linux-security-audit-tool 0.1.0__tar.gz

linux_security_audit_tool-0.1.0/.gitignore

@@ -0,0 +1,26 @@
+__pycache__/
+*.py[cod]
+*.egg-info/
+dist/
+build/
+.eggs/
+*.egg
+.env
+.venv
+venv/
+env/
+*.pyc
+*.pyo
+.pytest_cache/
+.ruff_cache/
+.mypy_cache/
+htmlcov/
+.coverage
+.coverage.*
+*.log
+.DS_Store
+.idea/
+.vscode/
+*.swp
+*.swo
+.hypothesis/

linux_security_audit_tool-0.1.0/LICENSE

@@ -0,0 +1,21 @@
+MIT License
+
+Copyright (c) 2026 Dario Clavijo
+
+Permission is hereby granted, free of charge, to any person obtaining a copy
+of this software and associated documentation files (the "Software"), to deal
+in the Software without restriction, including without limitation the rights
+to use, copy, modify, merge, publish, distribute, sublicense, and/or sell
+copies of the Software, and to permit persons to whom the Software is
+furnished to do so, subject to the following conditions:
+
+The above copyright notice and this permission notice shall be included in all
+copies or substantial portions of the Software.
+
+THE SOFTWARE IS PROVIDED "AS IS", WITHOUT WARRANTY OF ANY KIND, EXPRESS OR
+IMPLIED, INCLUDING BUT NOT LIMITED TO THE WARRANTIES OF MERCHANTABILITY,
+FITNESS FOR A PARTICULAR PURPOSE AND NONINFRINGEMENT. IN NO EVENT SHALL THE
+AUTHORS OR COPYRIGHT HOLDERS BE LIABLE FOR ANY CLAIM, DAMAGES OR OTHER
+LIABILITY, WHETHER IN AN ACTION OF CONTRACT, TORT OR OTHERWISE, ARISING FROM,
+OUT OF OR IN CONNECTION WITH THE SOFTWARE OR THE USE OR OTHER DEALINGS IN THE
+SOFTWARE.

