Merge branch 'master' into issue1376

2025-07-28 08:14:10 +02:00 · 2024-05-14 11:50:07 +02:00 · 2024-05-14 11:50:07 +02:00 · 240c2b1db4
commit 240c2b1db4
parent fe0b40c98d b84ba04f7c
66 changed files with 725 additions and 275 deletions
--- a/.gitignore
+++ b/.gitignore
@ -1,4 +1,5 @@
 .bzr
 .bzrignore
 .DS_Store
 custom.prf
 *.swp
--- a/CHANGELOG.md
+++ b/CHANGELOG.md
@ -1,10 +1,57 @@
 # Lynis Changelog
-## Lynis 3.0.9 (not released yet)
+## Lynis 3.1.2 (not released yet)
 ### Added
 - Detection of Athena OS
 - Detection of Open Source Media Center (OSMC)
 ### Changed
- DBS-1820 - added newer style format for Mongo authorization setting
+- Correction of software EOL database and inclusion of AIX entries
- Extra check to verify if nanoseconds are supported by the date command
+- DBS-1826 - PostgreSQL detection improved for AlmaLinux, Rocky Linux, and FreeBSD
 ---------------------------------------------------------------------------------
 ## Lynis 3.1.1 (2024-03-17)
 ### Added
 - Detection of ArcoLinux
 ### Changed
 - DBS-1882 - Redis configuration file path added for FreeBSD (/usr/local/etc/redis.conf)
 - DBS-1882 - Check /snap directory location for Redis configuration file
 ---------------------------------------------------------------------------------
 ## Lynis 3.1.0 (2024-03-11)
 ### Added
 - Translation: Indonesian
 ### Changed
 - MALW-3280 - Correction to detect com.avast.daemon
 - OS detection added for Guix System, macOS Ventura (13.x)/Sonoma (14.x), NXP LSDK, OpenEmbedded "nodistro", and The Yocto Projects distro "Poky"
 - Updated Amazon Linux EOL dates and addition of Amazon Linux 2023
 - STATUS_NOT_ACTIVE variable added to translation files
 - End-of-life dates updated
 - Fixing missing or erroneous test number comments
 - Detection of SentinelOne corrected
 - Wazuh for file integrity and tooling
 - Updated parsing output of arch-audit
 - Added support for SentinelOne detection
 - Replacing deprecated option -i for xargs
 - Path detection for PostgreSQL improved
 ---------------------------------------------------------------------------------
 ## Lynis 3.0.9 (2023-08-03)
 ### Changed
 - DBS-1820 - Added newer style format for Mongo authorization setting
 - FILE-6410 - Locations added for plocate
 - SSH-7408 - Only test Compression if sshd version < 7.4
 - Improved fetching timestamp
 - Minor changes such as typos
 ---------------------------------------------------------------------------------
--- a/db/languages/az
+++ b/db/languages/az
@ -82,6 +82,7 @@ STATUS_FOUND="Tapıldı"
 #STATUS_MEDIUM="MEDIUM"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="Yox"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/cn
+++ b/db/languages/cn
@ -83,6 +83,7 @@ STATUS_FOUND="找到"
 #STATUS_MEDIUM="MEDIUM"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="没有"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/da
+++ b/db/languages/da
@ -83,6 +83,7 @@ STATUS_FOUND="FUNDET"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="INGEN"
 STATUS_NO="NEJ"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 STATUS_NOT_ENABLED="IKKE AKTIVERET"
--- a/db/languages/de
+++ b/db/languages/de
@ -84,6 +84,7 @@ STATUS_NO="NEIN"
 STATUS_NO_UPDATE="KEINE AKTUALISIERUNG"
 STATUS_NON_DEFAULT="NICHT STANDARD"
 STATUS_NONE="NICHTS"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="NICHT KONFIGURIERT"
 STATUS_NOT_DISABLED="NICHT DEAKTIVIERT"
 STATUS_NOT_ENABLED="NICHT AKTIVIERT"
--- a/db/languages/en
+++ b/db/languages/en
@ -84,6 +84,7 @@ STATUS_NO="NO"
 STATUS_NO_UPDATE="NO UPDATE"
 STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="NONE"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 STATUS_NOT_DISABLED="NOT DISABLED"
 STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/es
+++ b/db/languages/es
@ -85,6 +85,7 @@ STATUS_NO_UPDATE="SIN ACTUALIZACIÓN"
 STATUS_NO="NO"
 STATUS_NON_DEFAULT="NO POR DEFECTO"
 STATUS_NONE="NINGUNO"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="NO CONFIGURADO"
 STATUS_NOT_DISABLED="NO DESHABILITADO"
 STATUS_NOT_ENABLED="NO HABILITADO"
--- a/db/languages/fi
+++ b/db/languages/fi
@ -83,6 +83,7 @@ STATUS_FOUND="LÖYTYNYT"
 STATUS_NO="EI"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="EI MITÄÄN"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/fr
+++ b/db/languages/fr
@ -84,6 +84,7 @@ STATUS_NO="NON"
 STATUS_NO_UPDATE="PAS DE MISE A JOUR"
 STATUS_NON_DEFAULT="PAS PAR DÉFAUT"
 STATUS_NONE="AUCUN"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="NON CONFIGURÉ"
 STATUS_NOT_DISABLED="NON DESACTIVÉ"
 STATUS_NOT_ENABLED="NON ACTIVÉ"
--- a/db/languages/gr
+++ b/db/languages/gr
@ -82,6 +82,7 @@ STATUS_FOUND="ΒΡΕΘΗΚΕ"
 #STATUS_MEDIUM="MEDIUM"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="ΚΑΝΕΝΑ"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/he
+++ b/db/languages/he
@ -82,6 +82,7 @@ STATUS_FOUND="נמצא"
 #STATUS_MEDIUM="MEDIUM"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="אין כלל"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/hu
+++ b/db/languages/hu
@ -83,6 +83,7 @@ STATUS_FOUND="FOUND"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NO="NEM"
 STATUS_NONE="NONE"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/id
+++ b/db/languages/id
@ -0,0 +1,107 @@
 ERROR_NO_LICENSE="Tidak ada kunci lisensi yang dikonfigurasi"
 ERROR_NO_UPLOAD_SERVER="Tidak ada server unggahan yang dikonfigurasi"
 GEN_CHECKING="Memeriksa"
 GEN_CURRENT_VERSION="Versi sekarang"
 GEN_DEBUG_MODE="Debug mode"
 GEN_INITIALIZE_PROGRAM="Inisialisasi program"
 GEN_LATEST_VERSION="Versi terbaru"
 GEN_PHASE="fase"
 GEN_PLUGINS_ENABLED="Plugin diaktifkan"
 GEN_UPDATE_AVAILABLE="update tersedia"
 GEN_VERBOSE_MODE="Verbose mode"
 GEN_WHAT_TO_DO="Apa yang harus dilakukan"
 NOTE_EXCEPTIONS_FOUND="Pengecualian ditemukan"
 NOTE_EXCEPTIONS_FOUND_DETAILED="Beberapa peristiwa atau informasi luar biasa ditemukan"
 NOTE_PLUGINS_TAKE_TIME="Note: plugin memiliki pengujian yang lebih ekstensif dan mungkin memerlukan waktu beberapa menit untuk menyelesaikannya"
 NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Tes yang dilewati karena mode non-istimewa"
 #SECTION_ACCOUNTING="Accounting"
 #SECTION_BANNERS_AND_IDENTIFICATION="Banners and identification"
 #SECTION_BASICS="Basics"
 #SECTION_BOOT_AND_SERVICES="Boot and services"
 #SECTION_CONTAINERS="Containers"
 #SECTION_CRYPTOGRAPHY="Cryptography"
 SECTION_CUSTOM_TESTS="Tes kustom"
 #SECTION_DATABASES="Databases"
 #SECTION_DATA_UPLOAD="Data upload"
 #SECTION_DOWNLOADS="Downloads"
 #SECTION_EMAIL_AND_MESSAGING="Software: e-mail and messaging"
