Ansible Collection - devsec.hardening Logo

Ansible Collection - devsec.hardening

0
Free
Visit Website

This collection provides battle tested hardening for: * Linux operating systems: CentOS 7/8/9, Rocky Linux 8/9, Debian 10/11/12, Ubuntu 18.04/20.04/22.04, Amazon Linux (some roles supported), Arch Linux (some roles supported), Fedora 37/38, Suse Tumbleweed (some roles supported) * MySQL MariaDB >= 5.5.65, >= 10.1.45, >= 10.3.17 * MySQL >= 5.7.31, >= 8.0.3 * Nginx 1.0.16 or later * OpenSSH 5.3 and later The hardening is intended to be compliant with the Inspec DevSec Baselines: https://github.com/dev-sec/linux-baseline https://github.com/dev-sec/mysql-baseline https://github.com/dev-sec/nginx-baseline https://github.com/dev-sec/ssh-baseline Looking for the old roles? The roles are now part of the hardening-collection. We have kept the old releases of the os-hardening role in this repository, so you can find the them by exploring older tags. The last release of the standalone role was 6.2.0. The other roles are in separate archives repositories: apache_hardening, mysql_hardening, nginx_hardening, ssh_hardening, windows_hardening Minimum required Ansible-version: Ansible >= 2.9.10 Included content: os_hardening, mysql_hardening, nginx_ha

FEATURES

ALTERNATIVES

A tool that checks for hijackable packages in NPM and Python Pypi registries

A tool to run YARA rules against node_module folders to identify suspicious scripts

Simple script to check a domain's email protections and identify vulnerabilities.

Deliberately vulnerable web application for security professionals to practice attack techniques.

A tool for validating and repairing Yara rules

Advanced email reconnaissance tool leveraging public data.

The CVE Program catalogs publicly disclosed cybersecurity vulnerabilities.

A demonstration site for the Acunetix Web Vulnerability Scanner, featuring intentionally vulnerable PHP code to test web application security.

PINNED