform https://wazuh.com/ | reddit.com/r/Podnutz | 2022-10-03
  • awesome-security-hardening

    A collection of awesome security hardening guides, tools and other resources

    Project mention: Android fans, what are the primary reasons why you will never ever switch to an Iphone? | reddit.com/r/AskReddit | 2022-09-25
  • c2rust

    Migrate C code to Rust

    Project mention: “Rust is safe” is not some kind of absolute guarantee of code safety | reddit.com/r/programming | 2022-10-02

    I expect that is because you're not particularly familiar with either LLVM or Rust, considering C can literally be transpiled to Rust.

  • Scout APM

    Truly a developer’s best friend. Scout APM is great for developers who want to find and fix performance issues in their applications. With Scout, we'll take care of the bugs so you can focus on building great things 🚀.

  • user.js

    user.js -- Firefox configuration hardening (by pyllyukko)

    Project mention: Is there any recent user.js you'd recommend for Firefox? | reddit.com/r/privacy | 2022-09-09

    I've been using the user.js script based on https://github.com/pyllyukko/user.js/tree/relaxed for a few years now, but today I noticed that it hasn't been updated for quite a while.

  • privacy.sexy

    Open-source tool to enforce privacy & security best-practices on Windows and macOS, because privacy is sexy 🍑🍆

    Project mention: When you are working for a Startup that cannot afford IDE licenses | reddit.com/r/ProgrammerHumor | 2022-10-02
  • content

    Security automation content in SCAP, Bash, Ansible, and other formats (by ComplianceAsCode)

    Project mention: Ansible for automation/ hardening. | reddit.com/r/ansible | 2022-08-10
  • Librefox

    Librefox: Firefox with privacy enhancements

    Project mention: Each Firefox download has a unique identifier | news.ycombinator.com | 2022-03-17
  • sandboxed-api

    Generates sandboxes for C/C++ libraries automatically

    Project mention: Google SAPI: Generate sandboxes for C/C++ libraries automatically | news.ycombinator.com | 2021-11-18

    In case you're using CMake instead, you may want to take a look at the `hello_sapi` example (https://github.com/google/sandboxed-api/blob/main/sandboxed_...).

  • rails-security-checklist

    :key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)

  • golang-tls

    Simple Golang HTTPS/TLS Examples

    Project mention: Error when trying to use TLS in net/ip | reddit.com/r/golang | 2021-12-04

    Using this guide, I generated the SSL files and attempted to create a TLS (transport layer security) — Server example. When testing with an application as a client, it returns ```certificate verify failed```. I tried cloudflare cert ECDSA SHA256 and all got the same error. What is the correct way to get this to work?

  • hardening

    Hardening Ubuntu. Systemd edition.

  • terraform-aws-secure-baseline

    Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

  • usbguard

    USBGuard is a software framework for implementing USB device authorization policies (what kind of USB devices are authorized) as well as method of use policies (how a USB device may interact with the system)

    Project mention: Prevent badusb attack? | reddit.com/r/linuxmasterrace | 2022-09-22

    Isn't UsbGuard designed to prevent exactly just that?

  • ElectricEye

    Continuously monitor your AWS attack surface and evaluate services for configurations that can lead to degradation of confidentiality, integrity or availability. All results can be exported to Security Hub, JSON, CSV, Databases, and more for further aggregation and analysis.

    Project mention: Continuously monitor your AWS services for (bad) configurations | news.ycombinator.com | 2022-03-24
  • snuffleupagus

    Security module for php7 and php8 - Killing bugclasses and virtual-patching the rest!

    Project mention: Snuffleupagus – security module for PHP – killing bug classes and patching bugs | news.ycombinator.com | 2022-08-27
  • JShielder

    Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

    Project mention: JShielder: Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark | reddit.com/r/CKsTechNews | 2022-03-28
  • Open-Source-Security-Guide

    Open Source Security Guide

    Project mention: New to Forensics, Drop some Forensics tools/training content | reddit.com/r/computerforensics | 2022-07-16

    Open sourse OS that comes preintalled with lots of tools we use includijg a software write blocker. Best for investigating an image of an infected device. https://tsurugi-linux.org/ IR plan https://github.com/guardsight/gsvsoc_cybersecurity-incident-response-plan Very detailed IR battle cards https://github.com/guardsight/gsvsoc_cirt-playbook-battle-cards IR focused guide that lists lots of helpful tools and resources, like things to use for reverse engineering. https://github.com/mikeroyal/Open-Source-Security-Guide

  • krane

    Kubernetes RBAC static analysis & visualisation tool

    Project mention: Data and System Visualization Tools That Will Boost Your Productivity | dev.to | 2022-06-13

    Krane is a tool that can generate graph showing relationships between all roles and subjects. Krane also has many more features, including RBAC risk assessment, reporting and alerting, as well as querying/interrogating RBAC rules with CypherQL.

  • Windows11_Hardening

    A collection about Windows 11 security

    Project mention: How to prepare W11 from denied to collect any data from Microsoft? | reddit.com/r/PrivacyGuides | 2022-09-30

    checkout these two pages. there’s some other alternatives like SophiApp and Windows10Debloater, but i find following the microsoft documentation linked in the first two pages to be a lot more effective. since you’re doing everything yourself, you know exactly what is being changed and you won’t get any surprises if a feature you do like no longer works or works differently than expected. it isn’t too hard to do either, all of it is just registry keys you can copy and paste or group policy options

  • SonarQube

    Static code analysis for 29 languages.. Your projects are multi-language. So is SonarQube analysis. Find Bugs, Vulnerabilities, Security Hotspots, and Code Smells so you can release quality code every time. Get started analyzing your projects today for free.

NOTE: The open source projects on this list are ordered by number of github stars. The number of mentions indicates repo mentiontions in the last 12 Months or since we started tracking (Dec 2020). The latest post mention was on 2022-10-03.

security-hardening related posts

Index

What are some of the best open-source security-hardening projects? This list will help you:

Project Stars
1 How-To-Secure-A-Linux-Server 13,107
2 lynis 10,082
3 vuls 9,517
4 prowler 6,605
5 Wazuh 4,769
6 awesome-security-hardening 3,394
7 c2rust 2,739
8 user.js 2,464
9 privacy.sexy 1,791
10 content 1,666
11 Librefox 1,639
12 sandboxed-api 1,537
13 rails-security-checklist 1,316
14 golang-tls 1,040
15 hardening 955
16 terraform-aws-secure-baseline 924
17 usbguard 858
18 ElectricEye 644
19 snuffleupagus 612
20 JShielder 612
21 Open-Source-Security-Guide 519
22 krane 511
23 Windows11_Hardening 479
Find remote jobs at our new job board 99remotejobs.com. There are 8 new remote jobs listed recently.
Are you hiring? Post a new remote job listing for free.
Build time-series-based applications quickly and at scale.
InfluxDB is the Time Series Data Platform where developers build real-time applications for analytics, IoT and cloud-native services in less time with less code.
www.influxdata.com