1-Click GitHub Security Controls
Created by Albert Hui albert@securityronin.com 
Deploy Security Controls to Any Project in One Command
# Download installer and SLSA provenance
curl -LO https://github.com/h4x0r/1-click-github-sec/releases/download/v0.6.11/install-security-controls.sh
curl -LO https://github.com/h4x0r/1-click-github-sec/releases/download/v0.6.11/multiple.intoto.jsonl
# VERIFY with SLSA provenance (cryptographic proof of authenticity)
# Install slsa-verifier: https://github.com/slsa-framework/slsa-verifier#installation
slsa-verifier verify-artifact \
--provenance-path multiple.intoto.jsonl \
--source-uri github.com/h4x0r/1-click-github-sec \
install-security-controls.sh
# Run installer
chmod +x install-security-controls.sh
./install-security-controls.sh
Supports Rust, Node.js, Python, Go, and generic projects with 35+ security controls.
🎯 What You Get
✅ Pre-push validation (35+ security checks in <60s) ✅ CI/CD workflows (comprehensive security scanning) ✅ GitHub security features (Renovate, CodeQL, secret scanning) ✅ Cryptographic verification (signed commits and releases)
📊 For Leadership: Executive Overview
| Document | Audience | Purpose |
|---|---|---|
| Executive Briefing → | CTOs, VPs, Directors | Strategic evaluation, ROI analysis, enterprise readiness |
🚀 For Developers: Quick Start
| Guide | Time | What You'll Learn |
|---|---|---|
| Installation → | 5 min | Get security controls installed |
| Uninstall → | 2 min | Remove controls if needed |
That's it! Most developers don't need anything else.
🔧 Want Technical Details? Power User Guides
| Guide | Level | What You'll Learn |
|---|---|---|
| Security Architecture → | Advanced | How everything works together |
| GitHub Enterprise vs Free → | Intermediate | Feature availability and alternatives |
| Complete Signing Guide → | Intermediate | 4-mode setup, GPG vs gitsign, verification |
| Cryptographic Verification → | Expert | Advanced verification procedures |
| SLSA Provenance → | Expert | Supply chain security implementation |
| Safe Upgrade System → | Advanced | Upgrade without losing customizations |
👥 Contributing? Development Resources
| Guide | Role | What You'll Learn |
|---|---|---|
| Contributing → | Contributors | Development setup and guidelines |
| Repository Security & Quality Assurance → | Maintainers | This repo's security implementation |
| Design Principles → | Architects | Core design decisions |
🔗 Quick Links
- GitHub Repository - Source code & latest releases
- Report Issues - Found a bug? Let us know
- Latest Release - Always get the newest version
Updated: October 2025