 #SECTION_FILE_INTEGRITY="Software: file integrity"
 #SECTION_FILE_PERMISSIONS="File Permissions"
 #SECTION_FILE_SYSTEMS="File systems"
 #SECTION_FIREWALLS="Software: firewalls"
 #SECTION_GENERAL="General"
 #SECTION_HARDENING="Hardening"
 #SECTION_HOME_DIRECTORIES="Home directories"
 #SECTION_IMAGE="Image"
 #SECTION_INITIALIZING_PROGRAM="Initializing program"
 #SECTION_INSECURE_SERVICES="Insecure services"
 #SECTION_KERNEL_HARDENING="Kernel Hardening"
 #SECTION_KERNEL="Kernel"
 #SECTION_LDAP_SERVICES="LDAP Services"
 #SECTION_LOGGING_AND_FILES="Logging and files"
 SECTION_MALWARE="Software: Malware"
 SECTION_MEMORY_AND_PROCESSES="Memory and Processes"
 SECTION_NAME_SERVICES="Name services"
 SECTION_NETWORKING="Networking"
 SECTION_PERMISSIONS="Permissions"
 SECTION_PORTS_AND_PACKAGES="Ports and packages"
 SECTION_PRINTERS_AND_SPOOLS="Printers and Spools"
 SECTION_PROGRAM_DETAILS="Program Details"
 SECTION_SCHEDULED_TASKS="Scheduled tasks"
 SECTION_SECURITY_FRAMEWORKS="Security frameworks"
 SECTION_SHELLS="Shells"
 SECTION_SNMP_SUPPORT="SNMP Support"
 SECTION_SOFTWARE="Software"
 SECTION_SQUID_SUPPORT="Squid Support"
 SECTION_SSH_SUPPORT="SSH Support"
 SECTION_STORAGE="Storage"
 SECTION_SYSTEM_INTEGRITY="Software: System integrity"
 SECTION_SYSTEM_TOOLING="Software: System tooling"
 SECTION_SYSTEM_TOOLS="System tools"
 SECTION_TIME_AND_SYNCHRONIZATION="Time and Synchronization"
 SECTION_USB_DEVICES="USB Devices"
 SECTION_USERS_GROUPS_AND_AUTHENTICATION="Users, Groups and Authentication"
 SECTION_VIRTUALIZATION="Virtualization"
 SECTION_WEBSERVER="Software: webserver"
 STATUS_ACTIVE="ACTIVE"
 STATUS_CHECK_NEEDED="CHECK NEEDED"
 STATUS_DEBUG="DEBUG"
 STATUS_DEFAULT="DEFAULT"
 STATUS_DIFFERENT="DIFFERENT"
 STATUS_DISABLED="DISABLED"
 STATUS_DONE="DONE"
 STATUS_ENABLED="ENABLED"
 STATUS_ERROR="ERROR"
 STATUS_EXPOSED="EXPOSED"
 STATUS_FAILED="FAILED"
 STATUS_FILES_FOUND="FILES FOUND"
 STATUS_FOUND="FOUND"
 STATUS_HARDENED="HARDENED"
 STATUS_INSTALLED="INSTALLED"
 STATUS_LOCAL_ONLY="LOCAL ONLY"
 STATUS_MEDIUM="MEDIUM"
 STATUS_NO="NO"
 STATUS_NO_UPDATE="NO UPDATE"
 STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="NONE"
 STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 STATUS_NOT_DISABLED="NOT DISABLED"
 STATUS_NOT_ENABLED="NOT ENABLED"
 STATUS_NOT_FOUND="NOT FOUND"
 STATUS_NOT_RUNNING="NOT RUNNING"
 STATUS_OFF="OFF"
 STATUS_OK="OK"
 STATUS_ON="ON"
 STATUS_PARTIALLY_HARDENED="PARTIALLY HARDENED"
 STATUS_PROTECTED="PROTECTED"
 STATUS_RUNNING="RUNNING"
 STATUS_SKIPPED="SKIPPED"
 STATUS_SUGGESTION="SUGGESTION"
 STATUS_UNKNOWN="UNKNOWN"
 STATUS_UNSAFE="UNSAFE"
 STATUS_UPDATE_AVAILABLE="UPDATE TERSEDIA"
 STATUS_WARNING="WARNING"
 STATUS_WEAK="WEAK"
 STATUS_YES="YES"
 TEXT_UPDATE_AVAILABLE="update tersedia"
 TEXT_YOU_CAN_HELP_LOGFILE="Anda dapat membantu dengan memberikan file log Anda"
--- a/db/languages/it
+++ b/db/languages/it
@ -83,6 +83,7 @@ STATUS_FOUND="TROVATO"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="NESSUNO"
 STATUS_NO="NO"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="NON CONFIGURATO"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/ja
+++ b/db/languages/ja
@ -83,6 +83,7 @@ STATUS_FOUND="見つかりました"
 STATUS_NO="いいえ"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="なし"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/ko
+++ b/db/languages/ko
@ -83,6 +83,7 @@ STATUS_FOUND="발견"
 STATUS_NO="아니오"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="없음"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/nb-NO
+++ b/db/languages/nb-NO
@ -83,6 +83,7 @@ STATUS_FOUND="FUNNET"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NO="NEI"
 STATUS_NONE="INGEN"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/nl
+++ b/db/languages/nl
@ -83,6 +83,7 @@ STATUS_FOUND="GEVONDEN"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NO="NEE"
 STATUS_NONE="GEEN"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="NIET GECONFIGUREERD"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/pl
+++ b/db/languages/pl
@ -83,6 +83,7 @@
 #STATUS_NON_DEFAULT="NON DEFAULT"
 #STATUS_NONE="NONE"
 #STATUS_NO="NO"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/pt
+++ b/db/languages/pt
@ -83,6 +83,7 @@ STATUS_FOUND="ENCONTRADO"
 STATUS_NO="NÃO"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="NENHUM"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/ru
+++ b/db/languages/ru
@ -82,6 +82,7 @@ STATUS_LOCAL_ONLY="ТОЛЬКО ЛОКАЛЬНО"
 STATUS_MEDIUM="СРЕДНИЙ"
 STATUS_NON_DEFAULT="НЕ ПО УМОЛЧАНИЮ"
 STATUS_NONE="Отсутствует"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 STATUS_NOT_CONFIGURED="НЕ СКОНФИГУРИРОВАНО"
 STATUS_NOT_DISABLED="НЕ ОТКЛЮЧЕНО"
 STATUS_NOT_ENABLED="НЕ ВКЛЮЧЕНО"
--- a/db/languages/se
+++ b/db/languages/se
@ -83,6 +83,7 @@ STATUS_FOUND="HITTAD"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="INGEN"
 STATUS_NO="NEJ"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/sk
+++ b/db/languages/sk
@ -83,6 +83,7 @@ STATUS_FOUND="NÁJDENÉ"
 #STATUS_NON_DEFAULT="NON DEFAULT"
 STATUS_NONE="ŽIADNE"
 STATUS_NO="NIE"
 STATUS_NOT_ACTIVE="NOT ACTIVE"
 #STATUS_NOT_CONFIGURED="NOT CONFIGURED"
 #STATUS_NOT_DISABLED="NOT DISABLED"
 #STATUS_NOT_ENABLED="NOT ENABLED"
--- a/db/languages/tr
+++ b/db/languages/tr
@ -1,107 +1,108 @@
-ERROR_NO_LICENSE="Lisans anahtarı yapılandırılmamış"
+ERROR_NO_LICENSE="Lisans anahtarı yapılandırılmadı"
-ERROR_NO_UPLOAD_SERVER="Yükleme sunucusu yapılandırılmamış"
+ERROR_NO_UPLOAD_SERVER="Yükleme sunucusu yapılandırılmadı"
-GEN_CHECKING="Kontrol ediyor"
+GEN_CHECKING=" Denetleniyor"
-GEN_CURRENT_VERSION="Mevcut Sürüm"
+GEN_CURRENT_VERSION="Geçerli sürüm"
 GEN_DEBUG_MODE="Hata ayıklama modu"
 GEN_INITIALIZE_PROGRAM="Program başlatılıyor"
-GEN_LATEST_VERSION="Son sürüm"
+GEN_LATEST_VERSION="En son sürüm"
-GEN_PHASE="faz"
+GEN_PHASE="evre"
-GEN_PLUGINS_ENABLED="Yapılandırılmış eklentiler"
+GEN_PLUGINS_ENABLED="Etkinleştirilen eklentiler"
-GEN_UPDATE_AVAILABLE="güncelleme mevcut"
+GEN_UPDATE_AVAILABLE="güncelleme var"
-GEN_VERBOSE_MODE="Detay modu"
+GEN_VERBOSE_MODE="Ayrıntılı mod"
 GEN_WHAT_TO_DO="Yapılması gerekenler"
 NOTE_EXCEPTIONS_FOUND_DETAILED="Bazı istisnai durumlar ve bilgiler bulundu"
 NOTE_EXCEPTIONS_FOUND="İstisnalar bulundu"
-NOTE_PLUGINS_TAKE_TIME="Not: eklentiler daha detaylı testler içermektedir ve tamamlanmaları uzun sürebilir"
+NOTE_EXCEPTIONS_FOUND_DETAILED="Bazı istisnai olaylar veya bilgiler bulundu"
 NOTE_PLUGINS_TAKE_TIME="Not: eklentiler daha kapsamlı testlere sahiptir ve tamamlanması birkaç dakika sürebilir"
 NOTE_SKIPPED_TESTS_NON_PRIVILEGED="Yetkisiz çalışma nedeniyle atlanan testler"
