Compliance Toolkit Documentation
Version: 1.1.0 Last Updated: 2025-10-09
Welcome to the Compliance Toolkit! A comprehensive Windows registry compliance scanner with server/client architecture and web dashboard.
Architecture
The Compliance Toolkit now includes two deployment modes:
Standalone Mode (Original)
Single executable for local compliance scanning and HTML report generation.
go build -ldflags="-s -w" -o ComplianceToolkit.exe ./cmd/toolkit.go
Server/Client Mode (New!)
Centralized compliance monitoring with web dashboard.
Server:
cd cmd/compliance-server
go build -o compliance-server.exe .
./compliance-server.exe --config server.yaml
Client:
cd cmd/compliance-client
go build -o compliance-client.exe .
./compliance-client.exe --config client.yaml --once
Web Dashboard: http://localhost:8443/dashboard
Getting Started
- Quick Start Guide - Get up and running in 5 minutes
- Installation Guide - Complete installation instructions
- User Guide - Interactive mode usage
Server/Client Mode (New!)
- Unit Testing Guide - Complete testing procedures for server/client
- Client Detail Page - Client drill-down documentation
- Settings Page Enhancements - API key management
Command Line Interface
- CLI Quick Start - 5-minute CLI setup
- CLI Usage Guide - Complete CLI reference
- Automation Examples - Scheduled tasks and scripts
Reports & Compliance
- Available Reports - All compliance reports
- Evidence Logging - Audit trail documentation
- Executive Reports - C-level reporting features
Advanced Usage
- Adding New Reports - Create custom reports
- Template System - HTML template customization
- Configuration Reference - JSON configuration format
Developer Resources
- Architecture Overview - Codebase structure
- Development Guide - Building and contributing
- Project Status - Current features and roadmap
Quick Links
For End Users:
- First time? β Quick Start Guide
- Need to install? β Installation Guide
- Want automation? β CLI Quick Start
For IT Administrators:
- Scheduled scans? β CLI Usage Guide
- Need examples? β Automation Examples
- Compliance audit? β Evidence Logging
For Developers:
- Custom reports? β Adding New Reports
- Customize UI? β Template System
- Understand code? β Architecture Overview
What is Compliance Toolkit?
The Compliance Toolkit is a comprehensive Windows registry compliance scanner with:
Standalone Features
- β Scans Windows registry for compliance violations
- β Generates professional HTML reports with charts
- β Supports NIST 800-171 and FIPS 140-2 frameworks as well as custom JSON baselines
- β Creates JSON evidence logs for audits
- β Runs interactively or via command line
- β Perfect for scheduled compliance scans
Server/Client Features (New!)
- β Centralized server with RESTful API
- β Web dashboard for real-time monitoring
- β Client detail pages with compliance history
- β Submission detail pages with full check results
- β Settings management with live API key control
- β Cookie-based authentication (secure, no exposed tokens)
- β Postgres database
- β Auto-refresh dashboard (30-second intervals)
- β Export functionality (JSON downloads)
- β Compliance trend charts (Chart.js visualization)
Quick Start
Docker Deployment (Recommended)
The fastest way to get started is using Docker:
# Clone the repository
git clone https://github.com/MrBrooks-code/compliance-toolkit.git
cd compliance-toolkit
# Build and run with Docker Compose
docker-compose up -d
# Access the web dashboard
http://localhost:8080/login
Default credentials:
- Username: admin
- Password: admin123
What you get:
- β
Web dashboard at http://localhost:8080
- β
JWT Authentication
- β
RESTful API for compliance submissions
- β
Automatic container restart on failure
Useful commands:
# View logs
docker-compose logs -f
# Stop the server
docker-compose down
# Rebuild after changes
docker-compose up --build -d
π₯οΈ Standalone Mode (Local Scanning)
Interactive Mode:
ComplianceToolkit.exe
