AuditAI is an open-source, Dockerized security auditing tool that runs nine scanner modules (network, services, OS hardening, users, processes, filesystem, kernel, packages, lynis) in parallel against a Linux host, then feeds the combined output to Claude for AI-powered analysis. The result is a prioritized HTML/Markdown report with severity-ranked findings, attack chain analysis, and specific remediation commands. A real scan of the author's Ubuntu 24.04 lab machine returned a CRITICAL risk score (82/100) with 23 HIGH and 34 MEDIUM findings, including an unknown unlocked user 'xplg' (potential backdoor), open iptables with default ACCEPT policies, 174 SUID binaries, SMB exposed on all interfaces, and three CVE-flagged packages. The tool requires only Docker and an Anthropic API key, and a --no-ai flag is available for offline use.
Sort: