Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud environment.

Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

An evolving how-to guide for securing a Linux server.

Community guide to using YubiKey for GnuPG and SSH - protect secrets with hardware crypto.

This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

Security automation content in SCAP, Bash, Ansible, and other formats

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

🛡️ Open-source and next-generation Web Application Firewall (WAF)

Terraform module to set up your AWS account with the secure baseline configuration based on CIS Amazon Web Services Foundations and AWS Foundational Security Best Practices.

Hardening Ubuntu. Systemd edition.

HardeningKitty and Windows Hardening Settings

A curated list of awesome Security Hardening techniques for Windows.

Easily configure macOS security settings from the terminal.

Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.

Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark

HardeningKitty - Checks and hardens your Windows configuration

This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.

DevSec Linux Baseline - InSpec Profile

This repository is a collection of resources to prepare for the Certified Kubernetes Security Specialist (CKSS) exam.

🔥 A powerful MongoDB auditing and pentesting tool 🔥