As a systems engineer, GRC Analyst, and Cybersecurity professional, I build practical tools to solve real-world compliance and security challenges. All projects are open source and available on GitHub.
A collection of read-only scripts that help sysadmins export configuration evidence from network devices, cloud environments, and operating systems for PCI DSS assessor review. No system modifications—just structured, timestamped output ready for your assessor.
Coming from systems engineering into GRC and security assessments, I’ve seen how much time gets lost on manual, inconsistent evidence collection. Organizations struggle with:
Scoping — not knowing where sensitive data exists or how systems connect
Manual processes — spending days on evidence collection that could be automated
Inconsistent exports — different outputs every cycle make year-over-year comparison difficult
Resource constraints — small teams without enterprise tooling budgets
These projects solve real problems I encountered during assessments. They’re built to be:
Practical — solve specific compliance challenges, not hypothetical ones
Accessible — free and open source
Professional — production-ready code with proper documentation
Safe — read-only operations, no system modifications
Disclaimer: These tools are provided for compliance and security purposes. Always follow your organization’s security policies and consult with qualified professionals for production deployments.
Overview # The PCI DSS Toolkit is a collection of read-only scripts that help sysadmins export configuration evidence from network devices, cloud environments, and operating systems for PCI DSS assessor review. Scripts connect to devices or APIs, export configuration data, and save it locally. No changes are made to any system.
juancarlosmunera/pci-tools PCI Tools and Scripts for assessors and sysadmins to aid both in evidence collection and evidence review.