-#SECTION_ACCOUNTING="Accounting"
+SECTION_ACCOUNTING="Hesaplama"
-#SECTION_BANNERS_AND_IDENTIFICATION="Banners and identification"
+SECTION_BANNERS_AND_IDENTIFICATION="Afişler ve tanımlama"
-#SECTION_BASICS="Basics"
+SECTION_BASICS="Temel Bilgiler"
-#SECTION_BOOT_AND_SERVICES="Boot and services"
+SECTION_BOOT_AND_SERVICES="Önyükleme ve hizmetler"
-#SECTION_CONTAINERS="Containers"
+SECTION_CONTAINERS="Konteynerler"
-#SECTION_CRYPTOGRAPHY="Cryptography"
+SECTION_CRYPTOGRAPHY="Kriptografi"
 SECTION_CUSTOM_TESTS="Özel testler"
-#SECTION_DATABASES="Databases"
+SECTION_DATA_UPLOAD="Veri yükleme"
-#SECTION_DATA_UPLOAD="Data upload"
+SECTION_DATABASES="Veri tabanları"
-#SECTION_DOWNLOADS="Downloads"
+SECTION_DOWNLOADS="İndirilenler"
-#SECTION_EMAIL_AND_MESSAGING="Software: e-mail and messaging"
+SECTION_EMAIL_AND_MESSAGING="Yazılım: e-posta ve mesajlaşma"
-#SECTION_FILE_INTEGRITY="Software: file integrity"
+SECTION_FILE_INTEGRITY="Yazılım: dosya bütünlüğü"
-#SECTION_FILE_PERMISSIONS="File Permissions"
+SECTION_FILE_PERMISSIONS="Dosya izinleri"
-#SECTION_FILE_SYSTEMS="File systems"
+SECTION_FILE_SYSTEMS="Dosya sistemleri"
-#SECTION_FIREWALLS="Software: firewalls"
+SECTION_FIREWALLS="Yazılım: güvenlik duvarları"
-#SECTION_GENERAL="General"
+SECTION_GENERAL="Genel"
-#SECTION_HARDENING="Hardening"
+SECTION_HARDENING="Sıkılaştırma"
-#SECTION_HOME_DIRECTORIES="Home directories"
+SECTION_HOME_DIRECTORIES="Ev dizinleri"
-#SECTION_IMAGE="Image"
+SECTION_IMAGE="Kalıp"
-#SECTION_INITIALIZING_PROGRAM="Initializing program"
+SECTION_INITIALIZING_PROGRAM="Program başlatılıyor"
-#SECTION_INSECURE_SERVICES="Insecure services"
+SECTION_INSECURE_SERVICES="Güvensiz hizmetler"
-#SECTION_KERNEL_HARDENING="Kernel Hardening"
+SECTION_KERNEL="Çekirdek"
-#SECTION_KERNEL="Kernel"
+SECTION_KERNEL_HARDENING="Çekirdek Sıkılaştırma"
-#SECTION_LDAP_SERVICES="LDAP Services"
+SECTION_LDAP_SERVICES="LDAP Hizmetleri"
-#SECTION_LOGGING_AND_FILES="Logging and files"
+SECTION_LOGGING_AND_FILES="Günlük kaydı ve dosyalar"
-SECTION_MALWARE="Kötücül yazılım"
+SECTION_MALWARE="Yazılım: Kötü Amaçlı Yazılım"
-SECTION_MEMORY_AND_PROCESSES="Bellek ve Prosesler"
+SECTION_MEMORY_AND_PROCESSES="Bellek ve Süreçler"
-#SECTION_NAME_SERVICES="Name services"
+SECTION_NAME_SERVICES="Ad hizmetleri"
-#SECTION_NETWORKING="Networking"
+SECTION_NETWORKING="Ağ İletişimi"
-#SECTION_PERMISSIONS="Permissions"
+SECTION_PERMISSIONS="İzinler"
-#SECTION_PORTS_AND_PACKAGES="Ports and packages"
+SECTION_PORTS_AND_PACKAGES="Bağlantı noktaları ve paketler"
-#SECTION_PRINTERS_AND_SPOOLS="Printers and Spools"
+SECTION_PRINTERS_AND_SPOOLS="Yazıcılar ve Biriktiriciler"
-#SECTION_PROGRAM_DETAILS="Program Details"
+SECTION_PROGRAM_DETAILS="Program Ayrıntıları"
-#SECTION_SCHEDULED_TASKS="Scheduled tasks"
+SECTION_SCHEDULED_TASKS="Zamanlanan görevler"
-#SECTION_SECURITY_FRAMEWORKS="Security frameworks"
+SECTION_SECURITY_FRAMEWORKS="Güvenlik çerçeveleri"
-#SECTION_SHELLS="Shells"
+SECTION_SHELLS="Kabuklar"
-#SECTION_SNMP_SUPPORT="SNMP Support"
+SECTION_SNMP_SUPPORT="SNMP Desteği"
-#SECTION_SOFTWARE="Software"
+SECTION_SOFTWARE="Yazılım"
-#SECTION_SQUID_SUPPORT="Squid Support"
+SECTION_SQUID_SUPPORT="Squid Desteği"
-#SECTION_SSH_SUPPORT="SSH Support"
+SECTION_SSH_SUPPORT="SSH Desteği"
-#SECTION_STORAGE="Storage"
+SECTION_STORAGE="Depolama"
-#SECTION_SYSTEM_INTEGRITY="Software: System integrity"
+SECTION_SYSTEM_INTEGRITY="Yazılım: Sistem bütünlüğü"
-#SECTION_SYSTEM_TOOLING="Software: System tooling"
+SECTION_SYSTEM_TOOLING="Yazılım: Sistem araçları"
-#SECTION_SYSTEM_TOOLS="System tools"
+SECTION_SYSTEM_TOOLS="Sistem araçları"
-#SECTION_TIME_AND_SYNCHRONIZATION="Time and Synchronization"
+SECTION_TIME_AND_SYNCHRONIZATION="Zaman ve Eşzamanlama"
-#SECTION_USB_DEVICES="USB Devices"
+SECTION_USB_DEVICES="USB Aygıtları"
-#SECTION_USERS_GROUPS_AND_AUTHENTICATION="Users, Groups and Authentication"
+SECTION_USERS_GROUPS_AND_AUTHENTICATION="Kullanıcılar, Gruplar ve Kimlik Doğrulama"
-#SECTION_VIRTUALIZATION="Virtualization"
+SECTION_VIRTUALIZATION="Sanallaştırma"
-#SECTION_WEBSERVER="Software: webserver"
+SECTION_WEBSERVER="Yazılım: web sunucusu"
-#STATUS_ACTIVE="ACTIVE"
+STATUS_ACTIVE=" ETKİN"
-#STATUS_CHECK_NEEDED="CHECK NEEDED"
+STATUS_CHECK_NEEDED=" DENETİM GEREKLI"
-#STATUS_DEBUG="DEBUG"
+STATUS_DEBUG="HATA AYIKLAMA"
-#STATUS_DEFAULT="DEFAULT"
+STATUS_DEFAULT="ÖNTANIMLI"
-#STATUS_DIFFERENT="DIFFERENT"
+STATUS_DIFFERENT="FARKLI"
-STATUS_DISABLED="ETKİSİZLEŞTİRİLMİŞ"
+STATUS_DISABLED="DEVRE DIŞI BIRAKILDI"
 STATUS_DONE="TAMAMLANDI"
-STATUS_ENABLED="ETKİNLEŞTİRİLMİŞ"
+STATUS_ENABLED="ETKİNLEŞTİRİLDİ"
 STATUS_ERROR="HATA"
-#STATUS_EXPOSED="EXPOSED"
+STATUS_EXPOSED="AÇIKTA BIRAKILDI"
-#STATUS_FAILED="FAILED"
+STATUS_FAILED="BAŞARISIZ"
-#STATUS_FILES_FOUND="FILES FOUND"
+STATUS_FILES_FOUND="DOSYALAR BULUNDU"
 STATUS_FOUND="BULUNDU"
-#STATUS_HARDENED="HARDENED"
+STATUS_HARDENED="SIKILAŞTIRILDI"
-#STATUS_INSTALLED="INSTALLED"
+STATUS_INSTALLED="KURULU"
-#STATUS_LOCAL_ONLY="LOCAL ONLY"
+STATUS_LOCAL_ONLY="YALNIZCA YEREL"
-#STATUS_MEDIUM="MEDIUM"
+STATUS_MEDIUM="ORTA"
 STATUS_NO="HAYIR"
-#STATUS_NON_DEFAULT="NON DEFAULT"
+STATUS_NO_UPDATE="GÜNCELLEME YOK"
 STATUS_NON_DEFAULT="ÖNTANIMLI OLMAYAN"
 STATUS_NONE="YOK"
-#STATUS_NOT_CONFIGURED="NOT CONFIGURED"
+STATUS_NOT_ACTIVE="ETKİN DEĞİL"
-#STATUS_NOT_DISABLED="NOT DISABLED"
+STATUS_NOT_CONFIGURED="YAPILANDIRILMADI"
-#STATUS_NOT_ENABLED="NOT ENABLED"
+STATUS_NOT_DISABLED="DEVRE DIŞI BIRAKILMADI"
 STATUS_NOT_ENABLED="ETKİNLEŞTİRİLMEDİ"
 STATUS_NOT_FOUND="BULUNAMADI"
 STATUS_NOT_RUNNING="ÇALIŞMIYOR"
 #STATUS_NO_UPDATE="NO UPDATE"
 STATUS_OFF="KAPALI"
 STATUS_OK="TAMAM"
 STATUS_ON="AÇIK"
-#STATUS_PARTIALLY_HARDENED="PARTIALLY HARDENED"
+STATUS_PARTIALLY_HARDENED="KISMEN SIKILAŞTIRILDI"
-#STATUS_PROTECTED="PROTECTED"
+STATUS_PROTECTED="KORUMALI"
 STATUS_RUNNING="ÇALIŞIYOR"
 STATUS_SKIPPED="ATLANDI"
 STATUS_SUGGESTION="ÖNERİ"
 STATUS_UNKNOWN="BİLİNMİYOR"
-#STATUS_UNSAFE="UNSAFE"
+STATUS_UNSAFE="GÜVENLİ DEĞİL"
-#STATUS_UPDATE_AVAILABLE="UPDATE AVAILABLE"
+STATUS_UPDATE_AVAILABLE="GÜNCELLEME VAR"
 STATUS_WARNING="UYARI"
-#STATUS_WEAK="WEAK"
+STATUS_WEAK="ZAYIF"
 STATUS_YES="EVET"
-TEXT_UPDATE_AVAILABLE="güncelleme mevcut"
+TEXT_UPDATE_AVAILABLE="güncelleme var"
-TEXT_YOU_CAN_HELP_LOGFILE="Log dosyanızı göndererek yardımcı olabilirsiniz"
+TEXT_YOU_CAN_HELP_LOGFILE="Günlük dosyanızı göndererek yardımcı olabilirsiniz"
--- a/db/software-eol.db
+++ b/db/software-eol.db
@ -14,8 +14,29 @@
 # For rolling releases or releases that do not (currently have an EOL date, leave field three empty and set field four to -1.