# Select [1] Run Reports
# Choose a report
# View results in browser
Command Line Mode:
# List available reports
ComplianceToolkit.exe -list
# Run a single report
ComplianceToolkit.exe -report=NIST_800_171_compliance.json
# Run all reports (for scheduled tasks)
ComplianceToolkit.exe -report=all -quiet
Server/Client Mode (Manual Deployment)
1. Start Server:
cd cmd/compliance-server
./compliance-server.exe --config server.yaml
2. Run Client (send compliance data):
./compliance-client.exe --config client.yaml --once
3. Access Web Dashboard:
http://localhost:8443/dashboard
Documentation Structure
docs/
βββ README.md (this file)
βββ user-guide/
β βββ QUICKSTART.md # 5-minute getting started
β βββ INSTALLATION.md # Installation instructions
β βββ USER_GUIDE.md # Interactive mode guide
β βββ CLI_QUICKSTART.md # CLI quick start
β βββ CLI_USAGE.md # Complete CLI reference
β βββ AUTOMATION.md # Automation examples
βββ developer-guide/
β βββ ARCHITECTURE.md # Codebase overview
β βββ DEVELOPMENT.md # Build and contribute
β βββ ADDING_REPORTS.md # Create custom reports
β βββ TEMPLATES.md # Template system
βββ reference/
β βββ REPORTS.md # Available reports
β βββ EVIDENCE.md # Evidence logging
β βββ EXECUTIVE.md # Executive reports
β βββ CONFIG.md # Configuration format
βββ PROJECT_STATUS.md # Project status and roadmap
Getting Help
Common Issues
"configs/reports not found"
- Solution: Ensure configs/reports/*.json exists next to the executable
- See: Installation Guide
"Access denied" errors - Solution: Run as Administrator - See: Installation Guide
Reports not opening - Solution: Clear browser cache and regenerate report - See: User Guide
Need More Help?
- π Browse the User Guide
- π§ Check CLI Usage
Updates & Versions
Current Version: 1.1.0
Recent Updates (Phase 3.2 - Full Web UI): - β Server/Client Architecture - Centralized compliance monitoring - β Web Dashboard - Real-time stats with recent submissions and clients - β Clients Page - Full client list with search, filtering, sorting, and pagination - β Client Detail Page - Complete client history with compliance trend charts - β Submission Detail Page - Full compliance check details with evidence - β Policies Page - Import and manage compliance policies - β Settings Page - User management, API keys, server configuration - β About Page - Project information and GitHub repository link - β Cookie-based Authentication - Secure token management - β Dark/Light Theme - System-wide theme support with smooth transitions - β Docker Support - One-command deployment with Docker Compose - β Export Functionality - JSON downloads for all data - β Auto-refresh Dashboard - 30-second update intervals
Previous Updates: - β CLI automation support - β Scheduled task examples - β Smart path resolution - β Dark mode improvements - β Search functionality
Roadmap
Completed (Phase 3.1): - β Client Detail Page (#2) - β Submission Detail Page (#1) - β Settings Page (#4)
Upcoming (Phase 3.2): - π Login/Authentication Page (#3) - π Reports & Analytics (#4) - π Alerts & Notifications (#6)
See Future Enhancements for complete roadmap.
Interface
Login Page
Secure authentication with customizable login banner and theme support.
Dashboard
Real-time monitoring with compliance stats, recent submissions, and recent clients overview.
Clients Page
Full client list with advanced search, filtering by status/compliance, sortable columns, and pagination.
Client Detail Page
Complete client history with system information, compliance trend chart, and detailed submission history.
Submission Detail Page
Full compliance check results with passed/failed status, registry paths, and evidence records.
Policies Page
Import and manage compliance policies with search and filtering capabilities.
Settings Page
Manage users, API keys, server configuration, and customize login messages.
About Page
Project information, GitHub repository link, and documentation resources.
Documentation Version: 1.2 Last Updated: 2025-10-09