Nix-Auditor alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

100

Alternative: Lynis

Security auditing tool for systems running Linux or Unix-based to perform an in-depth health check.

Lynis is an open source security auditing tool that is available since 2007 and created by Michael Boelen. Its primary goal is to evaluate the security defenses of systems running Linux or other flavors of Unix. It provides suggestions to install, configure, or correct any security measures.

Project details

Lynis is written in shell script.

Strengths

  • + Commercial support available
  • + More than 50 contributors
  • + More than 3000 GitHub stars
  • + Used language is shell script
  • + Very low number of dependencies
  • + Project is mature (5+ years)
  • + The source code of this software is available

Typical usage

  • IT audit
  • penetration test
  • security assessment
  • system hardening

Lynis project page

59

Alternative: Tiger

Tiger a security audit and intrusion detection tool for flavors of Unix

Project details

Tiger is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Weaknesses

  • - No updates for a while

Typical usage

  • intrusion detection
  • IT audit
  • system hardening
  • vulnerability scanning

Tiger project page

67

Alternative: YASAT

YASAT describes itself as another simple stupid audit tool to test Linux systems. It has many tests for checking the security configuration of the system.

The YASAT tool performs a system scan to detect configuration issues and possible improvements for hardening the system.

Project details

YASAT is written in shell script.

Strengths

  • + Used language is shell script

Weaknesses

  • - No updates for a while

Typical usage

  • IT audit
  • security assessment

YASAT project page

56

Alternative: Zeus

Zeus is a security tool to provide security audits on AWS environments. It is written in shell script and can be used for security audits.

Project details

Zeus is written in shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Weaknesses

  • - Unknown project license

Typical usage

  • security assessment
  • self-assessment
  • system hardening

Zeus project page

64

Alternative: JShielder

JShielder is a security tool for Linux systems to make them more secure by adding system hardening measures.

Project details

JShielder is written in Python, shell script.

Strengths

  • + Used language is shell script
  • + The source code of this software is available

Typical usage

  • system hardening

JShielder project page

64

Alternative: LUNAR

LUNAR is a security scanner that runs on a Linux system or other flavors of Unix. It provides insights on what can be done to harden the system.

LUNAR is short for Lockdown UNix Auditing and Reporting and runs on the system itself.

Project details

LUNAR is written in shell script.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • self-assessment
  • system hardening

LUNAR project page

88

Alternative: OpenSCAP

Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines

The OpenSCAP project provides a wide variety of hardening guides, configuration baselines, and tools to test for vulnerabilities and configuration issues. It uses SCAP as the protocol to store the underlying data.

Project details

OpenSCAP is written in C.

Strengths

  • + More than 25 contributors
  • + The source code of this software is available
  • + Supported by a large company

Typical usage

  • security assessment
  • vulnerability scanning

OpenSCAP project page

64

Alternative: seccheck

Seccheck is a security scanner for Linux systems. It is originally written for SuSE Linux by Marc Heuse.

Project details

seccheck is written in shell script.

Strengths

  • + The source code of this software is available

Weaknesses

  • - Project looks outdated (old code or documentation)

Typical usage

  • security assessment
  • system hardening

seccheck project page

78

Alternative: Clair

Clair is an open source container analyzer. It performs static analysis of container images and correlates their contents with public vulnerability databases.

The tool has been created by CoreOS and can scan containers of different formats. It analyzes them and determines available security weaknesses in the container.

Project details

Clair is written in Golang.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • vulnerability scanning

Clair project page

76

Alternative: Docker Bench for Security

Docker Bench for Security is a small security scanner to perform several tests that are part of the Docker CIS benchmark.

Project details

Docker Bench for Security is written in shell script.

Strengths

  • + Screen output is colored
  • + More than 25 contributors
  • + More than 2000 GitHub stars
  • + The source code of this software is available

Typical usage

  • application security
  • security assessment

Docker Bench for Security project page

85

Alternative: Prowler

Prowler is a security tool to perform security audits on AWS configurations. It helps to find configuration flaws and improve system hardening.

Project details

Prowler is written in shell script.

Strengths

  • + The source code of this software is available

Typical usage

  • security assessment
  • system hardening

Prowler project page

84

Alternative: Scout2

Scout2 is a security tool to assess the security of an AWS environment. It can be used for system hardening and IT audits.

Project details

Scout2 is written in Python.

Strengths

  • + More than 10 contributors
  • + More than 500 GitHub stars

Typical usage

  • IT audit
  • security assessment
  • self-assessment
  • system hardening

Scout2 project page