We have collection of more than 1 Million open source products ranging from Enterprise product to small libraries in all platforms. We aggregate information from all open source repositories. Search and find the best for your needs. Check out projects section.
stig-cli - A CLI for perusing DISA STIG content Mac, Linux, and Windows Compatible
- 38
This command line utility is intended to help technical folks more easily read through DISA STIG content. Every single solution that currently exists requires folks to use a UI such as the Java based STIG viewer from DISA or stigviewer.com which updates very slowly, neither are open source AFAIK. This CLI is simple, and while it's built with nodejs it DOES NOT require you to have nodejs on your system nor will it conflict with an pre-exisiting nodejs installed on your system. Unless you install directly with npm -g the bundle you install from will contain a prebuilt node binary which will be used to invoke the CLI (invisible to you, the end user).
https://github.com/defionscode/stig-cli| Tags | security hardening security-automation security-tools security-hardening stig oclif |
| Implementation | Javascript |
| License | GPL |
| Platform | NodeJS |
Related Projects
prowler - AWS Security Best Practices Assessment, Auditing, Hardening and Forensics Readiness Tool
For a comprehensive list and resolution look at the guide on the link above. This script has been written in bash using AWS-CLI and it works in Linux and OSX.
security security-tools security-audit security-hardening cloudtrail hardening aws-cli aws cis-benchmark prowler assessment aws-auditing compliancelynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems
Do you like this software? Star the project and become a stargazer. Lynis - Security auditing and hardening tool, for UNIX-based systems.
shell pci-dss compliance security-audit security-hardening security-scanner security-vulnerability hipaa unix vulnerability-detection vulnerability-scanners vulnerability-assessment devops devops-tools system-hardening hardening auditing gdpr security-toolsvuls - Vulnerability scanner for Linux/FreeBSD, agentless, written in Go
For a system administrator, having to perform security vulnerability analysis and software update on a daily basis can be a burden. To avoid downtime in production environment, it is common for system administrator to choose not to use the automatic update option provided by package manager and to perform update manually. This leads to the following problems. Vuls is a tool created to solve the problems listed above. It has the following characteristics.
vuls vulnerability-scanners freebsd vulnerability-detection security security-tools cybersecurity security-vulnerability security-scanner security-hardening security-automation security-audit vulnerability-assessment vulnerability-management vulnerability-scannerscap-security-guide - Baseline compliance content in SCAP formats
The purpose of this project is to create security policy content for various platforms -- Red Hat Enterprise Linux, Fedora, Ubuntu, Debian, and others. Our aim is to make it as easy as possible to write new and maintain existing security content in all the commonly used formats. "SCAP content" refers to documents in the XCCDF, OVAL and Source DataStream formats. These documents can be presented in different forms and by different organizations to meet their security automation and technical implementation needs. For general use we recommend Source DataStreams because they contain all the data you need to evaluate and put machines into compliance. The datastreams are part of our release ZIP archives.
security compliance scap xccdf oval cpe cce usgcb pci-dss ospp stigawesome-windows-domain-hardening - A curated list of awesome Security Hardening techniques for Windows
A curated list of awesome Security Hardening techniques for Windows. This document summarizes the information related to Pyrotek and Harmj0y's DerbyCon talk called "111 Attacking EvilCorp Anatomy of a Corporate Hack". Video and slides are available below.
hardening securityquick-secure - Quickly secure UNIX/Linux systems
Quick NIX Secure Script is used to harden and secure basic permissions and ownership on the fly. This script can be used during boot up, cron, bootstrapping, kickstart, jumpstart and during other system deployments. I recommend using CM tools like Puppet or Ansible, but this is still nice. Many times in (prod)uction world prior admins harden without automation or towards an industry baseline. This is to help get to a point of standardization and quickly set or reset basic system security.
security security-hardening docker docker-securityhardening - DevSec Examples
The Hardening Framework combines DevOps with Security. It implements hardening for Puppet, Chef and Ansible. One of the main goals for the Hardening Framework it to provide security as a plug-in mechanism. All modules are implemented as overlay modules and work in conjunction with the corresponding open source module like apache or nginx. This enables you to drop in hardening for your staging and production environments and reuse existing developments.
hardening - Hardening Ubuntu. Systemd edition.
A quick way to make a Ubuntu server a bit more secure. Tested on 17.10 Artful Aardvark, 18.04 Bionic Beaver and 18.10 Cosmic Cuttlefish (under development).
ubuntu ubuntu-server shell hardening security security-hardening systemdrails-security-checklist - :key: Community-driven Rails Security Checklist (see our GitHub Issues for the newest checks that aren't yet in the README)
This checklist is limited to Rails security precautions and there are many other aspects of running a Rails app that need to be secured (e.g. up-to-date operating system and other software) that this does not cover. Consult a security expert. One aim for this document is to turn it into a community resource much like the Ruby Style Guide.
checklist rails-security rails rails-security-checklist ruby-on-rails security-audit security-hardening securitychef-os-hardening - This chef cookbook provides numerous security-related configurations, providing all-round base protection
This cookbook provides numerous security-related configurations, providing all-round base protection. In the current implementation different components are located in the different recipes. See the available recipes or default.rb for possible component names.
