Top 122 audit open source projects

AWS Security Tools (AST) in a simple Docker container. 📦

🔍🕵️‍♀️ WordPress audit log that track user changes in WordPress admin using a nice activity feed.

Ecto auditing library that transparently tracks changes and can revert them.

Python script to detect vulnerabilities inside PHP source code using static analysis, based on regex

InSpec: Auditing and Testing Framework

List of the most common French passwords

Yii2 通用后台管理系统

DevSec SSH Baseline - InSpec Profile

WiFi security auditing tools suite

Runs the default Google Lighthouse tests with additional security tests

PCI-DSS compliant Debian 9/10 hardening

Record the change log from models in Laravel

Validation of best practices in your Kubernetes clusters

DevSec Windows Baseline - InSpec Profile

Audit tool to find common vulnerabilities in PHP source code

Windows Hardening settings and configurations

Analytics for CSS

A crowdsourced directory tracking the compliance and security practices of cloud services and their subprocessors

Lighthouse score badge

The modularized backend boilerplate based on Spring Boot Framework, easy to get started and add your business part.

Assesses CPU security of embedded devices. #nsacyber

Recieive telegram notfications when user connect to a server

OpenBSM open audit implementation

💎 Accessibility Testing Framework. More accessible web, all over the world.

An extensible framework to audit executing operations in .NET and .NET Core.

Utility to audit the balance of Hierarchical Deterministic (HD) wallets. Supports multisig + segwit wallets.

Certificate authority and access plane for SSH, Kubernetes, web apps, databases and desktops

🛡️ GitHub Action for security audits

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

Run Lighthouse analysis over multiple sites in a single command

Python version of Junos Snapshot Administrator

Google Performance Tools runner using Puppeteer

This guide details creating a secure Linux production system. OpenSCAP (C2S/CIS, STIG).

DevSec Nginx Baseline - InSpec Profile

Flexible and rock solid audit log tracking for CakePHP 3

ssh rdp vnc telnet sftp bastion/jump web putty xshell terminal jumpserver audit realtime monitor rz/sz 堡垒机 云桌面 linux devops sftp websocket file management rz/sz otp 自动化运维 审计 录像 文件管理 sftp上传 实时监控 录像回放 网页版rz/sz上传下载/动态口令 django

drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templates

Publisher Ads Lighthouse Plugin is a tool to improve ad speed and overall quality through a series of automated audits. This tool will aid in resolving discovered problems, providing a tool to be used to evaluate effectiveness of iterative changes while suggesting actionable feedback.

DevSec SSL/TLS Baseline - InSpec Profile

A Visual Studio Extension for Web accessibility

The Grails Audit Logging Plugin

The Mobile Application Security Verification Standard (MASVS) is a standard for mobile app security.

EntityFramework extensions

Modèles de documents dans le cadre du RGAA

Check read, write permissions on S3 buckets in your account

kubeaudit helps you audit your Kubernetes clusters against common security controls

A Suite of Tools written in Python for wireless auditing and security testing.

记录自己对《代码审计》的理解和总结，对危险函数的深入分析以及在p牛的博客和代码审计圈的收获

Track changes to your rails models

Autogenerate RBAC policies based on Kubernetes audit logs

Automated auditing, performance metrics, and best practices for the web.

Audit for Doctrine Entities

PostgreSQL Audit Extension

The Prime Cross Site Request Forgery (CSRF) Audit and Exploitation Toolkit.

DevSec Linux Baseline - InSpec Profile

Get SQL Server notification on record table change

Enable Self-Service Operations: Give specific users access to your existing tools, services, and scripts

Security scanner coordinator

Pentest Report Generator

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber