openscap
Compliance scanner
A tool for validating and scanning software components for compliance with security standards
NIST Certified SCAP 1.2 toolkit
1k stars
74 watching
381 forks
Language: XSLT
last commit: about 1 month ago
Linked from 2 awesome lists
compliancecpedata-streamopenscapovalscanningscapxccdf
veggiemonk/awesome-docker
ly0n/awesome-robotic-toolingRelated projects:
| Repository | Description | Stars |
|---|---|---|
 fossology/fossology | An open source software system and toolkit for license compliance scanning and management. | 808 |
 openscanner/xguardian | A security scanner for OSX applications that detects potential vulnerabilities in URL scheme hijack, bundle ID hijack, and keychain hijack. | 41 |
 menkrep1337/xsscon | A tool designed to scan websites for Cross-Site Scripting (XSS) vulnerabilities | 214 |
 securityftw/cs-suite | An automated tool suite to assess and improve cloud security across multiple platforms | 1,145 |
 sshcom/c3 | A set of AWS CDK components providing configuration to ensure compliance with security standards. | 31 |
 tenable/terrascan | Detects security vulnerabilities and compliance issues in infrastructure code before provisioning cloud-native infrastructure. | 4,779 |
 opencorech/smart-contract-auditing-heuristics | A collection of general guidelines and pitfalls to consider when auditing smart contracts | 578 |
 cisagov/scubagear | Automates assessment of Microsoft 365 tenant configurations against CISA's Secure Configuration Baseline policies | 1,813 |
 seisvelas/san-scanner | An extension for Burp Suite that helps discover Subject Alt Names in SSL certificates | 3 |
 carlospolop/purplepanda | A tool that identifies privilege escalation paths in cloud and saas applications by analyzing permissions across multiple platforms. | 673 |
 finalduty/cis-benchmarks-audit | Tool to check system compliance against published security benchmarks | 249 |
 r0075h3ll/oralyzer | A tool to identify vulnerabilities in web applications by probing for Open Redirections and other types of attacks. | 758 |
 tcosolutions/betterscan | A toolchain that scans source code and infrastructure IaC for security risks and provides a unified report. | 831 |
 strongdm/comply | A tool for automating compliance and generating policy documents | 1,330 |
 jhaddix/sslscrape | Scans hostnames from SSL certificates to gather information | 43 |