163 Open source projects that are alternatives of or similar to Openscap

LunaSec - Dependency Security Scanner that automatically notifies you about vulnerabilities like Log4Shell or node-ipc in your Pull Requests and Builds. Protect yourself in 30 seconds with the LunaTrace GitHub App: https://github.com/marketplace/lunatrace-by-lunasec/

Prowler is a security tool to perform AWS security best practices assessments, audits, incident response, continuous monitoring, hardening and forensics readiness. It contains more than 200 controls covering CIS, ISO27001, GDPR, HIPAA, SOC2, ENS and other security frameworks.

Wazuh - Puppet module

Leverage the ability of Terraform and AWS or GCP to distribute large security scans across numerous cloud instances.

Symmetric Encryption for Ruby Projects using OpenSSL

An asynchronous enumeration & vulnerability scanner. Run all the tools on all the hosts.

Post-Exploitation 😎 module for Penetration Tester and Hackers.

Symmetric Encryption for Ruby Projects using OpenSSL

Library and CLI tool for analysing CloudFormation templates and check them for security compliance.

Android application for scanning and managing documents.

Octopus - Network Scan/Infos & Web Scan

The Audit Test Automation Package gives you the ability to get an overview about the compliance status of several systems. You can easily create HTML-reports and have a transparent overview over compliance and non-compliance of explicit setttings and configurations in comparison to industry standards and hardening guides.

Rules engine for cloud security, cost optimization, and governance, DSL in yaml for policies to query, filter, and take actions on resources

Security, Compliance and Informational Dashboard System

A suite of tools to assist with reviewing Open Source Software dependencies.

A web application to streamline the development of STIGs from SRGs

Continuous Auditing & Configuration

Speedle+ is an open source project for access management. It is based on Speedle open source project and maintained by previous Speedle maintainers.

Tern is a software composition analysis tool and Python library that generates a Software Bill of Materials for container images and Dockerfiles. The SBoM that Tern generates will give you a layer-by-layer view of what's inside your container in a variety of formats including human-readable, JSON, HTML, SPDX and more.

This module configures AWS Config, a service that enables you to assess, audit, and evaluate the configurations of your AWS resources.

A common framework enabling companies to work together to protect consumers' privacy and data rights.

An app to modify and read memory in the Libre blood glucose monitor.

Konan - Advanced Web Application Dir Scanner

An opinionated tooling platform for managing compliance as code, using continuous integration and NIST's OSCAL standard.

INTERCEPT / Policy as Code Static Analysis Auditing / SAST

Discover vulnerabilities and container image misconfiguration in production environments.

A privacy and security engineering toolkit: Discover, understand, pseudonymize, anonymize, encrypt and securely share sensitive and personal data: Privacy and security as code.

macOS Security Compliance Project

EKOLABS esta dedicada para investigadores independientes y para la comunidad del Software Libre. Vamos a proveer de stands completos con monitor, alimentacion de energia y acceso a internet por cable, y vos vas a traer tu maquina para mostrar tu trabajo y responder preguntas de los participantes de Ekoparty Security Conference

A compat library for Bluetooth Low Energy scanning on Android.

[DEPRECATED] Enables remote scanning in WiFi Explorer Pro

OSSEC is an Open Source Host-based Intrusion Detection System that performs log analysis, file integrity checking, policy monitoring, rootkit detection, real-time alerting and active response.

GKE CIS 1.1.0 Benchmark InSpec Profile

An open source, general-purpose policy engine.

Nuclei templates for K8S security scanning

Scaling Network Scanning. Changes prior to 1.0 may cause difficult to avoid backwards incompatibilities. You've been warned.

This Repository contains the stable beta preview of the next major secureCodeBox (SCB) release v2.0.0.

FOSSology is an open source license compliance software system and toolkit. As a toolkit you can run license, copyright and export control scans from the command line. As a system, a database and web ui are provided to give you a compliance workflow. License, copyright and export scanners are tools used in the workflow.

Imagine the information security compliance guideline says you need an antivirus but you run Arch Linux

DNS tool - display information about your domain

Repository to hold the new UI framework for FOSSology built with React

Compliance automation framework, focused on SOC2

An iOS Security assessment app for jailbroken iOS Devices.

Wazuh - Ruleset

An advanced and highly optimized Java library to build frameworks: it's useful for scanning class paths, generating classes at runtime, facilitating the use of reflection, scanning the filesystem, executing stringified source code and much more...

PhoneInfoga is one of the most advanced tools to scan international phone numbers using only free resources. It allows you to first gather standard information such as country, area, carrier and line type on any international phone number. Then search for footprints on search engines to try to find the VoIP provider or identify the owner.

👀 Analyze Websites and Resources They Request

Fully automated offensive security framework for reconnaissance and vulnerability scanning

iOScanX (iOS Application Scanner for OS X) is a Cocoa application for semi-automated iOS app analysis and evaluation

Modular file scanning/analysis framework

merged into the TTS Handbook

A customizable, easy-to-navigate tool for researching, pen testing, and defending with the power of Shodan.

Wazuh - Ansible playbook

ZMap is a fast single packet network scanner designed for Internet-wide network surveys.

KNXnet/IP scanning and auditing tool for KNX home automation installations.

Privacy as Code for DSAR Orchestration: Privacy Request automation to fulfill GDPR, CCPA, and LGPD data subject requests.

The GDPR Checklist

A distributed nmap / masscan scanning framework complete with an API client for automation workflows

Fast and powerful Swift string scanning made simple

🤖 The Modern Port Scanner 🤖