linux_security_audit_tool-0.1.0/PKG-INFO

@@ -0,0 +1,125 @@
+Metadata-Version: 2.4
+Name: linux-security-audit-tool
+Version: 0.1.0
+Summary: Comprehensive Linux security auditing and hardening tool
+Project-URL: Homepage, https://github.com/daedalus/linux-security-audit-tool
+Project-URL: Repository, https://github.com/daedalus/linux-security-audit-tool
+Project-URL: Issues, https://github.com/daedalus/linux-security-audit-tool/issues
+Author-email: Dario Clavijo <clavijodario@gmail.com>
+License: MIT
+License-File: LICENSE
+Requires-Python: >=3.11
+Requires-Dist: jinja2>=3.0.0
+Requires-Dist: tabulate>=0.9.0
+Provides-Extra: all
+Requires-Dist: click>=8.0; extra == 'all'
+Requires-Dist: hatch; extra == 'all'
+Requires-Dist: hypothesis; extra == 'all'
+Requires-Dist: mypy; extra == 'all'
+Requires-Dist: pytest; extra == 'all'
+Requires-Dist: pytest-asyncio; extra == 'all'
+Requires-Dist: pytest-cov; extra == 'all'
+Requires-Dist: pytest-mock; extra == 'all'
+Requires-Dist: rich>=13.0; extra == 'all'
+Requires-Dist: ruff; extra == 'all'
+Provides-Extra: cli
+Requires-Dist: click>=8.0; extra == 'cli'
+Requires-Dist: rich>=13.0; extra == 'cli'
+Provides-Extra: dev
+Requires-Dist: hatch; extra == 'dev'
+Requires-Dist: mypy; extra == 'dev'
+Requires-Dist: ruff; extra == 'dev'
+Provides-Extra: lint
+Requires-Dist: mypy; extra == 'lint'
+Requires-Dist: ruff; extra == 'lint'
+Provides-Extra: test
+Requires-Dist: hypothesis; extra == 'test'
+Requires-Dist: pytest; extra == 'test'
+Requires-Dist: pytest-asyncio; extra == 'test'
+Requires-Dist: pytest-cov; extra == 'test'
+Requires-Dist: pytest-mock; extra == 'test'
+Description-Content-Type: text/markdown
+
+# Linux Security Audit Tool
+
+A comprehensive CLI tool for auditing Linux system security posture.
+
+[![PyPI](https://img.shields.io/pypi/v/linux-security-audit-tool.svg)](https://pypi.org/project/linux-security-audit-tool/)
+[![Python](https://img.shields.io/pypi/pyversions/linux-security-audit-tool.svg)](https://pypi.org/project/linux-security-audit-tool/)
+[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+
+## Install
+
+```bash
+pip install linux-security-audit-tool
+```
+
+## Usage
+
+```bash
+security-audit --help
+security-audit audit
+security-audit audit -p 0 -1         # Run specific phases
+security-audit audit -o report.md     # Save markdown report
+security-audit audit --quiet          # Summary only
+```
+
+## CLI
+
+```bash
+security-audit [OPTIONS] COMMAND [ARGS]...
+
+Options:
+  --version  Show the version and exit.
+  --help     Show this message and exit.
+
+Commands:
+  audit    Run a full security audit.
+  version  Show version information.
+```
+
+## Development
+
+```bash
+git clone https://github.com/daedalus/linux-security-audit-tool.git
+cd linux-security-audit-tool
+pip install -e ".[test]"
+
+# run tests
+pytest
+
+# format
+ruff format src/ tests/
+
+# lint
+ruff check src/ tests/
+
+# type check
+mypy src/
+```
+
+## API
+
+```python
+from security_audit import gather_context, run_identity_checks, calculate_security_score
+from security_audit.core import Finding, Severity
+
+# Run a full audit
+context = gather_context()
+findings = run_identity_checks()
+score = calculate_security_score(findings)
+```
+
+## Audit Phases
+
+The tool performs security checks across 9 phases:
+
+- **Phase 0**: Context Gathering (hostname, OS, kernel)
+- **Phase 1**: Identity & Access Control (users, sudo, SSH)
+- **Phase 2**: Network Exposure (listening services, firewall)
+- **Phase 3**: File System & Permissions (SUID, world-writable)
+- **Phase 4**: Process & Service Posture (running services)
+- **Phase 5**: Kernel & OS Hardening (sysctl, ASLR)
+- **Phase 6**: Logging & Monitoring (auditd, logs)
+- **Phase 7**: Package & Update Hygiene (updates, repos)
+- **Phase 8**: Cryptographic Posture (SSH keys, TLS)

