Linux security scanners

Tools

LUNAR (system security scanner)

security assessment, self-assessment, system hardening

LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.

Lynis (security scanner and compliance auditing tool)

IT audit, penetration testing, security assessment, system hardening, vulnerability scanning

Lynis can detect vulnerabilities and configuration flaws. Where a typical vulnerability scanner will just point out vulnerabilities, Lynis aims for continuous improvement. For this reason, it requires to be executed on the host system itself and providing more details than the average vulnerability scanner.

YASAT (local security scanner)

configuration audit, IT audit, security assessment

The YASAT tool performs a system scan to detect configuration issues and possible improvements for hardening the system. Typically you would use this on new and existing systems.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.