Alternatives and similar repositories for hardening

Users that are interested in hardening are comparing it to the libraries listed below

• konstruktoid / ansible-role-hardening

  View on GitHub
  Ansible role to apply a security baseline. Systemd edition.
  ☆613Updated this week
• CISOfy / lynis

  View on GitHub
  Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and sys…
  ☆15,236Jan 28, 2026Updated 2 weeks ago
• dev-sec / ansible-collection-hardening

  View on GitHub
  This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL
  ☆5,211Feb 3, 2026Updated last week
• trimstray / the-practical-linux-hardening-guide

  View on GitHub
  This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).
  ☆10,468Nov 19, 2024Updated last year
• konstruktoid / hardened-images

  View on GitHub
  Packer templates to create hardened Ubuntu server images.
  ☆82Feb 9, 2026Updated last week
• Jsitech / JShielder

  View on GitHub
  Hardening Script for Linux Servers/ Secure LAMP-LEMP Deployer/ CIS Benchmark
  ☆787Oct 2, 2023Updated 2 years ago
• decalage2 / awesome-security-hardening

  View on GitHub
  A collection of awesome security hardening guides, tools and other resources
  ☆6,113Jan 20, 2026Updated 3 weeks ago
• ComplianceAsCode / content

  View on GitHub
  Security automation content in SCAP, Bash, Ansible, and other formats
  ☆2,653Updated this week
• hardentools / hardentools

  View on GitHub
  Hardentools simply reduces the attack surface on Microsoft Windows computers by disabling low-hanging fruit risky features.
  ☆3,074Aug 10, 2025Updated 6 months ago
• dev-sec / linux-baseline

  View on GitHub
  DevSec Linux Baseline - InSpec Profile
  ☆861Oct 29, 2025Updated 3 months ago
• future-architect / vuls

  View on GitHub
  Agent-less vulnerability scanner for Linux, FreeBSD, Container, WordPress, Programming language libraries, Network devices
  ☆12,044Updated this week
• alegrey91 / systemd-service-hardening

  View on GitHub
  Basic guide to harden systemd services
  ☆261May 18, 2020Updated 5 years ago
• ovh / debian-cis

  View on GitHub
  PCI-DSS compliant Debian 11/12 hardening
  ☆987Updated this week
• PaulSec / awesome-windows-domain-hardening

  View on GitHub
  A curated list of awesome Security Hardening techniques for Windows.
  ☆1,790Jan 7, 2020Updated 6 years ago
• a13xp0p0v / kernel-hardening-checker

  View on GitHub
  A tool for checking the security hardening options of the Linux kernel
  ☆2,041Dec 27, 2025Updated last month
• trimstray / linux-hardening-checklist

  View on GitHub
  Simple checklist to help you deploying the most important areas of the GNU/Linux production systems - work in progress.
  ☆1,614Nov 19, 2024Updated last year
• imthenachoman / How-To-Secure-A-Linux-Server

  View on GitHub
  An evolving how-to guide for securing a Linux server.
  ☆24,554Oct 19, 2024Updated last year
• clong / DetectionLab

  View on GitHub
  Automate the creation of a lab environment complete with security tooling and logging best practices
  ☆4,900Jul 6, 2024Updated last year
• prowler-cloud / prowler

  View on GitHub
  Prowler is the world’s most widely used open-source cloud security platform that automates security and compliance across any cloud envir…
  ☆12,983Updated this week
• infobyte / faraday

  View on GitHub
  Open Source Vulnerability Management Platform
  ☆6,255Jan 26, 2026Updated 3 weeks ago
• florianutz / Ubuntu1804-CIS

  View on GitHub
  Ubuntu CIS Hardening Ansible Role
  ☆217Jan 10, 2026Updated last month
• wazuh / wazuh

  View on GitHub
  Wazuh - The Open Source Security Platform. Unified XDR and SIEM protection for endpoints and cloud workloads.
  ☆14,722Updated this week
• docker / docker-bench-security

  View on GitHub
  The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in productio…
  ☆9,596Oct 21, 2024Updated last year
• ivre / ivre

  View on GitHub
  Network recon framework. Build your own, self-hosted and fully-controlled alternatives to Shodan / ZoomEye / Censys and GreyNoise, run yo…
  ☆3,943Jan 27, 2026Updated 2 weeks ago
• OpenSCAP / openscap

  View on GitHub
  NIST Certified SCAP 1.2 toolkit
  ☆1,663Feb 2, 2026Updated 2 weeks ago
• DenizParlak / Zeus

  View on GitHub
  AWS Auditing & Hardening Tool
  ☆713Feb 4, 2020Updated 6 years ago
• 0x6d69636b / windows_hardening

  View on GitHub
  HardeningKitty and Windows Hardening Settings
  ☆2,589Jan 24, 2026Updated 3 weeks ago
• jtesta / ssh-audit

  View on GitHub
  SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)
  ☆4,098Sep 1, 2025Updated 5 months ago
• evilsocket / opensnitch

  View on GitHub
  OpenSnitch is a GNU/Linux interactive application firewall inspired by Little Snitch.
  ☆12,875Updated this week
• toniblyx / my-arsenal-of-aws-security-tools

  View on GitHub
  List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.
  ☆9,401Oct 16, 2025Updated 4 months ago
• bluscreenofjeff / Red-Team-Infrastructure-Wiki

  View on GitHub
  Wiki to collect Red Team infrastructure hardening resources
  ☆4,440Oct 1, 2025Updated 4 months ago
• alivx / CIS-Ubuntu-20.04-Ansible

  View on GitHub
  Ansible Role to Automate CIS v1.1.0 Ubuntu Linux 18.04 LTS, 20.04 LTS Remediation
  ☆258Sep 23, 2025Updated 4 months ago
• trimstray / iptables-essentials

  View on GitHub
  Iptables Essentials: Common Firewall Rules and Commands.
  ☆1,573Nov 19, 2024Updated last year
• elceef / dnstwist

  View on GitHub
  Domain name permutation engine for detecting homograph phishing attacks, typo squatting, and brand impersonation
  ☆5,583Apr 15, 2025Updated 10 months ago
• sbilly / awesome-security

  View on GitHub
  A collection of awesome software, libraries, documents, books, resources and cools stuffs about security.
  ☆13,976Jan 11, 2026Updated last month
• j3ssie / osmedeus

  View on GitHub
  A Modern Orchestration Engine for Security
  ☆6,096Feb 10, 2026Updated last week
• shieldfy / AVWA

  View on GitHub
  Advanced Vulnerable Web Application (AVWA)
  ☆14Jun 10, 2017Updated 8 years ago
• dev-sec / ssh-baseline

  View on GitHub
  DevSec SSH Baseline - InSpec Profile
  ☆294Aug 21, 2024Updated last year
• trimstray / sandmap

  View on GitHub
  Nmap on steroids. Simple CLI with the ability to run pure Nmap engine, 31 modules with 459 scan profiles.
  ☆1,818Nov 19, 2024Updated last year