Collectors gather evidence from external systems. Tools analyze and transform packs. Mix and match to build your workflow.
brew install locktivity/tap/epack
Evidence Packs are just ZIP files with a manifest. Components extend what you can do with them.
Gather evidence from external APIs. Each collector handles authentication, pagination, and data normalization.
epack collect github
Perform compliance analysis. Run policy checks, map to frameworks, score risk, generate timelines.
epack tool policy check
Helper tools for working with packs. Browse contents, compare changes over time, export to various formats.
epack utility viewer
Publish and retrieve packs from external storage. Each remote handles authentication and transfers.
epack push locktivity
Collects GitHub organization security posture metrics
Collects Okta organization security posture metrics
Collects AWS organization security posture metrics
Collects Google Workspace identity and security posture metrics
Collects Microsoft Entra ID and Azure security posture metrics
Collects email DNS security posture (MX, SPF, DMARC, DKIM)
Components follow a simple protocol. Write collectors and tools in any language.