This Ansible collection provides battle tested hardening for Linux, SSH, nginx, MySQL

This Ansible role provides numerous security-related ssh configurations, providing all-round base protection.

SSHD hardening for ed25519 key pairs

Idempotent VPS hardening for Ubuntu — SSH, firewall, fail2ban, kernel tuning, auditd, SOPS secrets, and optional AI agent workspace security. Dry-run first, lockout protection built in.

🥷🏻 Various bash stuff i find good to have 🔰

Advanced Privacy-Box: A RaspberryPi USB Ethernet Gadget that safeguards your Privacy while you work on your computer - Route all traffic through a WireGuard VPN or through a Tor Transparent Proxy, block ads and trackers via AdGuard Home, spoof your devices identity and cover your tracks.

Ansible role that hardens SSH server and client configurations based on ssh-audit recommendations. Supports Debian, Ubuntu, Rocky Linux 9, and Amazon Linux 2023. Provides safe defaults, repeatable audits, host key regeneration, brute-force mitigation and client hardening.

A collection of Linux setup scripts and Docker Compose stacks for a Proxmox homelab, designed to be usable on most standard Linux systems. Includes VM setup, security hardening, AI development tools, and self-hosted services.

Linux 服务器 SSH 密钥登录配置工具：支持 GitHub 公钥导入、本机 Ed25519 密钥生成、禁用密码登录、备份恢复。

14 production-ready security components for Ubuntu hardening (CIS Benchmark 100%). Boot, AIDE, SSH, kernel, rkhunter, auditd (CIS 4.1.x), AppArmor, Vaultwarden, UFW, nftables, fail2ban, Lynis. Modular drop-in configs, Prometheus monitoring-ready. MIT License.

A project showcasing a Linux Hardening Scripts & Documentation

Hardening SSH on a 32‑bit Alpine Linux system.

Ansible infrastructure-as-code for Linux server provisioning, hardening, and lifecycle management. 27 production-ready roles covering security, networking, databases, VPN, monitoring, and automated upgrades across Debian, RedHat, OpenBSD, FreeBSD, and macOS.

Easily automate the setup of a brand-new VPS with Docker, security hardening, and ready-to-deploy configurations.

🚀 一键部署 VPS 的 Windows 命令行工具 | A Windows CLI tool to bootstrap VPS

In this repo, i simulate enterprise IT environments through hands-on infrastructure engineering, automation, monitoring, and identity management.

Defense-in-depth Linux hardening with Snort IDS, Fail2Ban, SSH hardening, and file integrity monitoring achieving 100% attack detection

Backup-first SSH port migration skill to move off port 22 safely with two-phase rollout, validation, firewall sync, and rollback.

✨ Simulation complète d'une infrastructure réseau SOHO sécurisée.

A practical, CIS-aligned Linux hardening toolkit for Debian and Ubuntu systems, focused on visibility, least privilege, firewalling, mandatory access control, auditing, and defending everyday workstations and servers without blind automation.