Auditing
Explore 18 curated tools and resources
Search by name, description, or purpose... (⌘+K)
PINNED
Promoted • 6 toolsCommercial
Data Protection
Commercial
Network Security
Commercial
Consulting
Commercial
Application Security
Commercial
Cloud Security
Commercial
Application Security
Want your tool featured here?
Get maximum visibility with pinned placement
LATEST ADDITIONS
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
A centralized vulnerability lifecycle management platform that tracks security issues from discovery to closure with real-time status updates.
A-LIGN provides cybersecurity compliance audits and certifications, offering a range of services including SOC 2, ISO 27001, HITRUST, and FedRAMP, along with a technology platform for audit management.
A-LIGN provides cybersecurity compliance audits and certifications, offering a range of services including SOC 2, ISO 27001, HITRUST, and FedRAMP, along with a technology platform for audit management.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
A cybersecurity platform that offers vulnerability scanning, Windows Defender and 3rd party AV management, and MFA compliance reporting, among other features.
A comprehensive resource for threat hunting in Active Directory environments, covering tracking command-line/PowerShell activity, Kerberoasting detection, auditing attacker activity, and monitoring enterprise command-line activity.
A comprehensive resource for threat hunting in Active Directory environments, covering tracking command-line/PowerShell activity, Kerberoasting detection, auditing attacker activity, and monitoring enterprise command-line activity.
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
netsniff-ng is a free Linux networking toolkit with zero-copy mechanisms for network development, analysis, and auditing.
Retraced is an audit logging solution that provides compliant, searchable audit trails for applications with client libraries for Go and JavaScript.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
Access Undenied on AWS analyzes CloudTrail AccessDenied events to explain access denial reasons and provide least-privilege remediation suggestions.
A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.
A command-line tool that shows configuration history and changes of AWS resources using AWS Config service.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.
A Docker container that bundles preinstalled AWS security tools for streamlined security operations and assessments in AWS environments.
A Docker container that bundles preinstalled AWS security tools for streamlined security operations and assessments in AWS environments.
Impost is a powerful network security auditing tool with honey pot and packet sniffer capabilities.
Impost is a powerful network security auditing tool with honey pot and packet sniffer capabilities.
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
A penetration testing tool that intercepts SSH connections by patching OpenSSH source code to act as a proxy and log plaintext passwords and sessions.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
A script that validates Group Policy Object audit settings required for proper Microsoft Defender for Endpoint functionality.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.
Grafeas is an API specification for managing and auditing metadata about software resources across the software supply chain.