Search Results for "hardening"
Sort By:
Showing 30 open source projects for "hardening"
View related business solutions-
Cut Data Warehouse Costs up to 54% with BigQueryBigQuery delivers up to 54% lower TCO than cloud alternatives. Migrate from legacy or competing warehouses using free BigQuery Migration Service with automated SQL translation. Get serverless scale with no infrastructure to manage, compressed storage, and flexible pricing—pay per query or commit for deeper discounts. New customers get $300 in free credit.
-
AI-powered service management for IT and enterprise teamsGive your IT, operations, and business teams the ability to deliver exceptional services—without the complexity. Maximize operational efficiency with refreshingly simple, AI-powered Freshservice.
-
1
lynis
Security auditing tool for Linux, macOS, and UNIX-based system
Lynis is a battle-tested security tool for systems running Linux, macOS, or Unix-based operating system. It performs an extensive health scan of your systems to support system hardening and compliance testing. The project is open source software with the GPL license and available since 2007. Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include security auditing, compliance testing (e.g. PCI, HIPAA, SOx), penetration testing, vulnerability detection, and system hardening. ... -
2
Self Hosting Guide
Learn all about locally hosting (on premises & private web servers)
...It covers conceptual guidance on why self-hosting can be advantageous (e.g., privacy, control, cost savings) as well as detailed, actionable instructions on setting up popular services such as web servers, media servers, home automation stacks, VPNs, backups, and monitoring tools. Throughout the guide, best practices for hardening, maintenance, and uptime are emphasized, helping users avoid common pitfalls and adopt resilient architectures. Rather than being a single tutorial, it aggregates a wide range of resources, project recommendations, deployment strategies, and platform comparisons to help people make informed decisions about what to self-host and how to do it responsibly. -
3
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others. +200 checks covering security best practices across all AWS regions and most AWS services. ... -
4
NGINX Admin’s Handbook
How to improve NGINX performance, security, and other important things
...It distills years of research, notes, and field experience into a single handbook that complements the official docs with concrete rules, explanations, and curated external references. The handbook spans fundamentals and advanced topics alike, from HTTP and SSL/TLS basics to reverse proxy patterns, performance tuning, debugging workflows, and hardening strategies. A centerpiece is its prioritized checklist of 79 rules, grouped by criticality, helping readers focus on what most impacts security, reliability, and speed. Instead of copy-paste snippets in isolation, it emphasizes understanding trade-offs, avoiding common pitfalls, and balancing security with usability. Designed for system administrators and web application engineers, it aims to be a living companion that encourages experimentation, measurement, and continuous improvement of NGINX configurations -
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
5
WordPress
Just a mirror of the WordPress subversion repository
...Its maturity means a vast ecosystem of third-party integrations—SEO tools, forms, e-commerce, analytics—are available and battle-tested. Internally, WordPress handles routing, query parsing, template resolution, caching, and security hardening so developers can focus on content and user experience rather than infrastructure plumbing. -
6
StackRox Kubernetes
Performs a risk analysis of the container environment
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox integrates with every stage of the container lifecycle: build, deploy and runtime. The StackRox Kubernetes Security platform is built on the foundation of the product formerly known as Prevent, which itself was called Mitigate and Apollo. You may find references to these previous names in code or documentation. -
7
Open Source API Firewall by Wallarm
Fast and light-weight API proxy firewall for request and response
API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. API Firewall provides API hardening with the use of a positive security model allowing calls that match a predefined API specification for requests and responses, while rejecting everything else. -
8
GitHub Actions for Firebase
GitHub Action for interacting with Firebase
This Action for firebase-tools enables arbitrary actions with the firebase command-line client. Starting with version v2.1.2 each version release will point to a versioned docker image allowing for hardening our pipeline (so things don't break when I do something dump). On top of this, you can also point to a master version if you would like to test out what might not be deployed into a release yet. If you want to add a message to a deployment (e.g. the Git commit message) you need to take extra care and escape the quotes or the YAML breaks. ... -
9
Personal Security Checklist
A compiled checklist of 300+ tips for protecting digital security
Personal Security Checklist is a comprehensive, plain-language checklist for improving personal digital security and privacy across devices, accounts, and everyday workflows. It’s organized so that complete beginners can make quick, high-impact changes, while advanced users can dig into deeper hardening steps. The guidance spans topics like passwords, 2FA, device encryption, browser hygiene, network safety, backups, and incident response planning. Each section breaks recommendations into actionable, bite-sized items with brief explanations, helping you understand the “why” as well as the “how.” The repository is continuously refined by a large community, which keeps the content practical, vendor-neutral, and up to date with evolving threats and best practices. ... -
Run Any Workload on Compute Engine VMsCompute Engine delivers high-performance virtual machines for web apps, databases, containers, and AI workloads. Choose from general-purpose, compute-optimized, or GPU/TPU-accelerated machine types—or build custom VMs to match your exact specs. With live migration and automatic failover, your workloads stay online. New customers get $300 in free credits.