linux_security_audit_tool-0.1.0/README.md

@@ -0,0 +1,83 @@
+# Linux Security Audit Tool
+
+A comprehensive CLI tool for auditing Linux system security posture.
+
+[![PyPI](https://img.shields.io/pypi/v/linux-security-audit-tool.svg)](https://pypi.org/project/linux-security-audit-tool/)
+[![Python](https://img.shields.io/pypi/pyversions/linux-security-audit-tool.svg)](https://pypi.org/project/linux-security-audit-tool/)
+[![Ruff](https://img.shields.io/endpoint?url=https://raw.githubusercontent.com/astral-sh/ruff/main/assets/badge/v2.json)](https://github.com/astral-sh/ruff)
+
+## Install
+
+```bash
+pip install linux-security-audit-tool
+```
+
+## Usage
+
+```bash
+security-audit --help
+security-audit audit
+security-audit audit -p 0 -1         # Run specific phases
+security-audit audit -o report.md     # Save markdown report
+security-audit audit --quiet          # Summary only
+```
+
+## CLI
+
+```bash
+security-audit [OPTIONS] COMMAND [ARGS]...
+
+Options:
+  --version  Show the version and exit.
+  --help     Show this message and exit.
+
+Commands:
+  audit    Run a full security audit.
+  version  Show version information.
+```
+
+## Development
+
+```bash
+git clone https://github.com/daedalus/linux-security-audit-tool.git
+cd linux-security-audit-tool
+pip install -e ".[test]"
+
+# run tests
+pytest
+
+# format
+ruff format src/ tests/
+
+# lint
+ruff check src/ tests/
+
+# type check
+mypy src/
+```
+
+## API
+
+```python
+from security_audit import gather_context, run_identity_checks, calculate_security_score
+from security_audit.core import Finding, Severity
+
+# Run a full audit
+context = gather_context()
+findings = run_identity_checks()
+score = calculate_security_score(findings)
+```
+
+## Audit Phases
+
+The tool performs security checks across 9 phases:
+
+- **Phase 0**: Context Gathering (hostname, OS, kernel)
+- **Phase 1**: Identity & Access Control (users, sudo, SSH)
+- **Phase 2**: Network Exposure (listening services, firewall)
+- **Phase 3**: File System & Permissions (SUID, world-writable)
+- **Phase 4**: Process & Service Posture (running services)
+- **Phase 5**: Kernel & OS Hardening (sysctl, ASLR)
+- **Phase 6**: Logging & Monitoring (auditd, logs)
+- **Phase 7**: Package & Update Hygiene (updates, repos)
+- **Phase 8**: Cryptographic Posture (SSH keys, TLS)

linux_security_audit_tool-0.1.0/pyproject.toml

@@ -0,0 +1,84 @@
+[build-system]
+requires = ["hatchling"]
+build-backend = "hatchling.build"
+
+[project]
+name = "linux-security-audit-tool"
+version = "0.1.0"
+description = "Comprehensive Linux security auditing and hardening tool"
+readme = "README.md"
+requires-python = ">=3.11"
+license = {text = "MIT"}
+authors = [{name = "Dario Clavijo", email = "clavijodario@gmail.com"}]
+dependencies = ["jinja2>=3.0.0", "tabulate>=0.9.0"]
+
+[project.optional-dependencies]
+cli = ["click>=8.0", "rich>=13.0"]
+dev = [
+    "ruff",
+    "mypy",
+    "hatch",
+]
+test = [
+    "pytest",
+    "pytest-cov",
+    "pytest-mock",
+    "pytest-asyncio",
+    "hypothesis",
+]
+lint = ["ruff", "mypy"]
+all = ["linux-security-audit-tool[cli,dev,test,lint]"]
+
+[project.scripts]
+security-audit = "security_audit.cli:main"
+
+[project.urls]
+Homepage = "https://github.com/daedalus/linux-security-audit-tool"
+Repository = "https://github.com/daedalus/linux-security-audit-tool"
+Issues = "https://github.com/daedalus/linux-security-audit-tool/issues"
+
+[tool.hatch.build.targets.wheel]
+packages = ["src/security_audit"]
+
+[tool.hatch.build.targets.sdist]
+include = ["src/security_audit"]
+
+[tool.ruff]
+line-length = 88
+target-version = "py311"
+
+[tool.ruff.lint]
+select = ["E", "F", "W", "I", "UP", "ANN", "TCH", "N", "C4", "ARG"]
+ignore = ["E501"]
+
+[tool.ruff.lint.per-file-ignores]
+"__init__.py" = ["F401"]
+
+[tool.ruff.lint.pydocstyle]
+convention = "google"
+
+[tool.mypy]
+python_version = "3.11"
+strict = true
+warn_return_any = true
+warn_unused_ignores = true
+
+[tool.pytest.ini_options]
+testpaths = ["tests"]
+addopts = "-v --tb=short --cov=src"
+filterwarnings = ["ignore::DeprecationWarning"]
+
+[tool.coverage.run]
+source = ["src"]
+branch = true
+
+[tool.coverage.report]
+exclude = ["tests/*", "*/__init__.py"]
+exclude_lines = [
+    "pragma: no cover",
+    "def __repr__",
+    "raise AssertionError",
+    "raise NotImplementedError",
+    "if __name__ == .__main__.:",
+    "if TYPE_CHECKING:",
+]

