LSE top 10LSE top 10Lynis (10)Lynis (10)

Tool and Usage

Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.

Screenshot for Lynis tool review


Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.

Why this tool?

Lynis can detect vulnerabilities and configuration flaws. Where a typical vulnerability scanner will just point out vulnerabilities, Lynis aims for continuous improvement. For this reason, it requires to be executed on the host system itself and providing more details than the average vulnerability scanner.

How it works

Lynis starts with an initialization phase in where it detects the operating system. After that part is finished, the discovery of binaries and tools is done. This collecting of tools is the base for the scanning engine, that performs hundreds of individual tests. Every system will have a different set of performed tests. After completing the scan, a report with findings and suggestions is displayed.

Background information

The tool is typically used by system administrators, security professionals, and auditors. Occasionally a pentester will also use it during a security assignment to discover vulnerabilities or find possible flaws in the system to exploit.

Lynis was originally written by Michael to automate security scans of systems he managed for his employer at the time. He devoted his spare time to replace printed hardening guides at his desk with the tool. In 2013, Michael went to full-time development on Lynis and the commercial Lynis Enterprise version.

Usage and audience

Lynis is commonly used for IT audit, penetration testing, security assessment, or system hardening. Target users for this tool are auditors, pentesters, security professionals, and system administrators.


  • Lynis is written in shell script
  • Command line interface
  • Customization and additions are possible
  • Extendable with custom tests and plugins
  • Installation of tool is optional
  • Tool is modular

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:


  • + Commercial support available
  • + More than 50 contributors
  • + More than 4000 GitHub stars
  • + Used language is shell script
  • + Very low number of dependencies
  • + Project is mature (5+ years)
  • + The source code of this software is available

History and highlights

  • Demo at Black Hat Europe 2014 Arsenal
  • Demo at Black Hat USA 2015 Arsenal
  • Demoed at Black Hat Europe 2015
  • Demoed at Black Hat Europe 2016
  • First Lynis release in 2007 (November)

Author and Maintainers

Lynis is under development by Michael Boelen and maintained by CISOfy.


Supported operating systems

Lynis is known to work on AIX, FreeBSD, Linux, macOS, NetBSD, OpenBSD, and Solaris.

Installation options

To use Lynis, install it via the following option below.

Lynis installation via apt

Lynis installation via Git clone

After installation, check the version number of the program and compare it with the one on this page. Be aware of versions that are outdated, as they may contain bugs or even security vulnerabilities.

Lynis alternatives

Similar tools to Lynis:



JShielder is a security tool for Linux systems to make them more secure by adding system hardening measures.



YASAT describes itself as another simple stupid audit tool to test Linux systems. It has many tests for checking the security configuration of the system.



Nix-Auditor is a tool to help with scanning Linux systems and test them against CIS benchmarks.

See all alternatives tools for Lynis »

This tool page was recently updated. Found an improvement? Become an influencer and submit an update.
Project details
Latest release2.6.3 [2018-03-07]
Last updatedApril 20, 2018

Project health

This score is calculated by different factors, like project age, last release date, etc.


 Lynis website
GitHub iconLynis GitHub project page
Twitter icon@cisofy_is

Compare Lynis with other tools

Related terms