HardeningKitty and Windows Hardening Settings
Enterprise-Grade Security & Privacy Hardening Tool for Windows 11 25H2
Laravel Secure Baseline provides a fast, non-destructive scan to detect security misconfigurations in Laravel 10/11: env vars, session/cookie flags (Secure/HttpOnly/SameSite), permissive CORS, headers (HSTS, XFO, XCTO, Referrer-Policy, CSP suggestion), exposed debug routes, and version age. Runs locally/CI with ✅/
DevSec Nginx Baseline - InSpec Profile (CIS Benchmark Controls Added)
Windows-Server-Homelab zur Härtung von Active Directory: Security Policies per GPMC/ADAC – starke Kennwortrichtlinien, Kontosperrung, User Rights Assignment und Fine-Grained Password Policies (FGPP). Inklusive kurzer Tests, Validierung mit gpresult/RSOP und klarer, reproduzierbarer Dokumentation.
This Powershell Script compares your local Security Policies to the Microsoft Security Baseline.
Public, audit-ready security baseline with hardware root of trust, signed evidence, and CI-validated controls.
Website for HardenLab
Active Directory multi-domain lab with PowerShell automation, OUs, GPOs, and DHCP/DNS configuration.
Practical AWS Security best practices checklist covering IAM, Data Protection, Logging, Network Security, and Threat Detection.
Hardened AWS Terraform baseline: IAM least-privilege, S3 SSE-KMS, CloudTrail, security groups, KMS rotation. With tfsec + checkov CI.
12 AWS security controls every seed-stage startup should turn on this afternoon, and the 80 CIS controls you can skip until Series A. Opinionated Terraform module by MatrixGard.
This repository is focused on collecting, organizing, and maintaining security hardening guidelines, practices, and references for various environments. The objective is to provide a centralized knowledge base to improve system security, reduce attack surfaces, and follow best practices for cybersecurity.
🚀 Production-ready AWS account security baseline with Terraform. CloudTrail, IAM Identity Center, Budgets & security policies. 100% Free Tier ($0 cost).
CIS Benchmark-aligned Microsoft 365 security hardening: Conditional Access, MFA, DLP, Defender, Intune. Includes PowerShell audit scripts.
Microsoft 365 security hardening baseline. Practical controls for Exchange Online, SharePoint, OneDrive, Teams, and Entra ID.
Hands-on IT technician practice lab covering Windows installation, BIOS/UEFI configuration, hardware and OS troubleshooting, malware remediation, system imaging, and documentation.
Harden Windows 10/11 with a single PowerShell script that audits, reviews, and applies 150+ security checks across 11 categories
Safe, read-only PowerShell tools for auditing Windows security posture without changing system configuration.
Add a description, image, and links to the security-baseline topic page so that developers can more easily learn about it.
To associate your repository with the security-baseline topic, visit your repo's landing page and select "manage topics."