JShielder alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

100

Alternative: Lynis

Security auditing tool for systems running Linux, mac OS, or Unix, to perform an in-depth health check.

Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.

Project details

Lynis is written in shell script.

Strengths

  • + Commercial support available
  • + More than 50 contributors
  • + More than 3000 GitHub stars
  • + Used language is shell script
  • + Very low number of dependencies
  • + Project is mature (5+ years)
  • + The source code of this software is available

Typical usage

  • IT audit
  • penetration test
  • security assessment
  • system hardening

Lynis project page

85

Alternative: Prowler

Prowler is a security tool to perform security audits on AWS configurations. It helps to find configuration flaws and improve system hardening.

Project details

Prowler is written in shell script.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • system hardening

Prowler project page

84

Alternative: Scout2

Scout2 is a security tool to assess the security of an AWS environment. It can be used for system hardening and IT audits.

Project details

Scout2 is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars

Typical usage

  • IT audit
  • security assessment
  • self-assessment
  • system hardening

Scout2 project page

64

Alternative: seccheck

Seccheck is a security scanner for Linux systems. It is originally written for SuSE Linux by Marc Heuse.

Project details

seccheck is written in shell script.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Project looks outdated (old code or documentation)

Typical usage

  • security assessment
  • system hardening

seccheck project page

60

Alternative: sysechk (System Security Checker)

System Security Checker, or sysechk, is a tool to perform a system audit against a set of best practices. It uses a modular approach to test the system.

Project details

sysechk is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Typical usage

  • IT audit
  • system hardening

sysechk project page

74

Alternative: YASAT

YASAT describes itself as another simple stupid audit tool to test Linux systems. It has many tests for checking the security configuration of the system.

The YASAT tool performs a system scan to detect configuration issues and possible improvements for hardening the system.

Project details

YASAT is written in shell script.

Strengths

  • + Used language is shell script

Weaknesses

  • - No updates for a while

Typical usage

  • IT audit
  • security assessment

YASAT project page

64

Alternative: Zeus

Zeus is a security tool to provide security audits on AWS environments. It is written in shell script and can be used for security audits.

Project details

Zeus is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Typical usage

  • security assessment
  • self-assessment
  • system hardening

Zeus project page

64

Alternative: LUNAR

LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.

LUNAR is short for Lockdown UNix Auditing and Reporting and runs on the system itself.

Project details

LUNAR is written in shell script.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • self-assessment
  • system hardening

LUNAR project page

64

Alternative: nixarmor

Nixarmor is a set of shell scripts to harden Linux systems and help with security automation. It configures the system to increase its security level.

Project details

nixarmor is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Weaknesses

  • - Not ready for production usage
  • - No updates for a while
  • - Project looks outdated (old code or documentation)

Typical usage

  • system hardening

nixarmor project page

76

Alternative: Nix-Auditor

Nix-Auditor is a tool to help with scanning Linux systems and test them against CIS benchmarks.

This fairly new tool is written in shell script to scan Linux systems with the focus on security auditing.

Project details

Nix-Auditor is written in shell script.

Strengths

  • + Used language is shell script

Weaknesses

  • - Full name of author is unknown
  • - Unknown project license

Nix-Auditor project page

89

Alternative: OpenSCAP

Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines

The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.

Project details

OpenSCAP is written in C.

Strengths

  • + More than 25 contributors
  • + The source code of this software is available
  • + Supported by a large company

Typical usage

  • security assessment
  • vulnerability scanning

OpenSCAP project page

76

Alternative: Clair

Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases.

The tool has been created by CoreOS and can scan containers of different formats. It analyzes them and determines available security weaknesses in the container.

Project details

Clair is written in Golang.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • vulnerability scanning

Clair project page

68

Alternative: Docker Bench for Security

Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.

Project details

Docker Bench for Security is written in shell script.

Strengths

  • + Screen output is colored
  • + More than 25 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available

Typical usage

  • application security
  • security assessment

Docker Bench for Security project page

59

Alternative: Tiger

Tiger a security audit and intrusion detection tool for flavors of Unix

Project details

Tiger is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Weaknesses

  • - No updates for a while

Typical usage

  • intrusion detection
  • IT audit
  • system hardening
  • vulnerability scanning

Tiger project page