linux_security_audit_tool-0.1.0/src/security_audit/__init__.py

@@ -0,0 +1,49 @@
+"""Linux Security Audit Tool - Comprehensive security auditing and hardening."""
+
+__version__ = "0.1.0"
+
+from typing import TYPE_CHECKING
+
+from .core import AuditContext, Finding, Severity
+from .phases import (
+    calculate_security_score,
+    classify_severity,
+    gather_context,
+    generate_markdown_report,
+    generate_remediation_script,
+    get_system_info,
+    run_crypto_checks,
+    run_filesystem_checks,
+    run_identity_checks,
+    run_kernel_checks,
+    run_logging_checks,
+    run_network_checks,
+    run_package_checks,
+    run_process_checks,
+    run_reporting,
+)
+
+if TYPE_CHECKING:
+    from .cli import cli
+
+__all__ = [
+    "__version__",
+    "AuditContext",
+    "Finding",
+    "Severity",
+    "calculate_security_score",
+    "classify_severity",
+    "gather_context",
+    "generate_markdown_report",
+    "generate_remediation_script",
+    "get_system_info",
+    "run_crypto_checks",
+    "run_filesystem_checks",
+    "run_identity_checks",
+    "run_kernel_checks",
+    "run_logging_checks",
+    "run_network_checks",
+    "run_package_checks",
+    "run_process_checks",
+    "run_reporting",
+]

linux_security_audit_tool-0.1.0/src/security_audit/__main__.py

@@ -0,0 +1,6 @@
+"""CLI entry point for the security audit tool."""
+
+from security_audit.cli import main
+
+if __name__ == "__main__":
+    raise SystemExit(main())

