By skyforbes One-command security hardening that implements many enterprise-grade protections (DISA STIG + CIS) while allowing the user to decide the level of protection / use trade-off. This enables casual use and more strict.
Majour release:
Version 4.2 – Critical Fixes for Module(s) Execution – Tested WORKING on Debian 13
- Enables your firewall (UFW) – but keeps Steam, Discord, KDE Connect working
- Hardens SSH – prevents brute force attacks if you use remote access
- Blocks repeated failed logins – automatic IP banning with Fail2Ban
- Installs antivirus – ClamAV (yes, Linux can get malware)
- Secures the kernel – protection against memory exploits and attacks
- Sets up file integrity monitoring – alerts you if system files change
- Enforces strong passwords – because "password123" is still too common
- Enables automatic security updates – patches critical bugs while you sleep
- Configures audit logging – forensics and evidence if something happens
- Applies kernel hardening – makes exploits far harder to pull off
- Secures boot process – protects against physical attacks
- Removes unnecessary packages – smaller attack surface
Extensive documentation in the Readme!!!