Search Results for "hardening"
Sort By:
Showing 37 open source projects for "hardening"
View related business solutions-
$300 in Free Credit for Your Google Cloud ProjectsLaunch your next project with $300 in free Google Cloud credit—no hidden charges. Test, build, and deploy without risk. Use your credit across the Google Cloud platform to find what works best for your needs. After your credits are used, continue building with free monthly usage products. Only pay when you're ready to scale. Sign up in minutes and start exploring.
-
Go from Data Warehouse to Data and AI platform with BigQueryBigQuery is more than a data warehouse—it's an autonomous data-to-AI platform. Use familiar SQL to train ML models, run time-series forecasts, and generate AI-powered insights with native Gemini integration. Built-in agents handle data engineering and data science workflows automatically. Get $300 in free credit, query 1 TB, and store 10 GB free monthly.
-
1
windows_hardening
HardeningKitty and Windows Hardening Settings
This repository, also known as HardeningKitty, is a comprehensive Windows hardening checklist for personal and enterprise environments. It translates security benchmarks (e.g., CIS, Microsoft Security Baselines) into actionable Group Policy and registry recommendations. Though designed primarily for Windows 10, it includes workaround modes such as “HailMary” for Windows Home users lacking the Group Policy Editor. -
2
Self Hosting Guide
Learn all about locally hosting (on premises & private web servers)
...It covers conceptual guidance on why self-hosting can be advantageous (e.g., privacy, control, cost savings) as well as detailed, actionable instructions on setting up popular services such as web servers, media servers, home automation stacks, VPNs, backups, and monitoring tools. Throughout the guide, best practices for hardening, maintenance, and uptime are emphasized, helping users avoid common pitfalls and adopt resilient architectures. Rather than being a single tutorial, it aggregates a wide range of resources, project recommendations, deployment strategies, and platform comparisons to help people make informed decisions about what to self-host and how to do it responsibly. -
3
Prowler
An open source security tool to perform AWS security assessment
Prowler is an Open Source security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening, and forensics readiness. It contains more than 200 controls covering CIS, PCI-DSS, ISO27001, GDPR, HIPAA, FFIEC, SOC2, AWS FTR, ENS and custom security frameworks. Prowler is a command-line tool that helps you with AWS security assessment, auditing, hardening, and incident response. It follows guidelines of the CIS Amazon Web Services Foundations Benchmark (49 checks) and has more than 100 additional checks related to GDPR, HIPAA, PCI-DSS, ISO-27001, FFIEC, SOC2, and others. +200 checks covering security best practices across all AWS regions and most AWS services. ... -
4
System Hardening Benchmark
System Hardening Compliance Auditor
This tool simulates a security compliance audit, checking system configurations against a defined benchmark (e.g., DISA STIG or CIS). -
Easily Host LLMs and Web Apps on Cloud RunRun frontend and backend services, batch jobs, host LLMs, and queue processing workloads without the need to manage infrastructure. Cloud Run gives you on-demand GPU access for hosting LLMs and running real-time AI—with 5-second cold starts and automatic scale-to-zero so you only pay for actual usage. New customers get $300 in free credit to start.
-
5
NGINX Admin’s Handbook
How to improve NGINX performance, security, and other important things
...It distills years of research, notes, and field experience into a single handbook that complements the official docs with concrete rules, explanations, and curated external references. The handbook spans fundamentals and advanced topics alike, from HTTP and SSL/TLS basics to reverse proxy patterns, performance tuning, debugging workflows, and hardening strategies. A centerpiece is its prioritized checklist of 79 rules, grouped by criticality, helping readers focus on what most impacts security, reliability, and speed. Instead of copy-paste snippets in isolation, it emphasizes understanding trade-offs, avoiding common pitfalls, and balancing security with usability. Designed for system administrators and web application engineers, it aims to be a living companion that encourages experimentation, measurement, and continuous improvement of NGINX configurations -
6
WordPress
Just a mirror of the WordPress subversion repository
...Its maturity means a vast ecosystem of third-party integrations—SEO tools, forms, e-commerce, analytics—are available and battle-tested. Internally, WordPress handles routing, query parsing, template resolution, caching, and security hardening so developers can focus on content and user experience rather than infrastructure plumbing. -
7
react2shell-scanner
High Fidelity Detection Mechanism for RSC/Next.js RCE
react2shell-scanner is a security-oriented tool that bridges modern JavaScript (React) applications and shell scripting by auditing web front-ends for exposed interfaces that could be manipulated or controlled through command execution. It scans React codebases, identifies places where user input interacts with shell-executable contexts, and flags risky patterns that might lead to command injection, unvalidated arguments, or unsafe bindings between UI controls and underlying system actions.... -
8
StackRox Kubernetes
Performs a risk analysis of the container environment
The StackRox Kubernetes Security Platform performs a risk analysis of the container environment, delivers visibility and runtime alerts, and provides recommendations to proactively improve security by hardening the environment. StackRox integrates with every stage of the container lifecycle: build, deploy and runtime. The StackRox Kubernetes Security platform is built on the foundation of the product formerly known as Prevent, which itself was called Mitigate and Apollo. You may find references to these previous names in code or documentation. -
9
Open Source API Firewall by Wallarm
Fast and light-weight API proxy firewall for request and response
API Firewall is a high-performance proxy with API request and response validation based on OpenAPI/Swagger schema. It is designed to protect REST API endpoints in cloud-native environments. API Firewall provides API hardening with the use of a positive security model allowing calls that match a predefined API specification for requests and responses, while rejecting everything else. -
Enterprise-grade ITSM, for every businessFreshservice is an intuitive, AI-powered platform that helps IT, operations, and business teams deliver exceptional service without the usual complexity. Automate repetitive tasks, resolve issues faster, and provide seamless support across the organization. From managing incidents and assets to driving smarter decisions, Freshservice makes it easy to stay efficient and scale with confidence.
-
10
GitHub Actions for Firebase
GitHub Action for interacting with Firebase
This Action for firebase-tools enables arbitrary actions with the firebase command-line client. Starting with version v2.1.2 each version release will point to a versioned docker image allowing for hardening our pipeline (so things don't break when I do something dump). On top of this, you can also point to a master version if you would like to test out what might not be deployed into a release yet. If you want to add a message to a deployment (e.g. the Git commit message) you need to take extra care and escape the quotes or the YAML breaks. ... -
11
PrivescCheck
Privilege Escalation Enumeration Script for Windows
...Designed for defenders as much as red-teamers, it helps turn ad-hoc manual checks into repeatable scans that surface systemic mistakes (for example, left-over build scripts or insecure service configs). Because it focuses on discovery rather than exploitation, it’s useful in hardening exercises, audits, and incident response to identify what an intruder might leverage. -
12
Personal Security Checklist
A compiled checklist of 300+ tips for protecting digital security
Personal Security Checklist is a comprehensive, plain-language checklist for improving personal digital security and privacy across devices, accounts, and everyday workflows. It’s organized so that complete beginners can make quick, high-impact changes, while advanced users can dig into deeper hardening steps. The guidance spans topics like passwords, 2FA, device encryption, browser hygiene, network safety, backups, and incident response planning. Each section breaks recommendations into actionable, bite-sized items with brief explanations, helping you understand the “why” as well as the “how.” The repository is continuously refined by a large community, which keeps the content practical, vendor-neutral, and up to date with evolving threats and best practices. ... -
13
verl
Volcano Engine Reinforcement Learning for LLMs
...Data pipelines treat human feedback, simulated environments, and synthetic preferences as interchangeable sources, which helps with rapid experimentation. VERL is meant for both research and production hardening: logging, checkpointing, and evaluation suites are built in so you can track learning dynamics and regressions over time. -
14
Rebuff
LLM Prompt Injection Detector
A self-hardening prompt injection detector. Rebuff is designed to protect AI applications from prompt injection (PI) attacks through a multi-layered defense. Rebuff is still a prototype and cannot provide 100% protection against prompt injection attacks. Add canary tokens to prompts to detect leakages, allowing the framework to store embeddings about the incoming prompt in the vector database and prevent future attacks. -
15
Hardened Slarpx
Experimental hardened Linux based on Xennytsu and Poison engine
...Xennytsu activates if an attacker gains a shell or attempts memory manipulation, detecting such activity within approximately 250 milliseconds and immediately terminating the offending process. Beyond passive hardening, Slarpx focuses on active intervention, sabotage, and destruction of attack paths when necessary. -
16
pic-standard
Local protocol for safe agentic AI. Intent + impact + verifiable
PIC (Provenance & Intent Contracts) serves as an action firewall for agentic AI. Lightweight, it adds machine-verifiable contracts to agent calls and actions and it is particularly efective at shielding the agent from propmpt-injection. Before any high-impact tool call, the agent must submit an Action Proposal (schema + verifier): - explicit intent - impact classification (read / write / money / irreversible / privacy / etc.) - provenance sources with trust levels (untrusted →... -
17
PQS
Petoron Quantum Standard (PQS)
...PQS v1.2 is a minimalistic, self-contained encryption engine for secure file protection, with zero reliance on external cryptographic libraries. PBKDF2-HMAC-SHA256 (200k iterations, adjustable) for password hardening. Key separation via BLAKE2s - independent keys for encryption and MAC. BLAKE2s-MAC authentication - 16-byte tag, any modification = instant rejection. Streaming keystream generator - secure, large-scale XOR without key reuse. Fake padding (HEAD/TAIL) - obfuscates binary boundaries and payload structure. Precise size encoding - restores original payload exactly. ... -
18
Pus
Computer speedup and hardening and debloating script
⭐ About Pus Pus is a tool developed by me. (PusPC) I also created some more tools. Pus is a computer speedup and hardening and debloating script. ⭐ Give it a review Give it a try if you care about your privacy and computer speed. Please give it a review so i can know what to add/fix. ⭐ Github Github link: https://github.com/PusPC/Pus -
19
Ultimate AppLocker Bypass List
The most common techniques to bypass AppLocker
...It is aimed primarily at defenders, incident responders, and security researchers who need a consolidated reference to understand common bypass vectors and to validate detection logic. The repository emphasizes defensive use—helping blue teams craft allow-list policies, create detection rules, and test policy hardening in isolated lab environments—rather than offensive exploitation. -
20
BadBlood
Flls Microsoft Active Directory Domain with a structure
BadBlood is a PowerShell toolkit that programmatically populates a Microsoft Active Directory domain with a realistic, large-scale structure of OUs, users, groups, computers, and permissions so defenders and testers can practice discovery, hardening, and incident response on a lifelike environment. It intentionally randomizes its output on every run so the created domain, objects, and ACL relationships are different each time, which helps teams exercise tooling and detection logic against varied scenarios. The project is driven by a single entry script (Invoke-BadBlood.ps1) and a collection of modular components that create OUs, seed users and groups, set ACLs, configure LAPS scenarios, and generate other attack/defense artifacts for lab use. ... -
21
Windows-Optimize-Harden-Debloat-GUI
C# Based GUI for Windows-Optimize-Harden-Debloat
-
22
𝗢𝗽𝗲𝗿𝗮𝘁𝗶𝘃𝗲 𝘀𝗶𝘀𝘁𝗲𝗺 / 𝘇𝗲𝗿𝗼𝗱𝗮𝘆 𝘀𝗲𝗰𝘂𝗿𝗶𝘁𝘆 _ Contains advanced security within the kernel, denying use of user memory not allowing user identification / This security allows to stop ransomware attacks _ ! Remove memory / wipe user-space and kernel after system shutdown * Browse anonymously without leaving a trace / tor / privoxy > Sign all operating system and boot verification . Integrity Measurement Architecture _ Subsystem is responsible for calculating the hashes of files...
-
23
RADPhE
Rapid Application Development PHP Hosting Environment
A Rapid PHP Application Development Environment designed for webmasters, developers, and hosts to enforce website uniformity, hardening, and light weight enough to function within shared hosting, in the presence of other scripts, and nested within itself. -
24
Miaosha
Design and implementation of flash sale system
...The project demonstrates stock deduction strategies designed to avoid overselling, combining pre-decrement in cache with reliable persistence and message-driven confirmation. Security hardening is addressed with ideas such as dynamic request paths, anti-bot measures, and one-time tokens to reduce automated abuse. The code showcases a typical Spring Boot stack that cleanly separates controllers, services, and persistence, making bottlenecks and optimization points easy to identify. As a study case, it provides a practical blueprint for building resilient sale/booking endpoints where fairness and correctness matter as much as raw throughput. -
25
Node.js chaos monkey
Extremly naughty chaos monkey for Node.js
...It integrates naturally with staging or even carefully guarded production environments where you want confidence instead of assumptions. Findings feed back into reliability work: hardening timeouts, rethinking concurrency limits, and improving fallbacks at code and infrastructure levels. By turning failure into a planned exercise, teams can surface weak spots before customers do.