linux_security_audit_tool-0.1.0/src/security_audit/cli/__init__.py

@@ -0,0 +1,241 @@
+"""Command-line interface for the Linux Security Audit Tool."""
+
+import sys
+from typing import Optional
+
+import click
+from rich import print as rprint
+from rich.console import Console
+from rich.progress import Progress, SpinnerColumn, TextColumn
+
+from security_audit.core import Finding, Severity
+from security_audit.phases import (
+    calculate_security_score,
+    gather_context,
+    generate_markdown_report,
+    run_crypto_checks,
+    run_filesystem_checks,
+    run_identity_checks,
+    run_kernel_checks,
+    run_logging_checks,
+    run_network_checks,
+    run_package_checks,
+    run_process_checks,
+)
+
+console = Console()
+
+
+def print_finding(finding: Finding) -> None:
+    """Print a single finding with severity color.
+
+    Args:
+        finding: The Finding object to print.
+    """
+    colors = {
+        Severity.CRITICAL: "red bold",
+        Severity.HIGH: "red",
+        Severity.MEDIUM: "yellow",
+        Severity.LOW: "cyan",
+        Severity.INFO: "blue",
+    }
+    color = colors.get(finding.severity, "white")
+    rprint(
+        f"[{color}]{finding.severity.value}[/{color}] [{color}]{finding.check_id}[/{color}]: {finding.title}"
+    )
+
+
+def print_summary(findings: list[Finding]) -> None:
+    """Print a summary table of findings.
+
+    Args:
+        findings: List of Finding objects.
+    """
+    from rich.table import Table
+
+    counts = {
+        Severity.CRITICAL: 0,
+        Severity.HIGH: 0,
+        Severity.MEDIUM: 0,
+        Severity.LOW: 0,
+        Severity.INFO: 0,
+    }
+    for f in findings:
+        counts[f.severity] += 1
+
+    table = Table(title="Audit Summary")
+    table.add_column("Severity", style="bold")
+    table.add_column("Count", justify="right")
+
+    table.add_row("[red bold]CRITICAL[/red bold]", str(counts[Severity.CRITICAL]))
+    table.add_row("[red]HIGH[/red]", str(counts[Severity.HIGH]))
+    table.add_row("[yellow]MEDIUM[/yellow]", str(counts[Severity.MEDIUM]))
+    table.add_row("[cyan]LOW[/cyan]", str(counts[Severity.LOW]))
+    table.add_row("[blue]INFO[/blue]", str(counts[Severity.INFO]))
+
+    console.print(table)
+
+
+@click.group()
+@click.version_option(version="0.1.0")
+def cli() -> None:
+    """Linux Security Audit Tool - Comprehensive security auditing and hardening."""
+    pass
+
+
+@cli.command()
+@click.option(
+    "--output",
+    "-o",
+    type=click.Path(),
+    default=None,
+    help="Output file for report",
+)
+@click.option(
+    "--phases",
+    "-p",
+    multiple=True,
+    help="Specific phases to run (0-9)",
+)
+@click.option(
+    "--quiet",
+    "-q",
+    is_flag=True,
+    help="Suppress detailed output",
+)
+def audit(
+    output: str | None,
+    phases: tuple,
+    quiet: bool,
+) -> None:
+    """Run a full security audit."""
+    console.print("[bold blue]Linux Security Audit Tool v0.1.0[/bold blue]")
+    console.print()
+
+    all_findings = []
+    context = None
+
+    selected_phases = list(range(10)) if not phases else [int(p) for p in phases]
+
+    with Progress(
+        SpinnerColumn(),
+        TextColumn("[progress.description]{task.description}"),
+        console=console,
+    ) as progress:
+        if 0 in selected_phases:
+            task = progress.add_task("Gathering context...", total=None)
+            context = gather_context()
+            if not quiet:
+                console.print(f"  Hostname: {context.hostname}")
+                console.print(f"  Kernel: {context.kernel}")
+            progress.update(task, completed=True)
+
+        if 1 in selected_phases:
+            task = progress.add_task(
+                "Checking identity & access control...", total=None
+            )
+            findings = run_identity_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 2 in selected_phases:
+            task = progress.add_task("Checking network exposure...", total=None)
+            findings = run_network_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 3 in selected_phases:
+            task = progress.add_task(
+                "Checking file system & permissions...", total=None
+            )
+            findings = run_filesystem_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 4 in selected_phases:
+            task = progress.add_task(
+                "Checking process & service posture...", total=None
+            )
+            findings = run_process_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 5 in selected_phases:
+            task = progress.add_task("Checking kernel & OS hardening...", total=None)
+            findings = run_kernel_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 6 in selected_phases:
+            task = progress.add_task("Checking logging & monitoring...", total=None)
+            findings = run_logging_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 7 in selected_phases:
+            task = progress.add_task("Checking package hygiene...", total=None)
+            findings = run_package_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 8 in selected_phases:
+            task = progress.add_task("Checking cryptographic posture...", total=None)
+            findings = run_crypto_checks()
+            all_findings.extend(findings)
+            if not quiet:
+                for f in findings:
+                    print_finding(f)
+            progress.update(task, completed=True)
+
+        if 9 in selected_phases:
+            task = progress.add_task("Generating report...", total=None)
+            if context is None:
+                context = gather_context()
+            score = calculate_security_score(all_findings)
+            console.print(f"\n[bold]Security Score: {score}/100[/bold]")
+            progress.update(task, completed=True)
+
+    console.print()
+    print_summary(all_findings)
+
+    if output:
+        report = generate_markdown_report(context, all_findings)
+        with open(output, "w", encoding="utf-8") as f:
+            f.write(report)
+        console.print(f"\n[green]Report saved to {output}[/green]")
+
+
+@cli.command()
+def version() -> None:
+    """Show version information."""
+    console.print("Linux Security Audit Tool v0.1.0")
+
+
+def main() -> int:
+    """Main entry point for the CLI."""
+    return cli()
+
+
+if __name__ == "__main__":
+    raise SystemExit(main())