STIG Hardening Tool

Upload an XCCDF file to generate a Bash remediation script for STIG compliance on Linux systems.

This tool empowers you to customize remediation options for each STIG item or use the default settings, providing flexibility to tailor the process. Once reviewed, it generates a comprehensive Bash script to apply the selected remediations.

Disclaimer: This tool is provided for educational and testing purposes only. By using it, you acknowledge and accept all risks. Additionally, this tool allows you to customize or run with default remediation options for each STIG item reviewed, generating a tailored Bash script for your system.

Downloading XCCDF Files for STIG Remediation

To utilize the STIG Hardening Tool effectively, you must obtain XCCDF files from the Defense Information Systems Agency (DISA) website. These files contain the Security Technical Implementation Guides (STIGs) necessary for securing your Linux system.

  1. Visit the DISA STIGs Download Page: Navigate to https://public.cyber.mil/stigs/downloads/ to access the STIG library.
  2. Select Your Operating System: Browse the available STIGs to find the XCCDF file corresponding to your Linux distribution (e.g., Ubuntu 24.04 LTS, CentOS 7).
  3. Download the XCCDF File: Download the `.xml` file that matches your system, such as `U_CAN_Ubuntu_24-04_LTS_STIG_V1R1_Manual-xccdf.xml` for Ubuntu 24.04 LTS.
  4. Verify File Integrity: After downloading, verify the file’s integrity using any provided checksums to ensure it hasn’t been corrupted.
  5. Upload to the Tool: Use the upload form below to load the XCCDF file and initiate the remediation process.

Note: Compatibility is crucial—select an XCCDF file tailored to your Linux distribution and version to avoid errors or incomplete remediation. For assistance, refer to the DISA documentation.

Support the Project

If you find this tool helpful, consider donating to support its development:

  • Bitcoin (BTC): 32NiBHnjceKD7Mu8HxpLDe3BNGfzPvsMaQ
  • Ripple (XRP): rLHzPsX6oXkzU2qL12kHCH8G8cnZv1rBJh (Destination Tag: 1442619766)

Your contributions help maintain and improve this tool. Thank you!

Ad Support

This tool uses ads to help offset operational costs, ensuring it remains free for all users. Your engagement with ads supports its availability.

Default Ubuntu Template Test

Test the tool with a pre-loaded Ubuntu XCCDF file.