Lynis: Free Nessus Alternative Tool

Lynis is a security auditing and hardening tool for Linux-based systems. It may be the best alternative for Nessus Professional and other vulnerability/configuration scanning tools. Lynis is pre-installed on Kali Linux. It can be installed on Unix and Linux-based OS such as macOS, OpenBSD, Linux, OpenBSD, NetBSD, HP-UX, AIX, FreeBSD, and other similar operating systems.

Lynisl helps attain compliance with CIS benchmarks, NIST, NSA, OpenSCAP data, and vendor guides and recommendations (e.g., Debian Gentoo, Red Hat).

Download Link: https://github.com/CISOfy/lynis

Download by using Linux Terminal:

git clone https://github.com/CISOfy/lynis

tar xzvf <lynis-tar>
cd lynis
sudo ./lynis -h

Installation

On Ubuntu

sudo apt install lynis

On Red Hat/CentOS

sudo yum install lynis

Help

Run sample scan

#sudo lynis audit system

Compare with Nessus

Nessus is a full-featured vulnerability and compliance scanning tool. This tool is available both in the community edition (free) and the commercial version. Most of the effective features are only available on the commercial version of the tool. This tool scan hosts for services on the network and discovers vulnerabilities. Click Here to know the Top 5 Vulnerability Assessment Tools to Identify Problems in IT Infrastructure.

Benefits of Lynis

• Free
• Open-source
• Fast
• host-based scan (in-depth)
• maintained by a big community
• supports different Linux-based OS
• Less risk of crashing the target host compare to other tools

Conclusion

Lynis is an open-source and effective tool for finding vulnerabilities and configuration-related issues. This tool helps in achieving the security hardening of configuration. I must say to use it once on Unix and Linux-based hosts.