Lynis: Free Nessus Alternative Tool

Lynis is a security auditing and hardening tool for Linux-based systems. It may be the best alternative for Nessus Professional and other vulnerability/configuration scanning tools. Lynis is pre-installed on Kali Linux. It can be installed on Unix and Linux-based OS such as macOS, OpenBSD, Linux, OpenBSD, NetBSD, HP-UX, AIX, FreeBSD, and other similar operating systems.

Lynisl helps attain compliance with CIS benchmarks, NIST, NSA, OpenSCAP data, and vendor guides and recommendations (e.g., Debian Gentoo, Red Hat).

Download Link: https://github.com/CISOfy/lynis

Download by using Linux Terminal:

git clone https://github.com/CISOfy/lynis

tar xzvf <lynis-tar>
cd lynis
sudo ./lynis -h

Installation

On Ubuntu

sudo apt install lynis

On Red Hat/CentOS

sudo yum install lynis

Help

Run sample scan

#sudo lynis audit system

Compare with Nessus

Nessus is a full-featured vulnerability and compliance scanning tool. This tool is available both in the community edition (free) and the commercial version. Most of the effective features are only available on the commercial version of the tool. This tool scan hosts for services on the network and discovers vulnerabilities. Click Here to know the Top 5 Vulnerability Assessment Tools to Identify Problems in IT Infrastructure.

Benefits of Lynis

  • Free
  • Open-source
  • Fast
  • host-based scan (in-depth)
  • maintained by a big community
  • supports different Linux-based OS
  • Less risk of crashing the target host compare to other tools

Conclusion

Lynis is an open-source and effective tool for finding vulnerabilities and configuration-related issues. This tool helps in achieving the security hardening of configuration. I must say to use it once on Unix and Linux-based hosts.

Subscribe us to receive more such articles updates in your email.

If you have any questions, feel free to ask in the comments section below. Nothing gives me greater joy than helping my readers!

Disclaimer: This tutorial is for educational purpose only. Individual is solely responsible for any illegal act.

You may also like...

Leave a Reply

Your email address will not be published. Required fields are marked *

10 Blockchain Security Vulnerabilities OWASP API Top 10 - 2023 7 Facts You Should Know About WormGPT OWASP Top 10 for Large Language Models (LLMs) Applications Top 10 Blockchain Security Issues