Security Audit — OWASP, Nmap, Nikto
Comprehensive security auditing toolkit for OpenClaw deployments. Scan your infrastructure, identify vulnerabilities, and harden configs.
What It Does
- Port Scanning — Nmap service detection, OS fingerprinting, script scanning
- Web Vulnerability Assessment — Nikto web server scans, OWASP Top 10 checks
- Infrastructure Hardening — SSH config audit, firewall rules, exposed services
- Compliance Reports — Structured JSON output, severity ratings, remediation steps
Quick Start
# Full security audit
bash scripts/security-audit.sh --target 192.168.1.0/24 --output reports/
# Quick port scan
bash scripts/quick-audit.sh --target localhost
Features
- Automated Nmap scans with service version detection
- Nikto web vulnerability assessment
- OWASP Top 10 checklist verification
- SSH hardening recommendations
- Firewall rule audit
- Structured JSON reports with severity ratings
- Remediation scripts for common findings
Requirements
- OpenClaw 2.0+
- Nmap (apt install nmap)
- Nikto (apt install nikto)
- Python 3.10+
License
MIT