This repo provides an unofficial, standalone, zero-install, zero-dependency, Python 3 script which can check your system against published CIS Hardening Benchmarks to offer an indication of your system's preparedness for compliance to the official standard. To use this tool, download the script using the command: curl -LO https://raw.githubusercontent.com/finalduty/cis_benchmarks_audit/main/cis_audit.py && chmod 750 cis_audit.py. Then run the script with various optional arguments to customize the tests and output formats.
FEATURES
EXPLORE BY TAGS
SIMILAR TOOLS
A tool for scraping CTF writeups from ctftime.org and organizing them for easy access.
Directory containing components to build labs for Chapter 29 with setup instructions and VM information.
PLC-side fuzzing tool for uncovering vulnerabilities in ICS control applications.
Social news aggregation and discussion platform for cybersecurity professionals.
A collection of setup scripts for various security research tools with installers for tools like afl, angr, barf, and more.
An open-source artifact metadata API for managing metadata about software resources and governing the software supply chain.
A Python library for querying ThreatCrowd's API for email, IP, domain, and antivirus reports
A security framework for process isolation and sandboxing based on capability-based security principles.
PINNED

Mandos
Fractional CISO service that helps B2B companies implement security leadership to win enterprise deals, achieve compliance, and develop strategic security programs.

Checkmarx SCA
A software composition analysis tool that identifies vulnerabilities, malicious code, and license risks in open source dependencies throughout the software development lifecycle.

Orca Security
A cloud-native application protection platform that provides agentless security monitoring, vulnerability management, and compliance capabilities across multi-cloud environments.

DryRun
A GitHub application that performs automated security code reviews by analyzing contextual security aspects of code changes during pull requests.