 # Full string for CentOS can be something like 'CentOS Linux 8 (Core)'. As this does not correctly match, shorter string is used for matching.
 #
 # AIX - https://www.ibm.com/support/pages/aix-support-lifecycle-information 
 #
 os:AIX 7300-02:2026-11-30:1796032800:
 os:AIX 7300-01:2025-12-31:1767175200:
 os:AIX 7300-00:2024-12-31:1735639200:
 os:AIX 7200-05::-1:
 os:AIX 7200-04:2022-11-30:1669802400:
 os:AIX 7200-03:2021-09-30:1632996000:
 os:AIX 7200-02:2020-10-31:1604138400:
 os:AIX 7200-01:2019-11-30:1575108000:
 os:AIX 7200-00:2018-12-30:1546164000:
 os:AIX 7100:2023-04-30:1682848800:
 os:AIX 6:2017-04-30:1493546400:
 os:AIX 5:2012-04-30:1335780000:
 os:AIX 4:2003-12-31:1072864800:
 os:AIX 3:1997-12-31:883562400:
 #
 # Alpine - https://alpinelinux.org/releases/
 #
 os:Alpine 3.19:2025-11-01:1761955200
 os:Alpine 3.18:2025-05-09:1746748800
 os:Alpine 3.17:2024-11-22:1732233600
 os:Alpine 3.16:2024-05-23:1716422400
 os:Alpine 3.15:2023-11-01:1698793200
 os:Alpine 3.14:2023-05-01:1682899200
 os:Alpine 3.13:2022-11-01:1667275200
@ -28,8 +49,9 @@ os:Alpine 3.8:2020-05-01:1588305600
 # Amazon Linux
 #
 # Note: shortest entry is listed at end due to regular expression matching being used
-os:Amazon Linux 2:2023-06-26:1687730400:
+os:Amazon Linux 2023:2028-03-15:1836691200:
-os:Amazon Linux:2020-06-30:1593468000:
+os:Amazon Linux 2:2025-06-30:1751241600:
 os:Amazon Linux:2023-12-31:1703980800:
 #
 # Arch Linux
 #
@ -40,16 +62,19 @@ os:Arch Linux::-1:
 os:CentOS release 5:2017-03-31:1490911200:
 os:CentOS release 6:2020-11-30:1606690800:
 os:CentOS Linux 7:2024-06-30:1719698400:
-os:CentOS Linux 8:2029-05-31:1874872800:
+os:CentOS Linux 8:2021-12-31:1640905200:
 #
 # Debian - https://wiki.debian.org/DebianReleases#Production_Releases
 # https://wiki.debian.org/LTS
 #
 os:Debian 5.0:2012-02-06:1328482800:
 os:Debian 6.0:2016-02-29:1456700400:
 os:Debian 7:2018-05-31:1527717600:
 os:Debian 8:2020-06-30:1593468000:
-os:Debian 9:2022-01-01:1640991600:
+os:Debian 9:2022-06-30:1656547200:
-os:Debian 10:2022-01-01:1640991600:
+os:Debian 10:2022-09-10:1665266400:
 os:Debian 11:2024-07-01:1719784800:
 os:Debian 12:2028-06-30:1845936000:
 #
 # Fedora - https://fedoraproject.org/wiki/End_of_life
 #
@ -134,6 +159,7 @@ os:Mageia 4:2015-09-19:1442613600
 os:Mageia 5:2017-12-31:1514674800
 os:Mageia 6:2019-09-30:1569794400
 os:Mageia 7:2020-12-30:1609282800
 os:Mageia 8::-1
 #
 # NetBSD - https://www.netbsd.org/support/security/release.html and
 #          https://www.netbsd.org/releases/formal.html
@ -196,6 +222,11 @@ os:OpenBSD 6.4:2019-10-17:1571270400:
 os:OpenBSD 6.5:2020-05-19:1589846400:
 os:OpenBSD 6.6:2020-10-01:1601510400:
 os:OpenBSD 6.7:2021-05-01:1619827200:
 os:OpenBSD 6.8:2021-10-14:1665698400:
 os:OpenBSD 6.9:2022-04-21:1650492000:
 os:OpenBSD 7.0:2022-10-20:1666216800:
 os:OpenBSD 7.1:2023-05-01:1682892000:
 os:OpenBSD 7.2::-1
 #
 # Red Hat Enterprise Linux - https://access.redhat.com/labs/plcc/
 #
@ -239,6 +270,7 @@ os:Ubuntu 18.04:2023-05-01:1682892000:
 os:Ubuntu 18.10:2019-07-18:1563400800:
 os:Ubuntu 19.04:2020-01-01:1577833200:
 os:Ubuntu 20.04:2025-04-01:1743458400:
 os:Ubuntu 22.04:2027-04-01:1806537600:
 #
 # OmniosCE - https://omniosce.org/releasenotes.html
 #
--- a/db/tests.db
+++ b/db/tests.db
@ -148,6 +148,7 @@ FINT-4338:test:security:file_integrity::osqueryd syscheck daemon running:
 FINT-4339:test:security:file_integrity:Linux:Check IMA/EVM Status
 FINT-4340:test:security:file_integrity:Linux:Check dm-integrity status
 FINT-4341:test:security:file_integrity:Linux:Check dm-verity status
 FINT-4344:test:security:file_integrity::Wazuh syscheck daemon running:
 FINT-4350:test:security:file_integrity::File integrity software installed:
 FINT-4402:test:security:file_integrity::Checksums (SHA256 or SHA512):
 FIRE-4502:test:security:firewalls:Linux:Check iptables kernel module:
@ -204,7 +205,7 @@ INSE-8200:test:security:insecure_services::Usage of TCP wrappers:
 INSE-8300:test:security:insecure_services::Presence of rsh client:
 INSE-8302:test:security:insecure_services::Presence of rsh server:
 INSE-8310:test:security:insecure_services::Presence of telnet client:
-INSE-8312:test:security:insecure_services::Presence of telnet server:
+INSE-8322:test:security:insecure_services::Presence of telnet server:
 INSE-8314:test:security:insecure_services::Presence of NIS client:
 INSE-8316:test:security:insecure_services::Presence of NIS server:
 INSE-8318:test:security:insecure_services::Presence of TFTP client:
@ -275,6 +276,7 @@ MALW-3284:test:security:malware::Check for clamd:
 MALW-3286:test:security:malware::Check for freshclam:
 MALW-3288:test:security:malware::Check for ClamXav:
 MALW-3290:test:security:malware::Presence of malware scanner:
 MALW-3291:test:security:malware::Check for Microsoft Defender Antivirus:
 NAME-4016:test:security:nameservices::Check /etc/resolv.conf default domain:
 NAME-4018:test:security:nameservices::Check /etc/resolv.conf search domains:
 NAME-4020:test:security:nameservices::Check non default options:
@ -437,8 +439,9 @@ TOOL-5102:test:security:tooling::Check for presence of Fail2ban:
 TOOL-5104:test:security:tooling::Enabled tests for Fail2ban:
 TOOL-5120:test:security:tooling::Presence of Snort IDS:
 TOOL-5122:test:security:tooling::Snort IDS configuration file:
 TOOL-5128:test:security:tooling::Check for active Wazuh daemon:
 TOOL-5130:test:security:tooling::Check for active Suricata daemon:
-TOOL-5160:test:security:tooling::Check for active OSSEC daemon:
+TOOL-5126:test:security:tooling::Check for active OSSEC daemon:
 TOOL-5190:test:security:tooling::Check presence of available IDS/IPS tooling:
 USB-1000:test:security:storage:Linux:Check if USB storage is disabled:
 USB-2000:test:security:storage:Linux:Check USB authorizations:
--- a/default.prf
+++ b/default.prf
@ -197,7 +197,7 @@ config-data=sysctl;kernel.exec-shield;1;1;No description;sysctl -a;url:https;//k
 config-data=sysctl;kernel.kptr_restrict;2;1;Restrict access to kernel symbols;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
 config-data=sysctl;kernel.maps_protect;1;1;Restrict access to /proc/[pid]/maps;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
 config-data=sysctl;kernel.modules_disabled;1;1;Restrict module loading once this sysctl value is loaded;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
-config-data=sysctl;kernel.perf_event_paranoid;3|4;1;Restrict unprivileged access to the perf_event_open() system call.;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
+config-data=sysctl;kernel.perf_event_paranoid;2|3|4;1;Restrict unprivileged access to the perf_event_open() system call.;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
 config-data=sysctl;kernel.randomize_va_space;2;1;Randomize of memory address locations (ASLR);sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
 config-data=sysctl;kernel.suid_dumpable;0;1;Restrict core dumps;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
 config-data=sysctl;kernel.sysrq;0;1;Disable magic SysRQ;sysctl -a;url:https;//kernel.org/doc/Documentation/sysctl/kernel.txt;category:security;
--- a/include/binaries
+++ b/include/binaries
@ -169,7 +169,6 @@
                            domainname)             DOMAINNAMEBINARY="${BINARY}";      LogText "  Found known binary: domainname (NIS domain) - ${BINARY}" ;;
                            dpkg)                   DPKGBINARY="${BINARY}";            LogText "  Found known binary: dpkg (package management) - ${BINARY}" ;;
                            xbps-query)             XBPSBINARY="${BINARY}";            LogText "  Found known binary: xbps (package management) - ${BINARY}" ;;
                            egrep)                  EGREPBINARY=${BINARY};             LogText "  Found known binary: egrep (text search) - ${BINARY}" ;;
                            equery)                 EQUERYBINARY="${BINARY}";          LogText "  Found known binary: query (package manager) - ${BINARY}" ;;
                            evmctl)                 EVMCTLBINARY=${BINARY};            LogText "  Found known binary: evmctl (IMA/EVM tool) - ${BINARY}" ;;
                            exim)                   EXIMBINARY="${BINARY}";            EXIMVERSION=$(${BINARY} -bV | grep 'Exim version' | awk '{ print $3 }' | xargs); LogText "  Found known binary ${BINARY} (version ${EXIMVERSION})" ;;
@ -337,11 +336,19 @@
        Report "binaries_sgid_count=${SGID_BINARIES}"
        Report "binary_paths=${BINARY_PATHS_FOUND}"
 	# If grep is capable of extended regexp, use that instead of egrep to avoid annoying warning
 	if [ "${GREPBINARY:-}" ] ; then
 		${GREPBINARY} --help 2> /dev/null | ${GREPBINARY} -e "extended-regexp" > /dev/null
 		if [ $? -eq 0 ] ; then
 			EGREPBINARY="${GREPBINARY} -E"
