Rootkit Hunter (RKH) is an easy-to-use tool which checks
computers running UNIX (clones) for the presence of rootkits
and other unwanted tools.
chkrootkit is a tool to locally check for signs of a rootkit. It contains:
Lynis is a security and system auditing tool. It scans a system on the most interesting parts useful for audits, like:
Lynis is released as a GPL licensed project and free for everyone to use.
See https://cisofy.com/lynis/ for a full description and documentation.
sectool is a security tool that can be used both as a security audit
and intrusion detection system. It consists of set of tests, library
and command line interface tool. Tests are sorted into groups and security
levels. Admins can run certain tests, groups or whole security levels.
The library and the tools are implemented in python and tests are
sectool-gui provides a GTK-based graphical user interface to sectool.
RATS scans through code, finding potentially dangerous function calls.
The goal of this tool is not to definitively find bugs (yet). The
current goal is to provide a reasonable starting point for performing
manual security audits.
The initial vulnerability database is taken directly from things that could be easily found when starting with the forthcoming book, “Building Secure Software” by Viega and McGraw.
TIGER, or the “tiger” scripts, is a set of Bourne shell scripts,
C programs and data files which are used to perform a security audit
of UNIX systems. It is designed to hopefully be easy to use, easy to
understand and easy to enhance.