I realize this thread is over 4 years old, but this is one of the top results when searching for Linux STIGs. While nothing that I've found operates on a Debian-based system, there are some tools to configure a RHEL system and its derivatives like CentOS.
The closest thing I've found to what you're proposing in this thread (other than Security Blanket) is DoD Bastille which is an open source, rewritten version of Bastille Linux to configure a server to be in compliance with DISA STIGs.
You can find DoD Bastille on Forge.mil (the DISA version of SourceForge.net for DoD open source projects). You'll need to login with a DoD issued CAC card.
Here is the direct link to the DoD Bastille page: https://software.forge.mil/sf/projects/dodbastile
From what I can tell, it doesn't look like much has changed since Feb 2011, but it looks like a very promising solution if it can maintain active development.