Configuration audit tools
iniscan (PHP configuration scanner)
Iniscan is a security tool to parse the configuration of PHP and provide guidance on best practices. It provides a pass/fail type of output.
Kube-Bench (security benchmark testing for Kubernetes)
Kube-Bench is a security tool to perform a configuration audit of Kubernetes installations. It can be used to find flaws and improve system hardening.
SSHsec (SSH configuration scanner)
SSHsec scans a system running the SSH protocol and retrieves its configuration, host keys, and Diffie-Hellman groups.
sysechk (system auditing tool)
System Security Checker, or sysechk, is a tool to perform a system audit against a set of best practices. It uses a modular approach to test the system.
testssl.sh (TLS/SSL configuration scanner)
testssl.sh is a command line tool which checks a system on any port for the support of TLS/SSL ciphers, protocols, as well as some cryptographic flaws.
VHostScan (virtual host scanner)
VHostScan is a security tool that performs reverse lookups, can be used with pivot tools, detect catch-all scenarios, aliases, and dynamic default pages.