Lynis is an open source security auditing tool. Used by system administrators, security professionals, and auditors, to evaluate the security defenses of their Linux and UNIX-based systems. It runs on the host itself, so it performs more extensive security scans than vulnerability scanners.
- Mac OS
- and others
Lynis is light-weight and easy to use. Installation is optional: just copy it to a system, and use “./lynis audit system” to start the security scan. It is written in shell script and released as open source software (GPL).
- Determine operating system
- Search for available tools and utilities
- Check for Lynis update
- Run tests from enabled plugins
- Run security tests per category
- Report status of security scan
- Security auditing
- Compliance testing (e.g. PCI, HIPAA, SOx)
- Vulnerability detection and scanning
- System hardening
- Best practices
- OpenSCAP data
- Vendor guides and recommendations (e.g. Debian Gentoo, Red Hat)
Plugins enable the tool to perform additional tests. They can be seen as an extension (or add-on) to Lynis, enhancing its functionality. One example is the compliance checking plugin, which performs specific tests only applicable to some standard.
## Lynis 3.0.0 (2020-06-18) This is a major release of Lynis and includes several big changes. Some of these changes may break your current usage of the tool, so test before deployment! ### Security issues This release resolves two security issues * CVE-2020-13882 - Discovered by Sander Bos, code submission by Katarina Durechova * CVE-2019-13033 - Discovered by Sander Bos ### Breaking change: Non-interactive by default Lynis now runs non-interactive by default, to be more in line with the Unix philosophy. So the previously used '--quick' option is now default, and the tool will only wait when using the '--wait' option. ### Breaking change: Deprecated options - Option: -c - Option: --check-update/--info - Option: --dump-options - Option: --license-key ### Breaking change: Profile options The format of all profile options are converted (from key:value to key=value). You may have to update the changes you made in your custom.prf. ### Security An important focus area for this release is on security. We added several measures to further tighten any possible misuse. ## New: DevOps, Forensics, and pentesting mode This release adds initial support to allow defining a specialized type of audit. Using the relevant options, the scan will change base on the intended goal. See full changelog on GitHub page.
Source : KitPloit – PenTest Tools!