 		fi
 	fi
        # Test if the basic system tools are defined. These will be used during the audit.
        [ "${AWKBINARY:-}" ] || ExitFatal "awk binary not found"
        [ "${CAT_BINARY:-}" ] || ExitFatal "cat binary not found"
        [ "${CUTBINARY:-}" ] || ExitFatal "cut binary not found"
        [ "${EGREPBINARY:-}" ] || ExitFatal "egrep binary not found"
        [ "${FINDBINARY:-}" ] || ExitFatal "find binary not found"
        [ "${GREPBINARY:-}" ] || ExitFatal "grep binary not found"
        [ "${HEADBINARY:-}" ] || ExitFatal "head binary not found"
--- a/include/consts
+++ b/include/consts
@ -169,6 +169,7 @@ ETC_PATHS="/etc /usr/local/etc"
    MACHINEID=""
    MACHINE_ROLE=""
    MALWARE_SCANNER_INSTALLED=0
    MDATPBINARY=""
    MIN_PASSWORD_LENGTH=-1
    MONGODB_RUNNING=0
    MOUNTBINARY=""
--- a/include/functions
+++ b/include/functions
@ -1315,7 +1315,7 @@
            return 2
        else
            for CHECK_PERMISSION in ${CHECKPERMISSION_FULL}; do
-                DATA=$(echo ${CHECK_PERMISSION} | ${EGREPBINARY} "[rwx]")
+                DATA=$(echo ${CHECK_PERMISSION} | ${GREPBINARY} -E "[rwx]")
                if [ $? -eq 0 ]; then
                    # add a dummy character as first character so it looks like output is a normal file
                    CHECK_PERMISSION=$(echo "-${CHECK_PERMISSION}" | ${AWKBINARY} '{k=0;for(i=0;i<=8;i++)k+=((substr($1,i+2,1)~/[rwx]/)*2^(8-i));if(k)printf("%0o",k)}')
@ -1608,7 +1608,7 @@
                # This search is not foolproof
                LogText "Performing simple ps scan (busybox)"
                PSOPTIONS=" -o args="
-                FIND=$(${PSBINARY:-ps} ${PSOPTIONS} | ${EGREPBINARY:-egrep} "( |/)${search}" | ${GREPBINARY:-grep} -v "grep")
+                FIND=$(${PSBINARY:-ps} ${PSOPTIONS} | ${GREPBINARY:-grep} -E "( |/)${search}" | ${GREPBINARY:-grep} -v "grep")
            else
                if [ -n "${users}" ]; then
                    for u in ${users}; do
@ -2086,6 +2086,10 @@
        elif [ -n "${PKGINFOBINARY}" ]; then
            output=$(${PKGINFOBINARY} -q -e ${package} >/dev/null 2>&1)
            exit_code=$?  # 0=package installed, 1=package not installed
        # Slackware also has RPM for some reason and that's why this test precedes the RPMBINARY test
        elif [ "${OS_NAME}" = "Slackware Linux" -a -d "${ROOTDIR}/var/lib/pkgtools/packages" ]; then
            output=$( ls ${ROOTDIR}/var/lib/pkgtools/packages/ 2> /dev/null | ${GREPBINARY} "^${package}-[^-]\+-[^-]\+-[^-]\+$" )
            exit_code=$?
        elif [ -n "${RPMBINARY}" ]; then
            output=$(${RPMBINARY} --quiet -q ${package} > /dev/null 2>&1)
            exit_code=$?
@ -2099,7 +2103,7 @@
            output=$(${XBPSBINARY} ${package} 2> /dev/null | ${GREPBINARY} "^ii")
            exit_code=$?
        elif [ -n "${APKBINARY}" ]; then
-            output=$(${APKBINARY} search ${package} 2> /dev/null | ${GREPBINARY} ${package})
+            output=$(${APKBINARY} list --installed ${package} 2> /dev/null | ${GREPBINARY} ${package})
            exit_code=$?
        else
            if [ "${package}" != "__dummy__" ]; then
--- a/include/osdetection
+++ b/include/osdetection
@ -64,6 +64,8 @@
                    10.15 | 10.15.[0-9]*) OS_FULLNAME="macOS Catalina (${OS_VERSION})" ;;
                    11 | 11.[0-9]*) OS_FULLNAME="macOS Big Sur (${OS_VERSION})" ;;
                    12 | 12.[0-9]*) OS_FULLNAME="macOS Monterey (${OS_VERSION})" ;;
                    13 | 13.[0-9]*) OS_FULLNAME="macOS Ventura (${OS_VERSION})" ;;
                    14 | 14.[0-9]*) OS_FULLNAME="macOS Sonoma (${OS_VERSION})" ;;
                    *) echo "Unknown macOS version. Do you know what version it is? Create an issue at ${PROGRAM_SOURCE}" ;;
                esac
            else
@ -158,6 +160,11 @@
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "altlinux")
                            LINUX_VERSION="ALT Linux"
                            OS_NAME="altlinux"
                            OS_VERSION=$(grep "^ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "amzn")
                            LINUX_VERSION="Amazon Linux"
                            OS_NAME="Amazon Linux"
@ -174,11 +181,22 @@
                            OS_FULLNAME="Arch Linux 32"
                            OS_VERSION="Rolling release"
                        ;;
                        "arcolinux")
                            LINUX_VERSION="ArcoLinux"
                            OS_FULLNAME="ArcoLinux"
                            OS_VERSION="Rolling release"
                        ;;
                        "artix")
                            LINUX_VERSION="Artix Linux"
                            OS_FULLNAME="Artix Linux"
                            OS_VERSION="Rolling release"
                        ;;
                        "athena")
                            LINUX_VERSION="Athena OS"
                            OS_NAME=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "bunsenlabs")
                            LINUX_VERSION="BunsenLabs"
                            OS_NAME="BunsenLabs"
@ -260,6 +278,12 @@
                            OS_NAME="Gentoo Linux"
                            OS_VERSION="Rolling release"
                        ;;
                        "guix")
                            LINUX_VERSION="Guix"
                            OS_FULLNAME="Guix System"
                            OS_NAME="Guix"
                            OS_VERSION="Rolling release"
                        ;;
                        "ipfire")
                            LINUX_VERSION="IPFire"
                            OS_NAME="IPFire"
@ -278,6 +302,11 @@
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "lsdk")
                            LINUX_VERSION="NXP LSDK"
                            OS_NAME="NXP LSDK"
                            OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "mageia")
                            LINUX_VERSION="Mageia"
                            OS_NAME="Mageia"
@ -308,6 +337,18 @@
                            OS_REDHAT_OR_CLONE=1
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "nobara")
                            LINUX_VERSION="Nobara"
                            OS_NAME="Nobara Linux"
                            OS_REDHAT_OR_CLONE=1
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "nodistro")
                            LINUX_VERSION="openembedded"
                            OS_NAME="OpenEmbedded"
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "opensuse-tumbleweed")
                            LINUX_VERSION="openSUSE Tumbleweed"
                            # It's rolling release but has a snapshot version (the date of the snapshot)
@ -324,12 +365,26 @@
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_NAME="openSUSE"
                        ;;
                        "osmc")
                            LINUX_VERSION="OSMC"
                            LINUX_VERSION_LIKE="Debian"
                            OS_NAME="Open Source Media Center"
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "parrot")
                            LINUX_VERSION="Parrot"
                            OS_NAME="Parrot GNU/Linux"
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "poky")
                            LINUX_VERSION="Poky"
                            OS_NAME="openembedded"
                            LINUX_VERSION_LIKE="openembedded"
                            OS_VERSION=$(grep "^VERSION_ID=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                            OS_VERSION_FULL=$(grep "^PRETTY_NAME=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        "pop")
                            LINUX_VERSION="Pop!_OS"
                            LINUX_VERSION_LIKE="Ubuntu"
@ -401,7 +456,7 @@
                            OS_VERSION_FULL=$(grep "^VERSION=" /etc/os-release | awk -F= '{print $2}' | tr -d '"')
                        ;;
                        *)
-                            ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create an issue on GitHub and share the the contents (cat /etc/os-release): ${PROGRAM_SOURCE}"
+                            ReportException "OS Detection" "Unknown OS found in /etc/os-release - Please create an issue on GitHub and share the contents (cat /etc/os-release): ${PROGRAM_SOURCE}"
                        ;;
                    esac
                fi
--- a/include/tests_authentication
+++ b/include/tests_authentication
