se/labs
← All projects

ComplianceScan

active

Web compliance and vulnerability scanner mapped to GDPR, PCI-DSS, ISO 27001 and HIPAA.

View on GitHub

Overview

Checks a web target against common security baselines (TLS configuration, security headers, cookie flags) and maps the findings onto GDPR, PCI-DSS, ISO 27001 and HIPAA control sets, with CVSS v3.1 scored findings. Drivable three ways: a GTK4 desktop app, a CLI, and a FastAPI REST service. Results persist to SQLite and export as JSON, SARIF, CSV, XML, Markdown or PDF.

scope A repeatable baseline-and-mapping check, not a substitute for a full audit or manual pentest.

What it does

  • Inspects TLS configuration, security headers and cookie flags (Secure, HttpOnly, SameSite)
  • Maps findings to GDPR, PCI-DSS, ISO 27001 and HIPAA with multi-standard simultaneous validation
  • CVSS v3.1 scored findings, exportable as JSON, CSV, XML, SARIF, Markdown and branded PDF reports

Interface

ShieldEye ComplianceScan desktop dashboard showing compliance posture across GDPR, PCI-DSS, ISO 27001 and HIPAA