30 open-source projects similar to securitywithoutborders/hardentools, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best Hardentools alternative.
Harden-Windows-Security is a security hardening tool and framework designed to reduce the attack surface of the Windows operating system through policy enforcement. It provides a collection of security presets and templates to implement official hardening standards across multiple devices. The project distinguishes itself through a comprehensive execution control system, featuring a manager for Windows Application Control and a kernel protection suite. It implements strict trust models, including kernel-mode driver whitelisting, signed policy implementation on the EFI partition, and code inte
GOAD is an Ansible-based automation tool and infrastructure orchestrator used to deploy pre-configured networks of vulnerable Windows virtual machines. It serves as a security training environment for practicing Active Directory penetration testing, privilege escalation, and lateral movement across various cloud platforms and local virtualization hypervisors. The project distinguishes itself through a multi-provider infrastructure model and a system of infrastructure recipes that simulate intentional security misconfigurations. It supports the deployment of varied attack scenarios, including
Behavior based monitoring and hunting tool built in C# leveraging ETW tracing. Blue teamers can use this tool to detect and respond to potential Cobalt Strike beacons. Red teamers can use this tool to research ETW bypasses and discover new processes that behave like beacons.
An admittedly frivolous (and infrequently updated) attempt to harden Windows 10.
Easily configure macOS security settings from the terminal.
Scan files or process memory for CobaltStrike beacons and parse their configuration
🐧 Security-focused Linux distribution with 140+ tools, custom kernel 6.17.13, AI assistant | 5 editions | Cloud, AI/ML, Automotive, Hardware hacking
BeaconEye scans running processes for active CobaltStrike beacons. When processes are found to be running beacon, BeaconEye will monitor each process for C2 activity.
Download CSET For Windows: CSET 10.1 Standalone Installer
Sparrow.ps1 was created by CISA's Cloud Forensics team to help detect possible compromised accounts and applications in the Azure/m365 environment.
This project is a PowerShell-based post-installation automation suite and configuration manager designed to optimize Windows 10 and Windows Server deployments. It functions as a system optimization tool that applies idempotent tweaks to ensure an operating system reaches a specific desired state after a fresh installation. The tool distinguishes itself through the use of preset-based task orchestration and a modular tweak library. It allows for the definition of custom setup presets via external files and supports the extension of its capabilities through the import of custom modules. Every s
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
Web Shell Detector Web Shell Detector – is a php script that helps you find and identify php/cgi(perl)/asp/aspx shells. Web Shell Detector has a “web shells” signature database that helps to identify “web shell” up to 99%. By using the latest javascript and css technologies, web shell detector…
Firewall and Privatizing Proxy for Trackers, Attackers, Malware, Adware, and Spammers with Anti-Virus On-Demand and On-Access Scanning (PF, squid, privoxy, hphosts, dshield, emergingthreats, hostsfile, PAC file, clamav)
Santa is a binary authorization system for macOS designed to control and monitor which binaries can execute based on defined trust rules. It functions as application whitelisting software that prevents unauthorized programs from running by verifying them against cryptographic hashes and signing certificates. The system provides execution monitoring by recording every binary launch event to create a visible software execution trail. It enables centralized audit logging to track successful and denied application launches across multiple devices, ensuring enterprise device compliance through syn
Automated System Hardening Framework
pe-sieve is a set of diagnostic tools for scanning Windows process memory to identify malicious implants, shellcode, and hooks. It functions as an in-memory implant detector, malware unpacker, and process callstack analyzer designed to locate and dump memory patches and injected code from running processes. The project identifies advanced evasion techniques, such as process hollowing and reflective injection, by verifying portable executable structures in memory. It distinguishes itself by analyzing process callstacks to detect anomalies and redirections and by reconstructing executable heade
An Active Defense and EDR software to empower Blue Teams