-
10
verl
Volcano Engine Reinforcement Learning for LLMs
...Data pipelines treat human feedback, simulated environments, and synthetic preferences as interchangeable sources, which helps with rapid experimentation. VERL is meant for both research and production hardening: logging, checkpointing, and evaluation suites are built in so you can track learning dynamics and regressions over time. -
11
Rebuff
LLM Prompt Injection Detector
A self-hardening prompt injection detector. Rebuff is designed to protect AI applications from prompt injection (PI) attacks through a multi-layered defense. Rebuff is still a prototype and cannot provide 100% protection against prompt injection attacks. Add canary tokens to prompts to detect leakages, allowing the framework to store embeddings about the incoming prompt in the vector database and prevent future attacks. -
12
Hardened Slarpx
Experimental hardened Linux based on Xennytsu and Poison engine
...Xennytsu activates if an attacker gains a shell or attempts memory manipulation, detecting such activity within approximately 250 milliseconds and immediately terminating the offending process. Beyond passive hardening, Slarpx focuses on active intervention, sabotage, and destruction of attack paths when necessary. -
13
pic-standard
Local protocol for safe agentic AI. Intent + impact + verifiable
PIC (Provenance & Intent Contracts) serves as an action firewall for agentic AI. Lightweight, it adds machine-verifiable contracts to agent calls and actions and it is particularly efective at shielding the agent from propmpt-injection. Before any high-impact tool call, the agent must submit an Action Proposal (schema + verifier): - explicit intent - impact classification (read / write / money / irreversible / privacy / etc.) - provenance sources with trust levels (untrusted →... -
14
PQS
Petoron Quantum Standard (PQS)
...PQS v1.2 is a minimalistic, self-contained encryption engine for secure file protection, with zero reliance on external cryptographic libraries. PBKDF2-HMAC-SHA256 (200k iterations, adjustable) for password hardening. Key separation via BLAKE2s - independent keys for encryption and MAC. BLAKE2s-MAC authentication - 16-byte tag, any modification = instant rejection. Streaming keystream generator - secure, large-scale XOR without key reuse. Fake padding (HEAD/TAIL) - obfuscates binary boundaries and payload structure. Precise size encoding - restores original payload exactly. ... -
15
Pus
Computer speedup and hardening and debloating script
⭐ About Pus Pus is a tool developed by me. (PusPC) I also created some more tools. Pus is a computer speedup and hardening and debloating script. ⭐ Give it a review Give it a try if you care about your privacy and computer speed. Please give it a review so i can know what to add/fix. ⭐ Github Github link: https://github.com/PusPC/Pus -
16
Windows-Optimize-Harden-Debloat-GUI
C# Based GUI for Windows-Optimize-Harden-Debloat
-
17
𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝘃𝗲 𝘀𝗶𝘀𝘁𝗲𝗺 / 𝘇𝗲𝗿𝗼𝗱𝗮𝘆 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 _ Contains advanced security within the kernel, denying use of user memory not allowing user identification / This security allows to stop ransomware attacks _ ! Remove memory / wipe user-space and kernel after system shutdown * Browse anonymously without leaving a trace / tor / privoxy > Sign all operating system and boot verification . Integrity Measurement Architecture _ Subsystem is responsible for calculating the hashes of files...