@ -42,9 +42,9 @@
        LogText "Test: Searching accounts with UID 0"
        # Check if device is a QNAP, as the root user is called admin, and not root
        if [ ${QNAP_DEVICE} -eq 1 ]; then
-            FIND=$(${GREPBINARY} ':0:' ${ROOTDIR}etc/passwd | ${EGREPBINARY} -v '^#|^admin:|^(\+:\*)?:0:0:::' | ${CUTBINARY} -d ":" -f1,3 | ${GREPBINARY} ':0')
+            FIND=$(${GREPBINARY} ':0:' ${ROOTDIR}etc/passwd | ${GREPBINARY} -E -v '^#|^admin:|^(\+:\*)?:0:0:::' | ${CUTBINARY} -d ":" -f1,3 | ${GREPBINARY} ':0')
        else
-            FIND=$(${GREPBINARY} ':0:' ${ROOTDIR}etc/passwd | ${EGREPBINARY} -v '^#|^root:|^(\+:\*)?:0:0:::' | ${CUTBINARY} -d ":" -f1,3 | ${GREPBINARY} ':0')
+            FIND=$(${GREPBINARY} ':0:' ${ROOTDIR}etc/passwd | ${GREPBINARY} -E -v '^#|^root:|^(\+:\*)?:0:0:::' | ${CUTBINARY} -d ":" -f1,3 | ${GREPBINARY} ':0')
        fi
        if [ -n "${FIND}" ]; then
            Display --indent 2 --text "- Administrator accounts" --result "${STATUS_WARNING}" --color RED
@ -163,7 +163,7 @@
        LogText "Test: Checking login shells"
        if [ -f ${ROOTDIR}etc/master.passwd ]; then
            # Check for all shells, except: (/usr)/sbin/nologin /nonexistent
-            FIND=$(${GREPBINARY} "[a-z]:\*:" ${ROOTDIR}etc/master.passwd | ${EGREPBINARY} -v '^#|/sbin/nologin|/usr/sbin/nologin|/nonexistent' | ${SEDBINARY} 's/ /!space!/g')
+            FIND=$(${GREPBINARY} "[a-z]:\*:" ${ROOTDIR}etc/master.passwd | ${GREPBINARY} -E -v '^#|/sbin/nologin|/usr/sbin/nologin|/nonexistent' | ${SEDBINARY} 's/ /!space!/g')
            if [ -z "${FIND}" ]; then
                Display --indent 2 --text "- Login shells" --result "${STATUS_OK}" --color GREEN
            else
@ -499,13 +499,13 @@
    Register --test-no AUTH-9240 --weight L --network NO --category security --description "Query NIS+ authentication support"
    if [ ${SKIPTEST} -eq 0 ]; then
        if [ -f /etc/nsswitch.conf ]; then
-            FIND=$(${EGREPBINARY} "^passwd" /etc/nsswitch.conf | ${EGREPBINARY} "compat|nisplus")
+            FIND=$(${GREPBINARY} -E "^passwd" /etc/nsswitch.conf | ${GREPBINARY} -E "compat|nisplus")
            if [ -z "${FIND}" ]; then
                LogText "Result: NIS+ authentication not enabled"
                Display --indent 2 --text "- NIS+ authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE
            else
-                FIND2=$(${EGREPBINARY} "^passwd_compat" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "nisplus")
+                FIND2=$(${GREPBINARY} -E "^passwd_compat" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "nisplus")
-                FIND3=$(${EGREPBINARY} "^passwd" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "nisplus")
+                FIND3=$(${GREPBINARY} -E "^passwd" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "nisplus")
                if [ -n "${FIND2}" -o -n "${FIND3}" ]; then
                    LogText "Result: NIS+ authentication enabled"
                    Display --indent 2 --text "- NIS+ authentication support" --result "${STATUS_ENABLED}" --color GREEN
@ -526,13 +526,13 @@
    Register --test-no AUTH-9242 --weight L --network NO --category security --description "Query NIS authentication support"
    if [ ${SKIPTEST} -eq 0 ]; then
        if [ -f /etc/nsswitch.conf ]; then
-            FIND=$(${EGREPBINARY} "^passwd" /etc/nsswitch.conf | ${EGREPBINARY} "compat|nis" | ${GREPBINARY} -v "nisplus")
+            FIND=$(${GREPBINARY} -E "^passwd" /etc/nsswitch.conf | ${GREPBINARY} -E "compat|nis" | ${GREPBINARY} -v "nisplus")
            if [ -z "${FIND}" ]; then
                LogText "Result: NIS authentication not enabled"
                Display --indent 2 --text "- NIS authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE
            else
-                FIND2=$(${EGREPBINARY} "^passwd_compat" /etc/nsswitch.conf | ${GREPBINARY} "nis" | ${GREPBINARY} -v "nisplus")
+                FIND2=$(${GREPBINARY} -E "^passwd_compat" /etc/nsswitch.conf | ${GREPBINARY} "nis" | ${GREPBINARY} -v "nisplus")
-                FIND3=$(${EGREPBINARY} "^passwd" /etc/nsswitch.conf | ${GREPBINARY} "nis" | ${GREPBINARY} -v "nisplus")
+                FIND3=$(${GREPBINARY} -E "^passwd" /etc/nsswitch.conf | ${GREPBINARY} "nis" | ${GREPBINARY} -v "nisplus")
                if [ -n "${FIND2}" -o -n "${FIND3}" ]; then
                    LogText "Result: NIS authentication enabled"
                    Display --indent 2 --text "- NIS authentication support" --result "${STATUS_ENABLED}" --color GREEN
@ -717,7 +717,7 @@
        if [ ${FOUND} -eq 0 ]; then
            Display --indent 2 --text "- PAM password strength tools" --result "${STATUS_SUGGESTION}" --color YELLOW
            LogText "Result: no PAM modules for password strength testing found"
-            ReportSuggestion "${TEST_NO}" "Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc"
+            ReportSuggestion "${TEST_NO}" "Install a PAM module for password strength testing like pam_cracklib or pam_passwdqc or libpam-passwdqc"
            AddHP 0 3
        else
            Display --indent 2 --text "- PAM password strength tools" --result "${STATUS_OK}" --color GREEN
@ -737,7 +737,7 @@
            LogText "Result: file ${ROOTDIR}etc/pam.conf exists"
            Display --indent 2 --text "- PAM configuration files (pam.conf)" --result "${STATUS_FOUND}" --color GREEN
            LogText "Test: searching PAM configuration files"
-            FIND=$(${EGREPBINARY} -v "^#" ${ROOTDIR}etc/pam.conf | ${EGREPBINARY} -v "^$" | ${SEDBINARY} 's/[[:space:]]/ /g' | ${SEDBINARY} 's/  / /g' | ${SEDBINARY} 's/ /:space:/g')
+            FIND=$(${GREPBINARY} -E -v "^#" ${ROOTDIR}etc/pam.conf | ${GREPBINARY} -E -v "^$" | ${SEDBINARY} 's/[[:space:]]/ /g' | ${SEDBINARY} 's/  / /g' | ${SEDBINARY} 's/ /:space:/g')
            if [ -z "${FIND}" ]; then
                LogText "Result: File has no configuration options defined (empty, or only filled with comments and empty lines)"
            else
@ -1017,7 +1017,7 @@
            LogText "Data: Days since epoch is ${DAYS_SINCE_EPOCH}"
            LogText "Test: collecting accounts which have an expired password (last day changed + maximum change time)"
            # Skip fields with a !, *, or x, or !* (field $3 is last changed, $5 is maximum changed)
-            FIND=$(${EGREPBINARY} -v ":[\!\*x]([\*\!])?:" /etc/shadow | ${AWKBINARY} -v today=${DAYS_SINCE_EPOCH} -F: '{ if (($5!="") && (today>$3+$5)) { print $1 }}')
+            FIND=$(${GREPBINARY} -E -v ":[\!\*x]([\*\!])?:" /etc/shadow | ${AWKBINARY} -v today=${DAYS_SINCE_EPOCH} -F: '{ if (($5!="") && (today>$3+$5)) { print $1 }}')
            if [ -n "${FIND}" ]; then
                for ACCOUNT in ${FIND}; do
                    LogText "Result: password of user ${ACCOUNT} has been expired"
@ -1109,8 +1109,8 @@
                TEST_PERFORMED=1
                LogText "Result: file ${ROOTDIR}etc/inittab exists"
                LogText "Test: checking presence sulogin for single user mode"
-                FIND=$(${EGREPBINARY} "^[a-zA-Z0-9~]+:S:(respawn|wait):/sbin/sulogin" /etc/inittab)
+                FIND=$(${GREPBINARY} -E "^[a-zA-Z0-9~]+:S:(respawn|wait):/sbin/sulogin" /etc/inittab)
-                FIND2=$(${EGREPBINARY} "^su:S:(respawn|wait):/sbin/sulogin" /etc/inittab)
+                FIND2=$(${GREPBINARY} -E "^su:S:(respawn|wait):/sbin/sulogin" /etc/inittab)
                if [ -n "${FIND}" -o -n "${FIND2}" ]; then
                    FOUND=1
                    LogText "Result: found sulogin, so single user is protected"
@ -1147,7 +1147,7 @@
                    # Mark test as performed only when at least 1 target exists (e.g. Ubuntu 14.04 has limited systemd support)
                    TEST_PERFORMED=1
                    LogText "Result: found target ${I}"
-                    FIND=$(${EGREPBINARY} "^ExecStart=" ${FILE} | ${GREPBINARY} "sulogin")
+                    FIND=$(${GREPBINARY} -E "^ExecStart=" ${FILE} | ${GREPBINARY} "sulogin")
                    if [ "${FIND}" = "" ]; then
                        LogText "Result: did not find sulogin specified, possible risk of getting into single user mode without authentication"
                    else
@ -1486,7 +1486,7 @@
    Register --test-no AUTH-9402 --weight L --network NO --category security --description "Query LDAP authentication support"
    if [ ${SKIPTEST} -eq 0 ]; then
        if [ -f ${ROOTDIR}etc/nsswitch.conf ]; then
