awesome-security-hardening
github.com/decalage2/awesome-security-hardening ↗A collection of awesome security hardening guides, tools and other resources
Use this list with your AI agent
Add the Context Awesome MCP server to Claude, Cursor, or any MCP client, then ask:
"Show me active directory resources from awesome-security-hardening"
Installation instructions →What's inside
Windows
- ACSC - Hardening Microsoft Windows 10, version 21H1, Workstations
Hardening Microsoft Windows 10, version 21H1, Workstations
- ACSC - Securing PowerShell in the Enterprise
Securing PowerShell in the Enterprise
- Awesome Windows Domain Hardening
- BSI/ERNW - Configuration Recommendations for Hardening of Windows 10 Using Built-in Functionalities
focused on Windows 10 LTSC 2019
- Endpoint Isolation with the Windows Firewall
- ERNW - IPv6 Hardening Guide for Windows Servers
IPv6 Hardening Guide for Windows Servers
Services
- "Admin Free" Active Directory and Windows, Part 1- Understanding Privileged Groups in ADActive Directory
- "Admin Free" Active Directory and Windows, Part 2- Protected Accounts and Groups in Active DirectoryActive Directory
- adsecurity.org - Securing Microsoft Active Directory Federation Server (ADFS)ADFS
Securing Microsoft Active Directory Federation Server (ADFS)
- ANSSI CERT-FR - Active Directory Security Assessment ChecklistActive Directory
2022 (English and French versions)
- ANSSI - (Open)SSH secure use recommendationsSSH
(Open)SSH secure use recommendations
- ANSSI - Security Recommendations for TLSTLS/SSL
2017, does not cover TLS 1.3
Other Awesome Security Lists
- Android Security Awesome
A collection of android security related resources.
- Awesome Container Security
A curated list of awesome resources related to container building and runtime security
- Awesome Crypto Papers
A curated list of cryptography papers, articles, tutorials and howtos.
- Awesome CTF
A curated list of CTF frameworks, libraries, resources and software.
- Awesome Cyber Skills
A curated list of hacking environments where you can train your cyber skills legally and safely.
- Awesome Hacking
A curated list of awesome Hacking tutorials, tools and resources.
GNU/Linux
- ANSSI - Configuration recommendations of a GNU/Linux system
version 2.0, 2022
- CIRCL TR-83 - Linux Boot Hardening HOWTO
How to secure the boot sequence of your Linux based distribution (2024)
- CIS Benchmark for Distribution Independent Linux
2019, archived
- CIS Benchmark for Red Hat LinuxRed Hat Enterprise Linux - RHEL
- DISA STIGs - Red Hat Enterprise Linux 7Red Hat Enterprise Linux - RHEL
Red Hat Enterprise Linux 7
- ERNW - IPv6 Hardening Guide for Linux Servers
IPv6 Hardening Guide for Linux Servers
Hardening Guide Collections
- ANSSI Guides
- Australian Cyber Security Center Publications
- CIS Benchmarks
- FIRST Best Practice Guide Library (BPGL)
- Harden the World
a collection of hardening guidelines for devices, applications and OSs (mostly Apple for now).
- NSA Cybersecurity Advisories & Guidance
Hardware - CPU - BIOS - UEFI
- ANSSI - Hardware security requirements for x86 platforms
recommendations for security features and configuration options applying to hardware devices (CPU, BIOS, UEFI, etc) (Nov 2019)
- NSA - Hardware and Firmware Security Guidance
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance.
- NSA Info Sheet: UEFI Lockdown Quick Guidance (March 2018)
- NSA Tech Report: UEFI Defensive Practices Guidance (July 2017)
Virtualization - VMware
- ANSSI - Recommandations de sécurité pour les architectures basées sur VMware vSphere ESXi
for VMware 5.5 (2016), in French
- ANSSI - Securing a VMware infrastructure
Securing a VMware infrastructure
- CIS VMware ESXi 6.5 Benchmark
- DISA STIGs - Virtualisation
VMware vSphere 6.0 and 5
- ENISA - Security aspects of virtualization
generic, high-level best practices for virtualization and containers (Feb 2017)
- NIST SP 800-125A Revision 1 - Security Recommendations for Server-based Hypervisor Platforms
Security Recommendations for Server-based Hypervisor Platforms
Containers - Docker - Kubernetes
- ANSSI - Recommandations de sécurité relatives au déploiement de conteneurs Docker
Recommandations de sécurité relatives au déploiement de conteneurs Docker
- A Practical Introduction to Container Security
- CIS Docker Benchmarks
registration required
- How To Harden Your Docker Containers
- Kubernetes blog - A Closer Look at NSA/CISA Kubernetes Hardening Guidance
A Closer Look at NSA/CISA Kubernetes Hardening Guidance
- Kubernetes Multi-tenancy
Showing a sample of 201 resources. View the full list on GitHub →