-
18
RADPhE
Rapid Application Development PHP Hosting Environment
A Rapid PHP Application Development Environment designed for webmasters, developers, and hosts to enforce website uniformity, hardening, and light weight enough to function within shared hosting, in the presence of other scripts, and nested within itself. -
19
Miaosha
Design and implementation of flash sale system
...The project demonstrates stock deduction strategies designed to avoid overselling, combining pre-decrement in cache with reliable persistence and message-driven confirmation. Security hardening is addressed with ideas such as dynamic request paths, anti-bot measures, and one-time tokens to reduce automated abuse. The code showcases a typical Spring Boot stack that cleanly separates controllers, services, and persistence, making bottlenecks and optimization points easy to identify. As a study case, it provides a practical blueprint for building resilient sale/booking endpoints where fairness and correctness matter as much as raw throughput. -
20
Node.js chaos monkey
Extremly naughty chaos monkey for Node.js
...It integrates naturally with staging or even carefully guarded production environments where you want confidence instead of assumptions. Findings feed back into reliability work: hardening timeouts, rethinking concurrency limits, and improving fallbacks at code and infrastructure levels. By turning failure into a planned exercise, teams can surface weak spots before customers do. -
21
abumpack
Fortran library with the Abaqus user material subroutines UMAT/VUMAT
...The Abaqus is a proprietary finite element (FE) code ( http://www.3ds.com/products-services/simulia/products/abaqus/). Users can write subroutines for use with the Abaqus. Linear elastic, isotropic hardening plasticity, Gurson-Tvergaard-Needleman (GTN), Rousselier constitutive models are provided. Quote this code as: A. Shterenlikht, N. A. Alexander, Levenberg-Marquardt vs Powell's dogleg method for Gurson-Tvergaard-Needleman plasticity model, Computer Methods in Applied Mechanics and Engineering 237-240:1-9 (2012). DOI: http://dx.doi.org/10.1016/j.cma.2012.04.018 -
22
Advanced Persistent Security
Advanced Persistent Threat Security
The architecture of the system is integrated by different Fingerprinting mechanisms. The system is designed from a core that avoids the detection of sdhash and Memory analysis Built-in security, allows anonymous browsing by filtering requests external identification, Exit Tor Nodes and using the TOR Fingerprinting structure The system is designed to navigate without being detected or registered by any search engine or online platform denying all types of response to servers, The... -
23
Heads
A minimal Linux that runs as a coreboot or LinuxBoot ROM payload
...Unlike Tails, which aims to be a stateless OS that leaves no trace on the computer of its presence, Heads is intended for the case where you need to store data and state on the computer. Heads is not just another Linux distribution – it combines the physical hardening of specific hardware platforms and flash security features with custom coreboot firmware and a Linux boot loader in ROM. This moves the root of trust into the write-protected region of the SPI flash and prevents further software modifications to the bootup code (and on platforms that support it, Bootguard can protect against many hardware attacks as well). -
24
Lynis
System/security auditing tool for hardening and securing Linux/Unix
...Beside security related information it will also scan for general system information, installed packages and possible configuration errors. This software aims in assisting automated auditing, hardening, software patch management, vulnerability and malware scanning of Unix/Linux based systems. It can be run without prior installation, so inclusion on read only storage is possible (USB stick, cd/dvd). Lynis assists auditors in performing Basel II, GLBA, HIPAA, PCI DSS and SOx (Sarbanes-Oxley) compliance audits, by automation of control testing. ... -
25
TASC NASA
Tool for Analysis of Surface Cracks (TASC)
...The only required inputs are the surface crack dimensions (2c and a), plate cross-section dimensions (W and B), and linear plus power law material properties of elastic modulus, yield strength, and strain hardening coefficient. With the geometry and material parameters entered, TASC interpolates to the appropriate J(φ) vs. crack mouth opening displacement (CMOD) and far-field tension stress, σ, vs. CMOD solution, providing the full solution as CMOD ranges from zero out to the CMOD limit of the solution space for the given input parameters.
