hardenedlinux/Debian-GNU-Linux-Profiles hardenedlinux/Debian-GNU-Linux-Profiles

  • Stars
    star
    230
  • Rank 174,115 (Top 4 %)
  • Language
    Shell
  • License
    Other
  • Created over 8 years ago
  • Updated over 2 years ago
Twitter logo Share LinkedIn logo Share Facebook logo Share
hardenedlinux/Debian-GNU-Linux-Profiles
github

hardenedlinux

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Debian GNU/Linux based Services Profiles

Debian-GNU-Linux-Profiles

Done

DNS

Basic bind9 configuration for lan
Domain based routing on openwrt

HA

Using UPS with NUT

Harbian QA

Benchmarking PaX/Grsecurity kernel on Debian GNU/Linux
Syzkaller crash DEMO
Kernel QA with syzkaller and qemu

Hardened boot

Ways to build your own trustchain for secureboot
Debian Hardened boot
Grub for Coreboot
Grub for Secure boot
Preparation for Secure Boot on Key Management Server
Set Up Unrestricted Secure Boot On supporting machine

IDS

Deploy Bro as an IDS

IPSEC

Building IPSEC VPN via strongswan

Security Operation Center

Using Logstash/Elasticsearch/Grafana to build a small SOC(Security Operation Center) from scratch
SOC Overview
ELK with Bro-based Application Layer Packet Classifier
Threat intelligence--IntelOwl project deploy on Debian 10

Storage

Manually deploy ceph cluster step by step

SSH and Cluster

Powerful ssh(1) options you don't know
Ways to authenticate yourself to a remote virtual machine host
Recommended way to use ssh(1) for cluster management

TLS

TLS Mutual Authentication in Webdav
TLS Mutual Authentication in Gitlab
OpenConnect Server For Anyconnect Compatible Service

MAC/RBAC

Grsecurity RBAC system with nginx practice
Grsecurity RBAC system with ceph
Separating the three powers with grsecurity RBAC system

NGINX Hardening

Pretty config for nginx

Unclassified

Small-scale Enterprise KVM Deployments With Kimchi
The recommended configs of host computers and management console running Debian GNU/Linux within clusters

Todo-list

DRBD in HA
LVM Best Practice
Soft Raid in Debian
Gitlab Hardening
Exploring the Cross-platform File Sharing Service
Nginx Tuning in Debian
Apache Tuning in Debian
Puppet on the Run
Large-scale Enterprise KVM Deployments in Debian
Binary Dispatch in Automated Operations
Automated Operations in Debian
Iptables in Practice
Apparmor Best Practice

More Repositories

1

linux-exploit-development-tutorial

a series tutorial for linux exploit development to newbie.
C
546
star
2

grsecurity-101-tutorials

C
340
star
3

harbian-audit

Hardened Debian GNU/Linux distro auditing
Shell
331
star
4

cheap-pcb

Cheap PCB: Better understanding the current status of hardware supply chain
167
star
5

firmware-anatomy

Tear the firmware apart with your bare hands;-)
Assembly
162
star
6

STIG-4-Debian

Security Technical Implementation Guide for Debian
Shell
142
star
7

offensive_poc

Writing PoC for fun and educate people take security seriously;-)
C
139
star
8

harbian-qa

Bug hunting through fuzzer/*-sanitizer/etc...
Roff
127
star
9

embedded-iot_profile

embedded-iot_profile
86
star
10

hardenedlinux_profiles

It contains hardenedlinux community documentation.
Verilog
58
star
11

hardenedlinux-zeek-scripts

Zeek
38
star
12

armv7-nexus7-grsec

Hardened PoC: PaX for Android
38
star
13

hardenedlinux.github.io

hardenedlinux.org website
HTML
30
star
14

grsecurity-reproducible-build

Some scripts to create a reproducible build for grsecurity
Shell
29
star
15

hardenedlinux_translations

21
star
16

TraditionalMitigation

Traditional Mitigation in GCC to defend Memory Corruption Vulnerability
C
17
star
17

RAP-optimizations

This rap optimizations and hl_cfi have be merged in hardenedlinux/linux-unofficial_grsec
C
16
star
18

coreboot4HiFive1

coreboot for HiFive1
C
12
star
19

security-chain

This is not the cyber you ever expected....did I just say cyyyberrrr....
11
star
20

nixpkgs-hardenedlinux

Nix
10
star
21

zeek2nix

An operator which calls zeek to nix-ecosystem simply.
Nix
9
star
22

Infosec-data-science

8
star
23

platform-resiliency-docs

Infrastructure Platform Resilency Technical Guidleline
8
star
24

HardenedNixOS

Hardened NixOS with feature of Grescurity and aggressive security settings
Nix
8
star
25

Hardenedlinux_design

Hardenedlinux design.
7
star
26

debian-nix-manager

Using nix(DevOps) to deploy Network Security Monitoring System on Debian
Nix
5
star
27

elfix-deb

elfix for Debian package
Shell
5
star
28

debrepo

A Debian repository includes necessary packages for HardenedLinux. Of HardenedLinux, by HardenedLinux, for HardenedLinux.
5
star
29

pax-bites

A small tool provides add/delete/view the binary of PaX flags
Shell
3
star
30

hardened_argus

Hardened Argus
Go
2
star
31

io386

C
2
star
32

tpm_pcrtool

a command line tool to operate PCRs with a TPM
C
2
star
33

hardenedlinux-jupyter-lab

Nix
1
star
34

harbian-pack

Package building system of Harbian.
Shell
1
star
35

STIG-OS-mirror

STIGs Document Library of OS mirror
1
star
36

LLVMIncTrans

A tool change LLVM .inc file to c code that can accommodate for mainly Capstone source.
C++
1
star
37

flake-registry

1
star
38

hardenedlinux-osquery-scripts

hardenedlinux-osquery-script
1
star