reddit hackernews mail facebook facebook linkedin


Security auditing tool for Linux, macOS, and UNIX-based systems.

Lynis is a security auditing tool for systems based on UNIX like Linux, macOS, BSD, and others. It performs an in-depth security scan and runs on the system itself. The primary goal is to test security defenses and provide tips for further system hardening. It will also scan for general system information, vulnerable software packages, and possible configuration issues. Lynis was commonly used by system administrators and auditors to assess the security defenses of their systems. Besides the "blue team," nowadays penetration testers also have Lynis in their toolkit.

Project goals: Since Lynis is flexible, it is used for several different purposes. Typical use cases for Lynis include:
- Security auditing
- Compliance testing (e.g. PCI, HIPAA, SOx)
- Penetration testing
- Vulnerability detection
- System hardening

Audience and use cases
- Developers: Test that Docker image, or improve the hardening of your deployed web application.
- System administrators: Run daily health scans to discover new weaknesses.
- IT auditors: Show colleagues or clients what can be done to improve security.
- Penetration testers: Discover security weaknesses on systems of your clients, that may eventually result in system compromise.