There are plenty of companies offering that for a price - search for PCI DSS compliance checking.
For DIY, then start with Kali Linux - you get the whole suite of tools but be prepared to do some learning and it is non trivial, especially if you are unfamiliar with Unix. You do get a mostly working OpenVAS with the Greenbone webby frontend nearly out of the box, but it needs a bit of config https://www.kali.org/penetration-testing/openvas-vulnerabili... is a bit out of date. Even once you get it working, you have to be prepared to evaluate the output.
Also bear in mind that security means different things to different people and different systems. There is, and never can be, a magic security bullet.
For DIY, then start with Kali Linux - you get the whole suite of tools but be prepared to do some learning and it is non trivial, especially if you are unfamiliar with Unix. You do get a mostly working OpenVAS with the Greenbone webby frontend nearly out of the box, but it needs a bit of config https://www.kali.org/penetration-testing/openvas-vulnerabili... is a bit out of date. Even once you get it working, you have to be prepared to evaluate the output.
Also bear in mind that security means different things to different people and different systems. There is, and never can be, a magic security bullet.