Updated : 2026-03-27
Local OS security hardening scanner. All checks
run against the local filesystem and system tools.
For remote network vulnerability scanning, see
ObjSecurityAudit.py.
ObjMonitor (orchestrator)
├─ ObjSecurityLocal (LOCAL checks)
│ ├─ scan_fail2ban()
│ ├─ scan_ssh_keys()
│ ├─ scan_world_writable()
│ ├─ scan_sshd_config()
│ ├─ scan_unattended_upgrades()
│ ├─ scan_network_connections()
│ ├─ scan_open_fds()
│ ├─ scan_swap_pressure()
│ └─ scan_log_anomalies()
└─ ObjSecurityAudit (REMOTE checks)
├─ audit_ports()
├─ audit_ssl()
├─ audit_http_headers()
├─ audit_ssh()
├─ audit_dns()
└─ audit_mysql_exposure()
| Method | What | Severity |
|---|---|---|
scan_fail2ban() |
Active IP bans per jail | HIGH (5+), MEDIUM |
scan_ssh_keys() |
Bad permissions, excessive keys | HIGH, MEDIUM |
scan_world_writable() |
Files in /etc, /usr/bin, etc. | HIGH |
scan_sshd_config() |
Root login, password auth | CRITICAL, MEDIUM |
scan_unattended_upgrades() |
Auto-patches not installed | MEDIUM |
| Method | What | Alerts |
|---|---|---|
scan_network_connections() |
Connection state counts | CLOSE_WAIT >50, TIME_WAIT >500 |
scan_open_fds() |
FD usage system-wide + top processes | >80% usage |
scan_swap_pressure() |
Swap usage + page in/out | >50% or high swap-out |
scan_log_anomalies() |
Syslog: OOM, panics, segfaults, I/O errors | CRITICAL/HIGH by type |
from ObjSecurityLocal import ObjSecurityLocal
scanner = ObjSecurityLocal(debug_fn=print)
findings = scanner.scan_all() # hardening checks
net = scanner.scan_network_connections()
fds = scanner.scan_open_fds()
swap = scanner.scan_swap_pressure()
anomalies = scanner.scan_log_anomalies()
ObjSecurityAudit.py — remote network scanningObjRateLimit.py — authentication brute-force protectionObjMonitor.py — orchestrates both local + remoteUpdated : 2026-03-27