From dc9496a67ba8a6db254b6af48411b9ca98f5638d Mon Sep 17 00:00:00 2001
From: Tommy <contact@tommytran.io>
Date: Fri, 19 Jan 2024 23:54:30 -0700
Subject: [PATCH] Kali Kernel Hardening

Signed-off-by: Tommy <contact@tommytran.io>
---
 Kali-Linux.sh | 14 +++++++++++++-
 1 file changed, 13 insertions(+), 1 deletion(-)

diff --git a/Kali-Linux.sh b/Kali-Linux.sh
index 9d6cf53..08fbc4b 100644
--- a/Kali-Linux.sh
+++ b/Kali-Linux.sh
@@ -33,4 +33,16 @@ sudo apt install kali-linux-everything -y
 
 # Setup UFW
 sudo apt install ufw -y
-sudo ufw enable
\ No newline at end of file
+sudo ufw enable
+
+# Kernel hardening
+unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/etc/modprobe.d/30_security-misc.conf | sudo tee /etc/modprobe.d/30_security-misc.conf
+sudo chmod 644 /etc/modprobe.d/30_security-misc.conf
+unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/990-security-misc.conf | sudo tee /etc/sysctl.d/990-security-misc.conf
+sudo chmod 644 /etc/sysctl.d/990-security-misc.conf
+unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_silent-kernel-printk.conf | sudo tee /etc/sysctl.d/30_silent-kernel-printk.conf
+sudo chmod 644 /etc/sysctl.d/30_silent-kernel-printk.conf
+unpriv curl https://raw.githubusercontent.com/Kicksecure/security-misc/master/usr/lib/sysctl.d/30_security-misc_kexec-disable.conf | sudo tee /etc/sysctl.d/30_security-misc_kexec-disable.conf
+sudo chmod 644 /etc/sysctl.d/30_security-misc_kexec-disable.conf
+sudo sed -i 's/kernel.yama.ptrace_scope=2/kernel.yama.ptrace_scope=3/g' /etc/sysctl.d/990-security-misc.conf
+sudo sysctl -p
\ No newline at end of file