HardeningKitty and Windows Hardening Settings
Enterprise-Grade Security & Privacy Hardening Tool for Windows 11 25H2
Laravel Secure Baseline provides a fast, non-destructive scan to detect security misconfigurations in Laravel 10/11: env vars, session/cookie flags (Secure/HttpOnly/SameSite), permissive CORS, headers (HSTS, XFO, XCTO, Referrer-Policy, CSP suggestion), exposed debug routes, and version age. Runs locally/CI with ✅/
DevSec Nginx Baseline - InSpec Profile (CIS Benchmark Controls Added)
Windows-Server-Homelab zur Härtung von Active Directory: Security Policies per GPMC/ADAC – starke Kennwortrichtlinien, Kontosperrung, User Rights Assignment und Fine-Grained Password Policies (FGPP). Inklusive kurzer Tests, Validierung mit gpresult/RSOP und klarer, reproduzierbarer Dokumentation.
This Powershell Script compares your local Security Policies to the Microsoft Security Baseline.
Public, audit-ready security baseline with hardware root of trust, signed evidence, and CI-validated controls.
Hardened AWS Terraform baseline: IAM least-privilege, S3 SSE-KMS, CloudTrail, security groups, KMS rotation. With tfsec + checkov CI.
Active Directory multi-domain lab with PowerShell automation, OUs, GPOs, and DHCP/DNS configuration.
Website for HardenLab
Practical AWS Security best practices checklist covering IAM, Data Protection, Logging, Network Security, and Threat Detection.
This repository is focused on collecting, organizing, and maintaining security hardening guidelines, practices, and references for various environments. The objective is to provide a centralized knowledge base to improve system security, reduce attack surfaces, and follow best practices for cybersecurity.
12 AWS security controls every seed-stage startup should turn on this afternoon, and the 80 CIS controls you can skip until Series A. Opinionated Terraform module by MatrixGard.
🚀 Production-ready AWS account security baseline with Terraform. CloudTrail, IAM Identity Center, Budgets & security policies. 100% Free Tier ($0 cost).
CIS Benchmark-aligned Microsoft 365 security hardening: Conditional Access, MFA, DLP, Defender, Intune. Includes PowerShell audit scripts.
Microsoft 365 security hardening baseline. Practical controls for Exchange Online, SharePoint, OneDrive, Teams, and Entra ID.
Safe, read-only PowerShell tools for auditing Windows security posture without changing system configuration.
IntuneCanvas — Paint the Full Picture of Your Intune Environment
Automated security baseline compliance checking against CIS, NIST, DISA, PCI-DSS
Add a description, image, and links to the security-baseline topic page so that developers can more easily learn about it.
To associate your repository with the security-baseline topic, visit your repo's landing page and select "manage topics."