3rd-party guides
- HotCakeX/Harden-Windows-Security - Harden Windows Safely, Securely using Official Supported Microsoft methods and proper explanation | Always up-to-date and works with the latest build of Windows | Provides tools and Guides for Personal, Enterprise, Government and Military security levels | Read The Rationale
- Bypass007/Safety-Project-Collection - 收集一些比较优秀的开源安全项目,以帮助甲方安全从业人员构建企业安全能力
- unassassinable/PAW - Privileged Access Workstation
- PaulSec/awesome-windows-domain-hardening - A curated list of awesome Security Hardening techniques for Windows - 2020停更
- ernw/hardening - Repository of Hardening Guides
- trimstray/the-practical-linux-hardening-guide - This guide details the planning and the tools involved in creating a secure Linux production systems - WIP
- decalage2/awesome-security-hardening - A collection of awesome security hardening guides, tools and other resources
- trimstray/linux-hardening-checklist - Simple checklist to help you deploying the most important areas of the GNU/Linux production systems - WIP
- Group Policy Administrative Templates Catalog - 组策略对应的注册表配置,不仅仅是微软的
- fabacab/awesome-cybersecurity-blueteam - A curated collection of awesome resources, tools, and other shiny things for cybersecurity blue teams
- Linux Hardening Guide
Windows
- DeEpinGh0st/WindowsBaselineAssistant - Windows安全基线核查加固助手 - 代码质量很差,估计很快会停止更新
- Microsoft/AttackSurfaceAnalyzer - help you analyze your operating system's security configuration for changes during software installation - 对比安装软件前后的系统状态,如COM组件;然后检查这些组件是否有提权等问题
- Microsoft/AaronLocker - Robust and practical application whitelisting for Windows
- A-mIn3/WINspect - Powershell-based Windows Security Auditing Toolbox
- securitywithoutborders/hardentools - a utility that disables a number of risky Windows features
- zodiacon/DriverMon - Monitor activity of any driver
- ubeeri/Invoke-PWAudit - A PowerShell tool which provides an easy way to check for shared passwords between Windows Active Directory accounts
- gist: reclaimWindows10.ps1 - This Windows 10 Setup Script turns off a bunch of unnecessary Windows 10 telemetery, bloatware, & privacy things
- miriamxyra/EventList - the Baseline Event Analyzer
- gist: mackwage/windows_hardening.cmd - Script to perform some hardening of Windows OS
- arekfurt/WinAWL - sample policies and some assorted notes related to some research into various capabilities of Windows Defender Application Control and AppLocker
- NVISO-BE/posh-dsc-windows-hardening - Windows OS Hardening with PowerShell DSC
- glinares/CSCGuard - Protects and logs suspicious and malicious usage of .NET CSC.exe and Runtime C# Compilation - 把csc.exe改名,然后用这个exe替换掉,这样就能拿到csc参数并阻断,没卵用
- AlphaDelta/Secure-Desktop - Anti-keylogger/anti-rat application for Windows - 原理是Desktop隔离,Windows登陆界面也是这个机制
Linux
- shufflecake - a plausible deniability (hidden storage) layer for Linux - 在硬盘层隐藏文件
- trimstray/otseca - Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats
- a13xp0p0v/kconfig-hardened-check - A script for checking the hardening options in the Linux kernel config
- CISOfy/lynis - Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems
- dev-sec/ansible-os-hardening - This Ansible role provides numerous security-related configurations, providing all-round base protection
- uber/pam-ussh - uber's ssh certificate pam module
- yandex/gixy - Nginx configuration static analyzer
- herecura.au: Kconfig hardening tests - 实际生产环境不可能用的
- konstruktoid/hardening - Hardening Ubuntu. Systemd edition
MacOS
- drduh/macOS-Security-and-Privacy-Guide - Guide to securing and improving privacy on macOS
- SAP/macOS-enterprise-privileges - For Mac users in an Enterprise environment this app ensures secure environment and yet gives the User control over administration of their machine by elevating their level of access to Administrator privilege on macOS X - 管理员权限切换工具,很有用
Deception
- bhdresh/Dejavu - DejaVU - Open Source Deception Framework
- samratashok/Deploy-Deception - A PowerShell module to deploy active directory decoy objects
Uncategorized
- spiffe/spire - SPIRE (the SPIFFE Runtime Environment) is a toolchain of APIs for establishing trust between software systems across a wide variety of hosting platforms
- CboeSecurity/password_pwncheck - Kerberos / Windows AD / Linux PAM password change check against breached lists (HIBP), and other rules - 多个操作系统的密码模块,防止使用已经暴露的密码