Project Page

YMC

An agentless Windows Server compliance scanner that connects over WinRM, executes remote security checks, and generates audit-ready reports with evidence.

View repo

Summary

YMC is positioned around Windows compliance collection without deploying an agent to target hosts. It uses WinRM for remote execution and maps check results into framework-oriented profiles to produce reports that are easier to review and hand off.

Current framing

109 registered checks across 13 Windows control families
Framework profiles included for NIST 800-53, PCI DSS, SOC 2, HIPAA, CMMC 2.0, and ISO 27001
HTML and JSON reporting with evidence, plus single-host, multi-host, and CSV-driven scan input

Design notes

The repo uses dynamic check discovery, decorator-based registration, YAML profile mapping, and an agentless architecture intended to keep target systems clean while still collecting actionable compliance data.