STIG Viewer

Open-source, cross-platform Security Technical Implementation Guide (STIG) viewer and checklist tool — a drop-in replacement for DISA's official STIG Viewer, built with Electron + React + TypeScript.

Features

Open STIG files — XCCDF XML files and STIG ZIP archives from DISA's website
Open/Save CKL checklists — fully compatible with DISA STIG Viewer's .ckl format
Assess findings — mark each rule as Open, Not a Finding, Not Applicable, or Not Reviewed
Finding details & comments — add notes per rule
Severity override — override severity with justification
Asset information — record host details (name, IP, FQDN, MAC, role)
Filter & search — filter by severity (CAT I/II/III), status, or full-text search
Progress tracking — completion summary with per-status counts
Multiple checklists — load and switch between multiple STIGs simultaneously

Supported Platforms

Platform	Architecture
Linux	x86_64, ARM64
macOS	x86_64 (Intel), ARM64 (Apple Silicon)
Windows	x86_64, ARM64

Quick Start

Development

npm install
npm run dev

Build

# Build for current platform
npm run build

# Package for specific platforms
npm run build:linux    # AppImage + deb + rpm (x64 + arm64)
npm run build:mac      # DMG (x64 + arm64)
npm run build:win      # NSIS installer (x64 + arm64)
npm run build:all      # All platforms

Usage

Open a STIG: File → Open STIG File(s)… or click + STIG in the sidebar
- Accepts .zip archives from DISA's STIG library
- Accepts raw XCCDF .xml files
Open an existing checklist: File → Open Checklist (CKL)… or click + CKL
Assess a rule: Click a rule in the list → click the Assess tab → set status, add details, comments
Save: File → Save Checklist… or the Save CKL button

CKL Compatibility

Generated .ckl files are compatible with DISA STIG Viewer 2.x and 3.x. You can exchange files between this viewer and the official tool.

Architecture

src/
├── main/          # Electron main process (file dialogs, IPC)
├── preload/       # Context bridge (secure IPC surface)
└── renderer/src/
    ├── types/     # TypeScript types for STIG/Checklist data
    ├── lib/       # XCCDF parser, CKL parser/generator, ZIP handler
    ├── store/     # Zustand state store
    └── components/ # React UI components

Tech Stack

Electron — cross-platform desktop shell
React + TypeScript — UI
electron-vite — fast builds with HMR
Tailwind CSS — styling
fast-xml-parser — XCCDF/CKL XML parsing
JSZip — ZIP archive handling
Zustand — state management
electron-builder — cross-platform packaging

License

MIT — see LICENSE

Name		Name	Last commit message	Last commit date
Latest commit History 3 Commits
src		src
.gitignore		.gitignore
LICENSE		LICENSE
README.md		README.md
WEB-DEPLOYMENT.md		WEB-DEPLOYMENT.md
compare-cklb.sh		compare-cklb.sh
electron-builder.yml		electron-builder.yml
electron.vite.config.ts		electron.vite.config.ts
package.json		package.json
postcss.config.js		postcss.config.js
tailwind.config.js		tailwind.config.js
tsconfig.json		tsconfig.json
tsconfig.node.json		tsconfig.node.json
tsconfig.web.json		tsconfig.web.json
vite.web.config.ts		vite.web.config.ts

Provide feedback

Saved searches

Use saved searches to filter your results more quickly

Repository files navigation

STIG Viewer

Features

Supported Platforms

Quick Start

Development

Build

Usage

CKL Compatibility

Architecture

Tech Stack

License

About

Uh oh!

Releases

Packages

Uh oh!

Contributors

Uh oh!

Languages

Folders and files

Latest commit

History

Repository files navigation

STIG Viewer

Features

Supported Platforms

Quick Start

Development

Build

Usage

CKL Compatibility

Architecture

Tech Stack

License

About

Resources

License

Uh oh!

Stars

Watchers

Forks

Releases

Packages 0

Uh oh!

Contributors

Uh oh!

Languages

Packages