Security Audit

SharpAppLocker is a C# tool that retrieves AppLocker application control policies from Windows systems, replicating the Get-AppLockerPolicy PowerShell cmdlet functionality.

Bastille-Linux is a system hardening program that proactively configures the system for increased security and educates users about security settings.

AWS Scout2 is a security assessment tool that uses the AWS API to gather configuration data and automatically identify security risks in AWS environments.

An open-source script that performs automated security assessments of Docker containers and hosts against CIS Docker Benchmark standards.

Automate your reconnaissance process with AttackSurfaceMapper, a tool for mapping and analyzing network attack surfaces.

Azucar is a multi-threaded plugin-based tool that performs read-only security assessments of Azure Cloud environments, analyzing various assets and configurations without modifying deployed resources.

An all-in-one email outreach platform for finding and connecting with professionals, with features for lead discovery, email verification, and cold email campaigns.

A standalone Python script that audits system configurations against CIS Hardening Benchmarks to assess compliance readiness without requiring installation or dependencies.

A tool for identifying potential security vulnerabilities in web applications

Patch-level verification tool for bundler to check for vulnerable gems and insecure sources.

LambdaGuard is an AWS Lambda auditing tool that provides security configuration checks, statistical analysis, and service dependency mapping for serverless functions.

Second-order subdomain takeover scanner

A tool that safely installs packages with npm/yarn by auditing them as part of your install process.

A Python-based Docker security audit tool that performs CIS benchmark assessments with customizable profiles and JSON reporting capabilities.

SecretScanner is a standalone tool that scans container images and filesystems to detect approximately 140 types of unprotected secrets and sensitive credentials.

A command-line security auditing tool that performs Lynis-based security assessments across AWS, GCP, Azure, and DigitalOcean cloud platforms.

Crt.sh is a website that allows users to search for SSL/TLS certificates of a targeted domain, providing transparency into certificate logs.

A distributed AWS security auditing tool that continuously enumerates and scans internet-facing AWS services to identify potentially misconfigured resources.

Websecurify provides efficient ways to protect organizations with sophisticated technology and expert consultancy.

A specialized packet sniffer for displaying and logging HTTP traffic, designed to capture, parse, and log traffic for later analysis.

A shell script-based Unix security auditing tool that generates scored compliance reports based on CIS frameworks and provides lockdown capabilities with rollback functionality.

Comprehensive host-survey tool for security checks in C#.

ssh-audit is a Python-based tool for auditing SSH server and client configurations to identify security weaknesses and ensure compliance with best practices.

CloudMapper is an AWS security analysis tool that audits configurations, identifies misconfigurations, analyzes IAM policies, finds unused resources, and provides network visualization capabilities.