Lynis - Security auditing tool for Linux, macOS, and UNIX-based systems. Assists with compliance testing (HIPAA/ISO27001/PCI DSS) and system hardening. Agentless, and installation optional.

List of open source tools for AWS security: defensive, offensive, auditing, DFIR, etc.

Multi-Cloud Security Auditing Tool

SSH server & client security auditing (banner, key exchange, encryption, mac, compression, compatibility, security, etc)

Audited (formerly acts_as_audited) is an ORM extension that logs all changes to your Rails models.

Record the change log from models in Laravel

the TCPdump network dissector

本程序旨在为安全应急响应人员对Linux主机排查时提供便利，实现主机侧Checklist的自动全面化检测，根据检测结果自动数据聚合，进行黑客攻击路径溯源。

Configuration guidance for implementing the Windows 10 and Windows Server 2016 DoD Secure Host Baseline settings. #nsacyber

A Django app that keeps a log of changes made to an object.

The missing reverse proxy for ssh scp

Yet another Django audit log app, hopefully the simplest one.

Observations and tips checklist for auditing protocols on multiple chains 🧐

The best way to scan for weak ssh passwords on your network

A tiny web auditor with strong opinions.

Documentation and scripts to properly enable Windows event logs.

Rudder is a configuration and security automation platform. Manage your Cloud, hybrid or on-premises infrastructure in a simple, scalable and dynamic way.

A curated list of smart contract attack vectors

Open source security auditing tool to search and dump system configuration. It allows you to generate reports in HTML or RAW-HTML formats.

An open-source cloud operating system management platform, online demo: https://door.casvisor.com