{"id":49349068,"url":"https://github.com/daedalus/linux-security-audit-tool","last_synced_at":"2026-04-27T09:03:58.151Z","repository":{"id":349093221,"uuid":"1200993986","full_name":"daedalus/linux-security-audit-tool","owner":"daedalus","description":"A comprehensive CLI tool for auditing Linux system security posture.","archived":false,"fork":false,"pushed_at":"2026-04-04T06:21:00.000Z","size":39,"stargazers_count":0,"open_issues_count":0,"forks_count":0,"subscribers_count":0,"default_branch":"master","last_synced_at":"2026-04-04T08:12:59.274Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/daedalus.png","metadata":{"files":{"readme":"README.md","changelog":"CHANGELOG.md","contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null,"notice":null,"maintainers":null,"copyright":null,"agents":null,"dco":null,"cla":null}},"created_at":"2026-04-04T04:28:08.000Z","updated_at":"2026-04-04T06:21:03.000Z","dependencies_parsed_at":null,"dependency_job_id":null,"html_url":"https://github.com/daedalus/linux-security-audit-tool","commit_stats":null,"previous_names":["daedalus/linux-security-audit-tool"],"tags_count":1,"template":false,"template_full_name":null,"purl":"pkg:github/daedalus/linux-security-audit-tool","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daedalus%2Flinux-security-audit-tool","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daedalus%2Flinux-security-audit-tool/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daedalus%2Flinux-security-audit-tool/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daedalus%2Flinux-security-audit-tool/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/daedalus","download_url":"https://codeload.github.com/daedalus/linux-security-audit-tool/tar.gz/refs/heads/master","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/daedalus%2Flinux-security-audit-tool/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":286080680,"owners_count":32329467,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2026-04-26T23:26:28.701Z","status":"online","status_checked_at":"2026-04-27T02:00:06.769Z","response_time":128,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2026-04-27T09:03:56.902Z","updated_at":"2026-04-27T09:03:58.138Z","avatar_url":"https://github.com/daedalus.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"# Linux Security Audit Tool\n\nA comprehensive CLI tool for auditing Linux system security posture.\n\nFor all the checks to effectively be done this tool it needs root access.\n\n[![PyPI](https://img.shields.io/pypi/v/linux-security-audit-tool.svg)](https://pypi.org/project/linux-security-audit-tool/)\n[![Python](https://img.shields.io/pypi/pyversions/linux-security-audit-tool.svg)](https://pypi.org/project/linux-security-audit-tool/)\n[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)\n\n## Install\n\n```bash\npython3 -m venv venv\nsource venv/bin/activate\npip install linux-security-audit-tool\n```\n\n## Usage\n\n```bash\nsudo env \"PATH=$PATH\" security-audit --help\nsudo env \"PATH=$PATH\" security-audit audit\nsudo env \"PATH=$PATH\" security-audit audit -p 0 -1           # Run specific phases\nsudo env \"PATH=$PATH\" security-audit audit -o report.md      # Save markdown report\nsudo env \"PATH=$PATH\" security-audit audit --quiet           # Summary only\nsudo env \"PATH=$PATH\" security-audit audit --debug           # Show executed commands\nsudo env \"PATH=$PATH\" security-audit audit --remediate-all   # Generate remediation script for all findings\nsudo env \"PATH=$PATH\" security-audit audit --remediate-only-critical  # Generate remediation script for CRITICAL only\nsudo env \"PATH=$PATH\" security-audit audit --remediate-non-critical   # Generate remediation script for non-CRITICAL\nsudo env \"PATH=$PATH\" security-audit audit --pdf report.pdf  # Generate PDF report\n```\n\n## CLI\n\n```bash\nsecurity-audit [OPTIONS] COMMAND [ARGS]...\n\nOptions:\n  --version  Show the version and exit.\n  --help     Show this message and exit.\n\nCommands:\n  audit    Run a full security audit.\n  version  Show version information.\n```\n\n## Audit Command Options\n\n- `--output`, `-o FILE`            - Output file for markdown report\n- `--phases`, `-p [0-9]`          - Specific phases to run (can be repeated)\n- `--quiet`, `-q`                 - Suppress detailed output\n- `--verbose`, `-v`               - Show descriptions and remediation\n- `--debug`, `-d`                 - Show low-level commands being executed\n- `--remediate-all`, `-r`         - Generate remediation script for all findings\n- `--remediate-only-critical`     - Generate remediation script for CRITICAL findings only\n- `--remediate-non-critical`      - Generate remediation script for non-CRITICAL findings\n- `--remediate-script FILE`       - Save remediation script to file\n- `--pdf FILE`                    - Generate PDF executive report\n- `--cache`                       - Enable caching of check results\n- `--cache-ttl INTEGER`           - Cache TTL in seconds (default: 3600)\n\n## Development\n\n```bash\ngit clone https://github.com/daedalus/linux-security-audit-tool.git\ncd linux-security-audit-tool\npip install -e \".[test]\"\n\n# run tests\npytest\n\n# format\nruff format src/ tests/\n\n# lint\nruff check src/ tests/\n\n# type check\nmypy src/\n```\n\n## API\n\n```python\nfrom security_audit import gather_context, run_identity_checks, calculate_security_score\nfrom security_audit.core import Finding, Severity\n\n# Run a full audit\ncontext = gather_context()\nfindings = run_identity_checks()\nscore = calculate_security_score(findings)\n```\n\n## Audit Phases\n\nThe tool performs security checks across 9 phases:\n\n- **Phase 0**: Context Gathering (hostname, OS, kernel)\n- **Phase 1**: Identity \u0026 Access Control (users, sudo, SSH)\n- **Phase 2**: Network Exposure (listening services, firewall, sysctl)\n- **Phase 3**: File System \u0026 Permissions (SUID, world-writable, cron)\n- **Phase 4**: Process \u0026 Service Posture (services, AppArmor, SELinux, rkhunter)\n- **Phase 5**: Kernel \u0026 OS Hardening (sysctl, ASLR, module blacklist)\n- **Phase 6**: Logging \u0026 Monitoring (auditd, logs, syslog)\n- **Phase 7**: Package \u0026 Update Hygiene (updates, repos)\n- **Phase 8**: Cryptographic Posture (SSH keys, TLS, password hashing)\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaedalus%2Flinux-security-audit-tool","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fdaedalus%2Flinux-security-audit-tool","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fdaedalus%2Flinux-security-audit-tool/lists"}