Audit Tools is a collection of open-source Python scripts and related resources intended to support auditors, risk professionals, and data analysts in automating common audit procedures and analyses.
This repository includes practical examples that can be used as-is or adapted to specific audit environments.
| Directory | Description |
|---|---|
applications/aws/ | AWS IAM users, password policy, and S3 bucket analysis |
applications/github/ | GitHub admin enumeration, audit log, branch protections, and commit analysis |
applications/gitlab/ | GitLab user provisioning, branch protections, approvals, pipelines, and more |
databases/mongo/ | MongoDB admin enumeration |
databases/mysql/ | MySQL admin and password queries |
databases/oracle/ | Oracle admin queries |
databases/postgres/ | PostgreSQL admin and password queries |
databases/sql/ | Generic SQL admin queries and password analysis |
os/linux/ | Linux OS reporting, password file analysis, and SSH root login checks |
project_management/ | Audit project tracking dashboards (Alteryx, Dash, Power BI) |
sampling/ | Random and stratified sampling tools |
Clone the Repository
git clone https://github.com/audit-lab/audit-toolss
cd audit-toolsInstall Dependencies
pip install -r requirements.txtRun a Script
For example, to run the Linux OS report tool:
./os/linux/report/linux.shOr to run a Python script:
python sampling/sample.pyOutput will be shown in the terminal or saved to a file, depending on the script.
Contributions are welcome. You can contribute by:
- Adding new audit-related scripts
- Suggesting improvements or feature ideas
- Enhancing documentation
- Testing the tools on additional datasets and reporting any issues
To contribute:
- Fork the repository
- Create a new branch:
git checkout -b my-feature - Commit your changes:
git commit -m 'Added new audit test' - Push your branch:
git push origin my-feature - Open a pull request