hardening devops security chef chef-cookbookstronghold - Easily configure macOS security settings from the terminal.
stronghold is the easiest way to securely configure your Mac. Designed for MacOS Sierra and High Sierra. Previously fortify.
macos-setup security osx security-hardening hardening command-line-tool command-linerattlesnakeos-stack - Build your own privacy and security focused Android OS in the cloud on a continuous basis with OTA updates
RattlesnakeOS is a privacy and security focused Android OS for Google Pixel phones. RattlesnakeOS was created initially as an alternative to CopperheadOS, a security hardened Android OS created by Daniel Micay, after it stopped being properly maintained back in June 2018. To be clear, this project is not attempting to add or recreate any of the security hardening features that were present in CopperheadOS. Instead, it is looking to fill a gap now that CopperheadOS is no longer available in its previous form, as there are no real alternatives that provide the same level of privacy and security.
android aws aws-lambda ec2 ota-update terraform security privacy aosp verified-boot f-droid chromiumuser.js - user.js -- Firefox configuration hardening
A user.js configuration file for Mozilla Firefox designed to harden browser settings and make it more secure. Do note that these settings alter your browser behaviour quite a bit, so it is recommended to either create a completely new profile for Firefox or backup your existing profile directory before putting the user.js file in place.
mozilla-firefox privacy firefox security security-hardening mozillaansible-os-hardening - This Ansible role provides numerous security-related configurations, providing all-round base protection
This role provides numerous security-related configurations, providing all-round base protection. It is intended to be compliant with the DevSec Linux Baseline. If you're using inspec to test your machines after applying this role, please make sure to add the connecting user to the os_ignore_users-variable. Otherwise inspec will fail. For more information, see issue #124.
ansible sysctl protection hardening role playbookWazuh - Host and endpoint security
Wazuh helps you to gain deeper security visibility into your infrastructure by monitoring hosts at an operating system and application level. This solution, based on lightweight multi-platform agents, provides the capabilities like Log management and analysis, File integrity monitoring, Intrusion and anomaly detection, Policy and compliance monitoring.
ossec security loganalyzer compliance monitoring intrusion-detection policy-monitoring openscap security-hardening ids pci-dss file-integrity-management log-analysis vulnerability-detection incident-response threat-detectionNetwork Security Toolkit (NST)
Network Security Toolkit (NST) is a bootable ISO image (Live DVD) based on Fedora 18 providing easy access to best-of-breed Open Source Network Security Applications and should run on most x86/x86_64 platforms. The main intent of developing this toolkit was to provide the network security administrator with a comprehensive set of Open Source Network Security Tools. The majority of tools published in the article: Top 125 Security Tools by INSECURE.ORG are available in the toolkit. An advanc
CopperheadOS - A security and privacy focused mobile operating system compatible with Android apps
CopperheadOS is a security and privacy focused mobile operating system compatible with Android apps. It provides Protection from zero-days, Hardened C standard library and compiler toolchain, Hardened kernel, Stronger sandboxing and isolation for apps & services, Firewall & network hardening and lot more.
mobile-operating-system secure-os securityxss-listener - 🕷️ XSS Listener is a penetration tool for easy to steal data with various XSS.
From now on, you do not need XSS listeners! XSS listener records the data you have stolen on the remote site in the database, and gives instant notification with telegram / slack.
xss xss-attacks security-hardening security-tools xss-harvest xss-harvesterDumpsterFire - "Security Incidents In A Box!" A modular, menu-driven, cross-platform tool for building customized, time-delayed, distributed security events
The DumpsterFire Toolset is a modular, menu-driven, cross-platform tool for building repeatable, time-delayed, distributed security events. Easily create custom event chains for Blue Team drills and sensor / alert mapping. Red Teams can create decoy incidents, distractions, and lures to support and scale their operations. Turn paper tabletop exercises into controlled "live fire" range events. Build event sequences ("narratives") to simulate realistic scenarios and generate corresponding network and filesystem artifacts. The toolset is designed to be dynamically extensible, allowing you to create your own Fires (event modules) to add to the included collection of toolset Fires. Just write your own Fire module and drop it into the FireModules directory. The DumpsterFire toolset will auto-detect your custom Fires at startup and make them available for use.
pentesting hacking hacking-tool pentest-tool automation security security-tools infosec pentest red-team blue-team red-teams blue-teams pentest-tools hacking-toolsvulnreport - Open-source pentesting management and automation platform by Salesforce Product Security
Vulnreport is a platform for managing penetration tests and generating well-formatted, actionable findings reports without the normal overhead that takes up security engineer's time. The platform is built to support automation at every stage of the process and allow customization for whatever other systems you use as part of your pentesting process. Vulnreport was built by the Salesforce Product Security team as a way to get rid of the time we spent writing, formatting, and proofing reports for penetration tests. Our goal was and continues to be to build great security tools that let pentesters and security engineers focus on finding and fixing vulns.
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.
