A comprehensive Linux security auditing tool for red teamers, pentesters, and security engineers.
HardNix performs 107+ automated security checks across 12 modules and produces a scored, graded report in terminal, JSON, or HTML format. Built for speed, portability, and depth β no dependencies beyond standard Linux tools.
π Live Demo Page β
- 12 security modules covering the entire Linux attack surface
- Scoring system (0β100) with letter grades (A β F)
- Severity levels: CRITICAL / HIGH / MEDIUM / LOW / INFO
- Three output formats: terminal (colored), JSON, HTML (dark theme)
- Zero dependencies β pure Bash, standard Linux tools only
- GTFOBins-aware SUID/capability detection
- Container escape vector detection (Docker, AppArmor, Seccomp)
- Root-aware β gracefully skips checks requiring root when unprivileged
- CI/CD friendly β exit codes, `--no-color`, JSON output
```bash git clone https://github.com/siteq8/hardnix.git cd hardnix chmod +x hardnix.sh ```
```bash
sudo ./hardnix.sh
sudo ./hardnix.sh -m ssh,kernel,users
sudo ./hardnix.sh -v
sudo ./hardnix.sh -f json -o /tmp/reports
sudo ./hardnix.sh -f html
sudo ./hardnix.sh -n | tee audit.txt ```
| Module | Checks | Description |
|---|---|---|
| `kernel` | 15 | ASLR, kptr_restrict, Spectre/Meltdown, NX bit, ptrace scope, eBPF |
| `ssh` | 18 | Root login, PasswordAuth, weak ciphers & MACs, timeouts, AllowUsers |
| `users` | 11 | UID 0 accounts, empty passwords, NOPASSWD sudo, world-writable homes |
| `fs` | 11 | Mount options (noexec/nosuid), world-writable files, /etc/shadow perms |
| `network` | 17 | IP forwarding, SYN cookies, rp_filter, ICMP redirects, firewall |
| `services` | 4 | Telnet, FTP, rsh, xinetd, excessive enabled services |
| `pam` | 4 | Password quality, account lockout, nullok, pam_limits |
| `containers` | 7 | Docker socket, docker group, rootless mode, AppArmor/SELinux, Seccomp |
| `crypto` | 5 | SSLv2/v3, weak TLS ciphers, GRUB password, SSH host key strength |
| `logging` | 5 | auditd rules, syslog daemon, auth log permissions, logrotate |
| `suid` | 5 | SUID/SGID binaries, dangerous capabilities, GTFOBins detection, PwnKit |
| `cron` | 5 | World-writable cron dirs, suspicious root crontabs (wget/curl/nc IOCs) |
HardNix produces a 0β100 score based on failed check severity:
| Severity | Points Deducted |
|---|---|
| CRITICAL | β10 pts |
| HIGH | β5 pts |
| MEDIUM | β2 pts |
| LOW | β1 pt |
| Score | Grade |
|---|---|
| 90β100 | π’ A β Hardened |
| 75β89 | π΅ B β Good |
| 60β74 | π‘ C β Fair |
| 40β59 | π D β Weak |
| 0β39 | π΄ F β Critical Risk |
``` βββ SSH DAEMON βββββββββββββββββββββββββββββββββββββββββββββββββ β [CRITICAL ] [S-001] Root login disabled β³ PermitRootLogin = yes β [HIGH ] [S-002] Password authentication disabled β [HIGH ] [S-014] Weak SSH ciphers configured β³ arcfour,3des-cbc detected
βββ AUDIT SUMMARY ββββββββββββββββββββββββββββββββββββββββββββββ Score : 62 / 100 Grade : C β Fair ```
```json { "meta": { "tool": "HardNix", "version": "1.0.0", "hostname": "prod-server" }, "score": 62, "grade": "C β Fair", "stats": { "total": 107, "passed": 79, "failed": 22, "warnings": 6 }, "findings": [ { "module": "ssh", "id": "S-001", "severity": "CRITICAL", "status": "FAIL", "title": "Root login disabled", "detail": "PermitRootLogin = yes" } ] } ```
A self-contained dark-theme report with severity badges grouped by module, requiring no external dependencies.
For authorized assessments only. Use on systems you own or have explicit written permission to audit. Never run against systems without authorization.
- Open the relevant module in `modules/`
- Call `record_check "" "" "" "" "<title>" ""`
- Submit a PR describing the check and why it matters
MIT β see LICENSE