-            FIND=$(${EGREPBINARY} "^passwd" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "ldap")
+            FIND=$(${GREPBINARY} -E "^passwd" ${ROOTDIR}etc/nsswitch.conf | ${GREPBINARY} "ldap")
            if [ "${FIND}" = "" ]; then
                LogText "Result: LDAP authentication not enabled"
                Display --indent 2 --text "- LDAP authentication support" --result "${STATUS_NOT_ENABLED}" --color WHITE
@ -1514,7 +1514,7 @@
                LogText "Result: file ${FILE} exists, LDAP being used"
                LDAP_CLIENT_CONFIG_FILE="${FILE}"
                LogText "Test: checking LDAP servers in file ${FILE}"
-                FIND=$(${EGREPBINARY} "^host " ${FILE} | ${AWKBINARY} '{ print $2 }')
+                FIND=$(${GREPBINARY} -E "^host " ${FILE} | ${AWKBINARY} '{ print $2 }')
                for SERVER in ${FIND}; do
                    Display --indent 6 --text "LDAP server: ${SERVER}"
                    LogText "Result: found LDAP server ${SERVER}"
--- a/include/tests_banners
+++ b/include/tests_banners
@ -27,7 +27,7 @@
 #################################################################################
 #
    BANNER_FILES="${ROOTDIR}etc/issue ${ROOTDIR}etc/issue.net ${ROOTDIR}etc/motd"
-    LEGAL_BANNER_STRINGS="audit access authori condition connect consent continu criminal enforce evidence forbidden intrusion law legal legislat log monitor owner penal policy policies privacy private prohibited record restricted secure subject system terms warning"
+    LEGAL_BANNER_STRINGS="audit access authori condition connect consent continu criminal enforce evidence forbidden intrusion law legal legislat log monitor owner penal policy policies privacy private prohibited prosecute record report restricted secure subject system terms warning"
 #
 #################################################################################
 #
--- a/include/tests_boot_services
+++ b/include/tests_boot_services
@ -460,7 +460,7 @@
                BOOT_LOADER_FOUND=1
                Display --indent 2 --text "- Checking presence LILO" --result "${STATUS_OK}" --color GREEN
                LogText "Checking password option LILO"
-                FIND=$(${EGREPBINARY} 'password[[:space:]]?=' ${LILOCONFFILE} | ${GREPBINARY} -v "^#")
+                FIND=$(${GREPBINARY} -E 'password[[:space:]]?=' ${LILOCONFFILE} | ${GREPBINARY} -v "^#")
                if [ -z "${FIND}" ]; then
                    if [ "${MACHINE_ROLE}" = "server" -o "${MACHINE_ROLE}" = "workstation" ]; then
                        Display --indent 4 --text "- Password option presence " --result "${STATUS_WARNING}" --color RED
@ -605,7 +605,7 @@
        else
            # FreeBSD (Read /etc/rc.conf file for enabled services)
            LogText "Searching for services at startup (rc.conf)"
-            FIND=$(${EGREPBINARY} -v -i '^#|none' ${ROOTDIR}etc/rc.conf | ${EGREPBINARY} -i '_enable.*(yes|on|1)' | ${SORTBINARY} | ${AWKBINARY} -F= '{ print $1 }' | ${SEDBINARY} 's/_enable//')
+            FIND=$(${GREPBINARY} -E -v -i '^#|none' ${ROOTDIR}etc/rc.conf | ${GREPBINARY} -E -i '_enable.*(yes|on|1)' | ${SORTBINARY} | ${AWKBINARY} -F= '{ print $1 }' | ${SEDBINARY} 's/_enable//')
        fi
        COUNT=0
        for ITEM in ${FIND}; do
@ -715,7 +715,7 @@
            if [ -n "${CHKCONFIGBINARY}" ]; then
                LogText "Result: chkconfig binary found, trying that to discover information"
                LogText "Searching for services at startup (chkconfig, runlevel 3 and 5)"
-                FIND=$(${CHKCONFIGBINARY} --list | ${EGREPBINARY} '3:on|5:on' | ${AWKBINARY} '{ print $1 }')
+                FIND=$(${CHKCONFIGBINARY} --list | ${GREPBINARY} -E '3:on|5:on' | ${AWKBINARY} '{ print $1 }')
                COUNT=0
                Report "boot_service_tool=chkconfig"
                for ITEM in ${FIND}; do
@ -947,7 +947,7 @@
        if [ -f ${ROOTDIR}usr/lib/systemd/system/rescue.service ]; then
            LogText "Result: file /usr/lib/systemd/system/rescue.service"
            LogText "Test: checking presence sulogin for single user mode"
-            FIND=$(${EGREPBINARY} "^ExecStart=.*sulogin" ${ROOTDIR}usr/lib/systemd/system/rescue.service)
+            FIND=$(${GREPBINARY} -E "^ExecStart=.*sulogin" ${ROOTDIR}usr/lib/systemd/system/rescue.service)
            if [ -n "${FIND}" ]; then
                FOUND=1
                LogText "Result: found sulogin, so single user is protected"
@ -981,14 +981,14 @@
                Report "running_service[]=${ITEM}"
                COUNT=$((COUNT + 1 ))
            done
-            LogText "Note: Run rcctl ls all | egrep  '^(pf|check_quotas|library_aslr)$' to see all daemons"
+            LogText "Note: Run rcctl ls all | grep -E '^(pf|check_quotas|library_aslr)$' to see all daemons"
            Display --indent 2 --text "- Check running daemons (rcctl)" --result "${STATUS_DONE}" --color GREEN
            Display --indent 8 --text "Result: found ${COUNT} running daemons"
            LogText "Result: Found ${COUNT} running daemons"
            # OpenBSD (Ask rcctl(8) for enabled daemons)
            LogText "Searching for enabled daemons (rcctl)"
-            FIND=$(${RCCTLBINARY} ls on | ${EGREPBINARY} -v '^(pf|check_quotas|library_aslr)$')
+            FIND=$(${RCCTLBINARY} ls on | ${GREPBINARY} -E -v '^(pf|check_quotas|library_aslr)$')
            COUNT=0
            Report "boot_service_tool=rcctl"
            for ITEM in ${FIND}; do
@ -996,7 +996,7 @@
                Report "boot_service[]=${ITEM}"
                COUNT=$((COUNT + 1 ))
            done
-            LogText "Note: Run rcctl ls all | egrep  '^(pf|check_quotas|library_aslr)$' to see all daemons"
+            LogText "Note: Run rcctl ls all | grep -E  '^(pf|check_quotas|library_aslr)$' to see all daemons"
            Display --indent 2 --text "- Check enabled daemons at boot (rcctl)" --result "${STATUS_DONE}" --color GREEN
            Display --indent 8 --text "Result: found ${COUNT} enabled daemons at boot"
            LogText "Result: Found ${COUNT} enabled daemons at boot"
--- a/include/tests_containers
+++ b/include/tests_containers
@ -107,7 +107,7 @@
            LogText "Result: disabling further Docker tests as docker version gave exit code other than zero (0)"
            RUN_DOCKER_TESTS=0
        fi
-        FIND=$(${DOCKERBINARY} info 2>&1 | ${GREPBINARY} "^WARNING:" | ${CUTBINARY} -d " " -f 2- | ${SEDBINARY} 's/ /:space:/g')
+        FIND=$(${DOCKERBINARY} info 2>&1 | ${GREPBINARY} -E "^WARNING:|^ERROR:" | ${CUTBINARY} -d " " -f 2- | ${SEDBINARY} 's/ /:space:/g')
        if [ ! "${FIND}" = "" ]; then
            LogText "Result: found warning(s) in output"
            for I in ${FIND}; do
@ -137,7 +137,7 @@
        # Check total of containers
        LogText "Test: checking total amount of Docker containers"
-        DOCKER_CONTAINERS_TOTAL=$(${DOCKERBINARY} info 2> /dev/null | ${EGREPBINARY} "^[ \t]?Containers: " | ${AWKBINARY} '{ print $2 }')
+        DOCKER_CONTAINERS_TOTAL=$(${DOCKERBINARY} info 2> /dev/null | ${GREPBINARY} -E "^[ \t]?Containers: " | ${AWKBINARY} '{ print $2 }')
        if [ -z "${DOCKER_CONTAINERS_TOTAL}" ]; then
            DOCKER_CONTAINERS_TOTAL=0
        fi
--- a/include/tests_crypto
+++ b/include/tests_crypto
@ -54,7 +54,7 @@
                    LASTSUBDIR=""
                    LogText "Result: found directory ${DIR}"
                    # Search for certificate files
-                    FILES=$(${FINDBINARY} ${DIR} -type f 2> /dev/null | ${EGREPBINARY} ".cer$|.crt$|.der$|.pem$|^cert" | ${SORTBINARY} | ${SEDBINARY} 's/ /__space__/g')
+                    FILES=$(${FINDBINARY} ${DIR} -type f 2> /dev/null | ${GREPBINARY} -E ".cer$|.crt$|.der$|.pem$|^cert" | ${SORTBINARY} | ${SEDBINARY} 's/ /__space__/g')
                    for FILE in ${FILES}; do
                        FILE=$(echo ${FILE} | ${SEDBINARY} 's/__space__/ /g')
                        # See if we need to skip this path
@ -80,7 +80,7 @@
                            if [ ${CANREAD} -eq 1 ]; then
                                # Only check the files that are not installed by a package, unless enabled by profile
                                if [ ${SSL_CERTIFICATE_INCLUDE_PACKAGES} -eq 1 ] || ! FileInstalledByPackage "${FILE}"; then
-                                    echo ${FILE} | ${EGREPBINARY} -q ".cer$|.der$"
+                                    echo ${FILE} | ${GREPBINARY} -E -q ".cer$|.der$"
                                    CER_DER=$?
