15 repos
Awesome GitHub RepositoriesInfrastructure and System Hardening
Procedures and configurations for securing operating systems, cloud environments, and database clusters against unauthorized access.
Explore 15 awesome GitHub repositories matching security & cryptography · Infrastructure and System Hardening. Refine with filters or upvote what's useful.
Awesome Infrastructure and System Hardening GitHub Repositories
We'll search the best matching repositories with AI.
- torvalds/linux
The Linux kernel is a monolithic operating system kernel that serves as the primary interface between computer hardware and software applications. It provides the foundational infrastructure for managing system resources, including memory allocation, process scheduling, and synchronization primitives. The project inclu
Enforces low-level security controls and hardening features to actively prevent memory corruption and unauthorized execution.
C - trimstray/the-book-of-secret-knowledge
This project serves as a centralized, community-driven repository of technical knowledge and administrative resources. It provides a structured taxonomy that aggregates disparate information into a searchable framework, supporting continuous learning and rapid problem-solving for system administrators and cybersecurity
Maintains a structured reference for implementing secure system configurations and conducting vulnerability assessments across diverse environments.
awesomeawesome-listbsd - denoland/deno
Deno is a high-performance runtime for JavaScript and TypeScript that prioritizes security and developer productivity. Built on the V8 engine, it provides a secure execution environment that enforces a default-deny security model, requiring explicit user authorization for access to system resources like the file system
Limits network connectivity to approved hosts and manages secret injection within isolated execution environments.
Rustdenojavascriptrust - bitcoin/bitcoin
This project is a cryptographic consensus engine and distributed ledger client that functions as a peer-to-peer network node. It enables decentralized network participation by allowing users to independently validate transactions and blocks, ensuring data integrity and consensus without reliance on a centralized author
Hardens infrastructure by verifying digital signatures and applying security patches to protect against remote exploitation.
C++bitcoinc-plus-pluscryptocurrency - mermaid-js/mermaid
This project is a client-side rendering engine that transforms declarative, text-based syntax into visual diagrams directly within the browser. By utilizing a domain-specific language, it allows users to define complex structures—such as software architectures, process flows, and system behaviors—without the need for m
Isolates diagram rendering within secure iframes to mitigate risks when displaying user-provided content on public sites.
TypeScriptdiagramsdiagrams-as-codedocumentation - bregman-arie/devops-exercises
This project is a comprehensive educational curriculum designed to build proficiency across modern infrastructure, cloud-native technologies, and systems administration. It functions as a reference library and interview preparation resource, offering a structured collection of conceptual questions, practical coding cha
Enforces best practices for securing operating system configurations and implementing privilege restrictions.
Pythonansibleawsazure - syncthing/syncthing
Syncthing is a decentralized file synchronization engine that maintains consistent data states across multiple devices through peer-to-peer mesh networking. It operates as a background daemon that automatically replicates file creations, modifications, and deletions between trusted nodes without requiring central serve
Secures the management interface through TLS enforcement, authentication credentials, and API access keys.
Gogop2ppeer-to-peer - elastic/elasticsearch
Elasticsearch is a distributed search engine and document store designed for the high-performance indexing and retrieval of massive volumes of unstructured data. It functions as a centralized analytics platform, providing a schema-flexible architecture that organizes information into searchable indices while maintainin
Restricts unauthorized access through robust authentication, encryption, and role-based configuration controls for cluster environments.
Javaelasticsearchjavasearch-engine - swisskyrepo/PayloadsAllTheThings
This project is a comprehensive, community-sourced knowledge base designed for security professionals and researchers. It functions as a centralized repository of offensive security techniques, providing a structured collection of exploit payloads, attack vectors, and methodologies for conducting vulnerability assessme
Contains resources and utilities for assessing the security posture and identifying common misconfigurations within cloud infrastructure environments.
Pythonbountybugbountybypass - redis/redis
Redis is an in-memory, key-value database designed to provide sub-millisecond latency for read and write operations. It functions as a versatile data platform, serving as a distributed cache, a message broker, a NoSQL document store, and a vector database. The system utilizes an event-driven, single-threaded loop to pr
Hardens infrastructure by enforcing robust authentication, role-based access, and encrypted transport for all connections.
Ccachecachingdatabase - lobehub/lobehub
LobeHub is a comprehensive multi-agent orchestration platform designed for building, configuring, and deploying specialized AI agents. It provides a unified chat-based gateway that allows users to manage autonomous agent teams across web, desktop, and mobile environments. By utilizing a framework that supports persiste
Hardens self-hosted instances by enforcing HTTPS, managing sensitive secrets, and restricting access via reverse proxies.
TypeScriptagentagent-collaborationagent-harness - OpenHands/OpenHands
OpenHands is an autonomous agent framework designed for software engineering workflows. It provides a modular platform for orchestrating AI agents that reason, plan, and execute tasks within isolated, containerized development environments. By integrating with standard version control and development tools, the system
Masks sensitive information in logs by scanning text for keys and injecting them securely as environment variables.
Pythonagentartificial-intelligencechatgpt - openinterpreter/open-interpreter
Open Interpreter is an autonomous agent runtime that translates natural language instructions into executable code to interact with local software and operating systems. It functions as an orchestration framework that connects language models to a secure execution environment, enabling the development of agents capable
Restricts code execution to ephemeral containers to prevent unauthorized access to host system resources.
Pythonchatgptgpt-4interpreter - rclone/rclone
This project is a command-line storage manager that provides a unified interface for performing file operations across local filesystems and diverse cloud storage providers. It functions as a cross-platform storage abstraction, utilizing a modular backend architecture to map heterogeneous cloud storage APIs into a stan
Secures data transfers by configuring custom certificate authorities, client-side certificates, and private keys for mutual authentication.
Goazure-blobazure-blob-storageazure-files - appwrite/appwrite
Appwrite is a backend-as-a-service platform that provides a unified development environment for building full-stack applications. It integrates essential infrastructure components—including authentication, databases, storage, and serverless functions—into a single, centralized interface to simplify application developm
Secures sensitive configuration data by marking variables as secret to prevent unauthorized retrieval.
TypeScriptandroidappwritebackend
Explore sub-tags
- AWS Pentesting ResourcesResources and utilities specifically designed for assessing the security posture and identifying misconfigurations within Amazon Web Services environments.
- Active Directory AttacksEducational resources detailing attack vectors and defensive strategies for securing Active Directory environments.
- Azure Pentesting ResourcesTools and documentation for evaluating the security of Microsoft Azure cloud services and identifying potential exploitation vectors.