Cybersecurity-Projects/PROJECTS/beginner/linux-cis-hardening-auditor
CarterPerez-dev 0006ddad3d cracked 2026-05-23 05:01:01 -04:00
..
assets chore: add demos for projects, update haskell-reverse-proxy modules, refresh siem assets 2026-04-26 23:12:48 -04:00
learn project linux-cis-hardening-auditor complete 2026-03-30 15:50:06 -04:00
src cracked 2026-05-23 05:01:01 -04:00
testdata project linux-cis-hardening-auditor complete 2026-03-30 15:50:06 -04:00
tests cracked 2026-05-23 05:01:01 -04:00
.gitignore project linux-cis-hardening-auditor complete 2026-03-30 15:50:06 -04:00
.shellcheckrc cracked 2026-05-23 05:01:01 -04:00
DEMO.md Update DEMO.md 2026-04-28 18:03:08 -04:00
Justfile project linux-cis-hardening-auditor complete 2026-03-30 15:50:06 -04:00
LICENSE project linux-cis-hardening-auditor complete 2026-03-30 15:50:06 -04:00
README.md Update README.md 2026-03-30 16:03:21 -04:00
install.sh project linux-cis-hardening-auditor complete 2026-03-30 15:50:06 -04:00

README.md

 ██████╗██╗███████╗ █████╗ ██╗   ██╗██████╗ ██╗████████╗
██╔════╝██║██╔════╝██╔══██╗██║   ██║██╔══██╗██║╚══██╔══╝
██║     ██║███████╗███████║██║   ██║██║  ██║██║   ██║
██║     ██║╚════██║██╔══██║██║   ██║██║  ██║██║   ██║
╚██████╗██║███████║██║  ██║╚██████╔╝██████╔╝██║   ██║
 ╚═════╝╚═╝╚══════╝╚═╝  ╚═╝ ╚═════╝ ╚═════╝ ╚═╝   ╚═╝

Cybersecurity Projects Bash License: AGPLv3

CIS Benchmark compliance auditor for Linux systems with scored reporting, baseline comparison, and remediation guidance.

This is a quick overview — security theory, architecture, and full walkthroughs are in the learn modules.

What It Does

  • Audit Linux systems against 104 CIS Benchmark controls (Debian/Ubuntu)
  • Check filesystem hardening, services, network parameters, logging, SSH, and user accounts
  • Generate scored compliance reports in terminal, JSON, or HTML format
  • Compare results against a saved baseline to detect regressions and improvements
  • Provide specific remediation commands for every failed control
  • Support Level 1 and Level 2 benchmark profiles
  • Run in test mode against mock fixtures without root access

Quick Start

./install.sh
sudo cisaudit

[!TIP] This project uses just as a command runner. Type just to see all available commands.

Install: curl -sSf https://just.systems/install.sh | bash -s -- --to ~/.local/bin

Commands

Command Description
sudo cisaudit Run full audit with terminal output
sudo cisaudit -l 1 Audit Level 1 controls only
sudo cisaudit -f json -o report.json Generate JSON report
sudo cisaudit -f html -o report.html Generate HTML report
sudo cisaudit -c 5 Audit only Section 5 (Access/Auth)
cisaudit --list-controls List all 104 registered controls
sudo cisaudit -s baseline.json Save current results as baseline
sudo cisaudit -b baseline.json Compare against a previous baseline
cisaudit -t testdata/fixtures Run against test fixtures (no root needed)

Options

Flag Default Description
-l, --level all Benchmark level: 1, 2, or all
-f, --format terminal Output format: terminal, json, html
-o, --output stdout Write report to file
-c, --categories all Categories to audit: 1,2,3,4,5,6
-t, --test-root / System root for testing
--threshold 0 Minimum pass % to exit 0
-q, --quiet off Suppress progress output

CIS Benchmark Sections

# Section Controls
1 Initial Setup 20
2 Services 18
3 Network Configuration 20
4 Logging and Auditing 18
5 Access, Authentication and Authorization 18
6 System Maintenance 10
Total 104

Examples

sudo cisaudit -l 1 -f json -o report.json

sudo cisaudit -c 3,5 -f terminal

sudo cisaudit -s baselines/march.json
sudo cisaudit -b baselines/march.json

cisaudit -t testdata/fixtures -f json | python3 -m json.tool

Learn

This project includes step-by-step learning materials covering security theory, architecture, and implementation.

Module Topic
00 - Overview Prerequisites and quick start
01 - Concepts CIS benchmarks, real breaches, and compliance frameworks
02 - Architecture System design, module layout, and data flow
03 - Implementation Code walkthrough with file references
04 - Challenges Extension ideas and exercises

License

AGPL 3.0