This program is still in Alpha phase and is nowhere near complete. It’s purpose is quite simply to be run on a server and let you know if there are any possible security holes in your configuration. It is designed and configured around Debian so will not work properly on Red Hat-based distributions without modifications to the tests.
What can it scan?
How does it work?
Am I secure will open up your configuration files in the order that each program would include them in, for example Apache2 includes them in the following order on Debian-based systems;
it will then run through each this, ignoring commented out config options and show you where things are configured insecurely.
Am I Secure is a tool that helps show possible security holes, but it is just a basic tool.
- Python >2.6
Once downloaded simply run
sudo python amisecure.py
You can fork, modify and create pull requests on GitHub.