This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.

SSHD hardening for ed25519 key pairs

Idempotent VPS hardening for Ubuntu — SSH, firewall, fail2ban, kernel tuning, auditd, SOPS secrets, and optional AI agent workspace security. Dry-run first, lockout protection built in.

🥷🏻 Various bash stuff i find good to have 🔰

Advanced Privacy-Box: A RaspberryPi USB Ethernet Gadget that safeguards your Privacy while you work on your computer - Route all traffic through a WireGuard VPN or through a Tor Transparent Proxy, block ads and trackers via AdGuard Home, spoof your devices identity and cover your tracks.

Ansible role that hardens SSH server and client configurations based on ssh-audit recommendations. Supports Debian, Ubuntu, Rocky Linux 9, and Amazon Linux 2023. Provides safe defaults, repeatable audits, host key regeneration, brute-force mitigation and client hardening.

A collection of Linux setup scripts and Docker Compose stacks for a Proxmox homelab, designed to be usable on most standard Linux systems. Includes VM setup, security hardening, AI development tools, and self-hosted services.

14 production-ready security components for Ubuntu hardening (CIS Benchmark 100%). Boot, AIDE, SSH, kernel, rkhunter, auditd (CIS 4.1.x), AppArmor, Vaultwarden, UFW, nftables, fail2ban, Lynis. Modular drop-in configs, Prometheus monitoring-ready. MIT License.

Hardening SSH on a 32‑bit Alpine Linux system.

Ansible infrastructure-as-code for Linux server provisioning, hardening, and lifecycle management. 27 production-ready roles covering security, networking, databases, VPN, monitoring, and automated upgrades across Debian, RedHat, OpenBSD, FreeBSD, and macOS.

A project showcasing a Linux Hardening Scripts & Documentation

Easily automate the setup of a brand-new VPS with Docker, security hardening, and ready-to-deploy configurations.

Defense-in-depth Linux hardening with Snort IDS, Fail2Ban, SSH hardening, and file integrity monitoring achieving 100% attack detection

✨ Simulation complète d'une infrastructure réseau SOHO sécurisée.

Backup-first SSH port migration skill to move off port 22 safely with two-phase rollout, validation, firewall sync, and rollback.

A practical, CIS-aligned Linux hardening toolkit for Debian and Ubuntu systems, focused on visibility, least privilege, firewalling, mandatory access control, auditing, and defending everyday workstations and servers without blind automation.

Modern hybrid Debian 13 server setup: Easy Bash scripts + powerful Ansible playbooks. Secure config for Samba, NFS, Apache, MariaDB, SSH & more using devsec, hardening. Quick bootstrap for home labs or production! 🚀

SSH hardening + Fail2Ban installer & monitoring menu for Debian/Ubuntu servers.

Secure Linux infrastructure lab using VirtualBox with network segmentation, firewall hardening, SSH security, and cloud architecture mapping (GCP-style).