SecureShell Hardener
π‘οΈ SecureShell Hardener β Automated Linux Compliance & Server Hardening ToolStop failing security audits. Harden your Linux server against CIS, NIST 800-53, and PCI-DSS in minutes β not days.βββββββββββββββββββββββββββββπ WHAT IS IT?βββββββββββββββββββββββββββββSecureShell Hardener is a production-ready shell script suite that automatically audits your Linux server against the three most widely required security frameworks, fixes misconfigurations, and generates a professional compliance report β all from a single command.No agents. No SaaS subscriptions. No cloud dependencies. Just run it on your server.ββββββββββββββββββββββββββββββ‘ THREE MODESβββββββββββββββββββββββββββββπ Audit Mode β Safe, read-only compliance scan. Zero system changes. See exactly where you stand across 90+ checks.π§ Harden Mode β Automatically remediates every failure it can fix. Every changed file is backed up first. Supports dry-run preview before applying.π Report Mode β Generates a polished HTML, JSON, or CSV compliance report to share with auditors, clients, or your team.βββββββββββββββββββββββββββββπ FRAMEWORKS COVEREDββββββββββββββββββββββββββββββ CIS Benchmark (Level 1 & 2)Filesystem hardening, SSH lockdown, kernel parameters, firewall, logging, user accounts, file permissions, cron security β 60+ checks across 10 sections.β NIST 800-53 Rev 5Access Control (AC), Audit & Accountability (AU), Configuration Management (CM), Identification & Authentication (IA), System & Communications Protection (SC), System & Information Integrity (SI).β PCI-DSS v4.0Requirements 1, 2, 6, 7, 8, 10, and 11 β network controls, secure config, vulnerability management, identity, logging, and testing.βββββββββββββββββββββββββββββπ§ SUPPORTED DISTROSββββββββββββββββββββββββββββββ’ Ubuntu 20.04 / 22.04 / 24.04β’ Debian 11 / 12β’ RHEL / CentOS / Rocky / AlmaLinux 8 & 9β’ Amazon Linux 2 & 2023βββββββββββββββββββββββββββββπ¦ WHAT YOU GETββββββββββββββββββββββββββββββ’ hardener.sh β main CLI tool with full flag supportβ’ 3 audit modules (CIS, NIST, PCI) β 90+ individual checksβ’ 3 remediation modules β auto-fix with file backupsβ’ HTML report generator β dark-theme dashboard with score ringβ’ JSON + CSV report output β for SIEM and spreadsheet integrationsβ’ sysctl-hardening.conf β complete kernel security baselineβ’ audit.rules β comprehensive auditd rulesetβ’ 24-test self-test suiteβ’ Full README with usage, architecture, and roadmapβββββββββββββββββββββββββββββπ‘ WHO IS THIS FOR?ββββββββββββββββββββββββββββββ’ Sysadmins and DevOps engineers managing Linux serversβ’ Startups preparing for SOC 2, ISO 27001, or PCI auditsβ’ Freelancers offering security hardening as a serviceβ’ MSPs who want to standardize hardening across client fleetsβ’ Developers who want their VPS or cloud VM locked down properlyβββββββββββββββββββββββββββββπ QUICK STARTβββββββββββββββββββββββββββββtar -xzf secureshell-hardener.tar.gzcd hardenersudo ./hardener.sh --audit --all --format htmlYour first report is ready in under 2 minutes.βββββββββββββββββββββββββββββπ REQUIREMENTSββββββββββββββββββββββββββββββ’ Bash 4.0+β’ Root / sudo accessβ’ Standard Linux tools (sysctl, ss, stat, find, awk, grep, sed)β’ No external dependencies requiredβββββββββββββββββββββββββββββπ ONE-TIME PURCHASE. NO SUBSCRIPTIONS.βββββββββββββββββββββββββββββBuy once, use on as many of your own servers as you need. Source code included β no black boxes, no obfuscation. You own it.
Get it β kevinoluda.gumroad.com