← Back to all products
$29
Compliance Checker
Validate apps against OWASP Top 10, CIS benchmarks, and security header best practices.
JSONMarkdownPythonCI/CD
📄 Product Preview
Try the interactive reader and demo tools below, or get the full product with all content unlocked.
📖 Interactive Reader (Free Preview) ⚙ Try Demo Tools 📦 Download Free Sample📁 File Structure 10 files
compliance-checker/
├── LICENSE
├── README.md
├── examples/
│ └── compliance_config.json
├── free-sample.zip
├── guide/
│ ├── 01_features.md
│ ├── 02_quick-start.md
│ ├── 03_configuration-reference.md
│ └── 04_license.md
├── index.html
└── src/
└── compliance_checker.py
📖 Documentation Preview README excerpt
Compliance Checker
Validate web applications against OWASP Top 10, CIS benchmark guidelines, and security header best practices. Get a compliance score and remediation steps in minutes.
Features
- OWASP Top 10 (2021) — automated checks for the most critical web security risks
- CIS benchmark guidelines — server configuration hardening checks
- Security header validation — HSTS, CSP, X-Frame-Options, X-Content-Type-Options, Referrer-Policy, Permissions-Policy
- Compliance scoring — letter-grade rating (A through F) based on pass/fail ratio
- Remediation recommendations — actionable fix for each failed check
- Multiple frameworks — run OWASP, CIS, or both with
--all - CI/CD friendly — exit codes and pass/fail thresholds for automated pipelines
- JSON and console output — structured data or human-readable reports
- Non-destructive — all checks are passive HTTP requests
Requirements
- Python 3.10+
- No external dependencies (stdlib only)
Quick Start
# Quick compliance check with all frameworks
python src/compliance_checker.py --target api.example.com
# OWASP Top 10 only
python src/compliance_checker.py --target example.com --framework owasp
# Full check with JSON output
python src/compliance_checker.py --target example.com --all --output report.json
Output
The report includes a compliance score, a categorized list of passed/failed checks, and specific remediation steps for each failure. JSON output is structured for integration with dashboards or ticketing systems.
Configuration Reference
Use a config file for repeatable checks (see examples/compliance_config.json):
{
"target": "https://app.example.com",
"checks": {
"owasp_top_10": true,
"cis_benchmarks": true,
"security_headers": true
},
"fail_threshold": 70,
"output_format": "json"
}
| Field | Type | Description |
|---|---|---|
target | string | URL to validate |
checks.owasp_top_10 | bool | Run OWASP Top 10 checks |
checks.cis_benchmarks | bool | Run CIS benchmark checks |
... continues with setup instructions, usage examples, and more.
📄 Code Sample .py preview
src/compliance_checker.py
#!/usr/bin/env python3
"""
Compliance Checker — Security Kit (DataNest)
Validates systems and web applications against OWASP Top 10, CIS benchmark
guidelines, and security header best practices. Generates compliance reports.
Usage:
python compliance_checker.py --target api.example.com
python compliance_checker.py --target example.com --framework owasp
python compliance_checker.py --target example.com --all --output report.json
Dependencies: Python 3.10+ stdlib only (no pip packages)
License: MIT
"""
from __future__ import annotations
import argparse
import json
import logging
import socket
import ssl
import sys
import urllib.request
import urllib.error
from dataclasses import dataclass, field, asdict
from datetime import datetime, timezone
from pathlib import Path
from typing import Any
# ---------------------------------------------------------------------------
# Constants
# ---------------------------------------------------------------------------
logger = logging.getLogger("compliance_checker")
HTTP_TIMEOUT = 10
# OWASP Top 10 (2021) categories we can check remotely
OWASP_TOP_10 = {
"A01": "Broken Access Control",
"A02": "Cryptographic Failures",
"A03": "Injection",
"A04": "Insecure Design",
"A05": "Security Misconfiguration",
"A06": "Vulnerable and Outdated Components",
"A07": "Identification and Authentication Failures",
"A08": "Software and Data Integrity Failures",
"A09": "Security Logging and Monitoring Failures",
"A10": "Server-Side Request Forgery",
# ... 441 more lines ...