Lynis – The Security Tool for Finding Linux and Mac OS Vulnerabilities

So what is this Lynis tool all about?

Lynis is a security tool used for auditing Unix based systems it’s main aims are to achieve automated security auditing, compliance testing for standards such as ISO27001, PCI-DSS and HIPAA. It also offers vulnerability detection for areas of the system that could be vulnerable to issues such as privilege escalation.

The tools can run security scans on the system itself or even remotely. The primary goal of this tool is to test the configuration of a system and provide tips to harden security. The tool can also scan for general information and vulnerable software packages and possible configurations flaws in the system.

Lynis is commonly used by the system administrators and security penetration testers to perform audits and assess a system’s security.

Let’s have a look at it in action!

After running the tool on our test machine, we found it displays a number of helpful recommendations in hardening your system. Here is an example below:

Lynis security tool

How Can I Install it?

You can get the tool HERE

In order to install the tool, you need to clone the GitHub repo of the tool.

 git clone https://github.com/CISOfy/lynis

Once the clone is completed you need to execute the following command to run the tool and start its work.

 cd lynis; ./lynis audit system

The stable release of the software is currently available for CentOS, Debian, Fedora, OEL, openSUSE, RHEL, Ubuntu and MacOS.

If you want to add features to this tool and customize it you can follow the guidelines of the Lynis Software Development Kit.

The full documentation of the tool is available HERE

What Bunny rating does it get?

We have decided to give this tool a good bunny rating of 3/5 bunnies
If you would like to learn more about ethical hacking and such techniques, we have an exclusive course with a 90% discount HERE
Get in touch with us via the contact form if you would like us to look at any other GitHub ethical hacking tools.

Related posts

BruteDum- A network attack bruteforce tool

MHDDoS – A DDoS Attack Script With Over 50 Different Methods

A Review of DNS Enumeration Tool: DNSEnum