                                    OUTPUT=$(${GREPBINARY} -q 'BEGIN CERT' "${FILE}")
                                    if [ $? -eq 0 -o ${CER_DER} -eq 0 ]; then
--- a/include/tests_databases
+++ b/include/tests_databases
@ -45,7 +45,7 @@
    # Description : Check if MySQL is being used
    Register --test-no DBS-1804 --weight L --network NO --category security --description "Checking active MySQL process"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND=$(${PSBINARY} ax | ${EGREPBINARY} "mariadb|mysqld|mysqld_safe" | ${GREPBINARY} -v "grep")
+        FIND=$(${PSBINARY} ax | ${GREPBINARY} -E "mariadb|mysqld|mysqld_safe" | ${GREPBINARY} -v "grep")
        if [ -z "${FIND}" ]; then
            if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- MySQL process status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
            LogText "Result: MySQL process not active"
@ -85,7 +85,7 @@
        LogText "Test: Trying to login to local MySQL server without password"
        # "-u root --password=" avoids ~/.my.cnf authentication settings
-        # "plugin = 'mysql_native_password' AND authentication_string = ''" avoids false positives when secure plugins are used 
+        # "plugin = 'mysql_native_password' AND authentication_string = ''" avoids false positives when secure plugins are used
        FIND=$(${MYSQLCLIENTBINARY} --default-auth=mysql_native_password  --no-defaults -u root --password= --silent --batch --execute="SELECT count(*) FROM mysql.user WHERE user = 'root' AND plugin = 'mysql_native_password' AND authentication_string = ''" mysql > /dev/null 2>&1; echo $?)
        if [ "${FIND}" = "0" ]; then
           LogText "Result: Login succeeded, no MySQL root password set!"
@ -186,8 +186,10 @@
    # Test        : DBS-1826
    # Description : Check if PostgreSQL is being used
    Register --test-no DBS-1826 --weight L --network NO --category security --description "Checking active PostgreSQL processes"
    for PROCES in postgres postmaster
    do
    if [ ${SKIPTEST} -eq 0 ]; then
-        if IsRunning "postgres"; then
+        if IsRunning "${PROCES}"; then
            Display --indent 2 --text "- PostgreSQL processes status" --result "${STATUS_FOUND}" --color GREEN
            LogText "Result: PostgreSQL is active"
            POSTGRESQL_RUNNING=1
@ -195,9 +197,10 @@
            Report "postgresql_running=${POSTGRESQL_RUNNING}"
        else
            if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- PostgreSQL processes status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
-            LogText "Result: PostgreSQL process not active"
+            LogText "Result: PostgreSQL process ${PROCES} not active"
        fi
    fi
    done
 #
 #################################################################################
 #
@ -211,13 +214,15 @@
    # Arch            /var/lib/postgres/data/postgresql.conf
    # CentOS/Fedora   /var/lib/pgsql/data/postgresql.conf
    # Ubuntu          /etc/postgresql/x.y/main/postgresql.conf
    # FreeBSD         /var/db/postgres/data[0-9][0-9]/postgresql.conf
    if [ "${POSTGRESQL_RUNNING}" -eq 1 ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="PostgreSQL not installed or not running"; fi
    Register --test-no DBS-1828 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Test PostgreSQL configuration"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND_PATHS="${ROOTDIR}etc/postgres ${ROOTDIR}var/lib/postgres/data ${ROOTDIR}usr/local/pgsql/data"
+        FIND_PATHS=$(${LSBINARY} -d ${ROOTDIR}usr/local/pgsql/data* 2> /dev/null)
-        CONFIG_FILES=$(${FINDBINARY} -L ${FIND_PATHS} -type f -name "*.conf" -print0 2> /dev/null | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} -d '\n' | ${TRBINARY} '\0' '\n' | xargs -i sh -c 'test -r "{}" && echo "{}"' | ${SEDBINARY} "s/ /:space:/g")
+        FIND_PATHS="${FIND_PATHS} ${ROOTDIR}etc/postgres ${ROOTDIR}etc/postgresql ${ROOTDIR}var/lib/postgres/data ${ROOTDIR}usr/local/pgsql/data ${ROOTDIR}var/lib/pgsql/data ${ROOTDIR}var/db/postgres/data[0-9][0-9]"
        CONFIG_FILES=$(${FINDBINARY} -L ${FIND_PATHS} -type f -name "*.conf" -print0 2> /dev/null | ${TRBINARY} -cd '[:print:]\0' | ${TRBINARY} -d '\n' | ${TRBINARY} '\0' '\n' | xargs -I'{}' sh -c 'test -r "{}" && echo "{}"' | ${SEDBINARY} "s/ /:space:/g")
        for CF in ${CONFIG_FILES}; do
            Report "postgresql_config_file[]=${CF}"
            LogText "Found configuration file (${CF})"
@ -226,7 +231,7 @@
                ReportWarning "${TEST_NO}" "PostgreSQL configuration file ${CF} is world readable and might leak sensitive details" "${CF}" "Use chmod 600 to change file permissions"
            else
                LogText "Result: great, configuration file ${CF} is not world readable"
-            fi            
+            fi
        done
    fi
 #
@ -244,7 +249,7 @@
    #               reco: recovery (optional)
    Register --test-no DBS-1840 --weight L --network NO --category security --description "Checking active Oracle processes"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND=$(${PSBINARY} ax | ${EGREPBINARY} "ora_pmon|ora_smon|tnslsnr" | ${GREPBINARY} -v "grep")
+        FIND=$(${PSBINARY} ax | ${GREPBINARY} -E "ora_pmon|ora_smon|tnslsnr" | ${GREPBINARY} -v "grep")
        if [ -z "${FIND}" ]; then
            if [ ${DEBUG} -eq 1 ]; then Display --indent 2 --text "- Oracle processes status" --result "${STATUS_NOT_FOUND}" --color WHITE --debug; fi
            LogText "Result: Oracle process(es) not active"
@ -311,10 +316,16 @@
    if [ ${REDIS_RUNNING} -eq 1 ]; then PREQS_METS="YES"; else PREQS_MET="NO"; SKIPREASON="Redis not running"; fi
    Register --test-no DBS-1882 --weight L --network NO --preqs-met "${PREQS_MET}" --skip-reason "${SKIPREASON}" --category security --description "Redis configuration file"
    if [ ${SKIPTEST} -eq 0 ]; then
-        PATHS="${ROOTDIR}etc/redis ${ROOTDIR}usr/local/etc/redis ${ROOTDIR}usr/local/redis/etc"
+        PATHS="${ROOTDIR}etc/redis ${ROOTDIR}usr/local/etc ${ROOTDIR}usr/local/etc/redis ${ROOTDIR}usr/local/redis/etc"
        if [ ${QNAP_DEVICE} -eq 1 ]; then
            PATHS="${PATHS} ${ROOTDIR}share/CACHEDEV1_DATA/.qpkg/QKVM/usr/etc/redis.conf"
        fi
        if [ -d "${ROOTDIR}snap" ]; then
          for SNAP_PATH in $(${FINDBINARY} ${ROOTDIR}snap -name 'redis.conf' -type f | ${SEDBINARY} 's/redis.conf$//g'); do
            PATHS="${PATHS} ${SNAP_PATH}"
          done
        fi
        ALLFILES=$(${LSBINARY} ${ROOTDIR}etc/redis.conf 2> /dev/null)
        FOUND=0
        for DIR in ${PATHS}; do
--- a/include/tests_file_integrity
+++ b/include/tests_file_integrity
@ -104,7 +104,7 @@
    if [ -n "${AIDEBINARY}" -a -n "${AIDECONFIG}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no FINT-4316 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Presence of AIDE database and size check"
    if [ ${SKIPTEST} -eq 0 ]; then
-        AIDE_DB=$(${EGREPBINARY} '(^database|^database_in)=' ${AIDECONFIG} | ${SEDBINARY} "s/.*://")
+        AIDE_DB=$(${GREPBINARY} -E '(^database|^database_in)=' ${AIDECONFIG} | ${SEDBINARY} "s/.*://")
        if case ${AIDE_DB} in @@*) ;; *) false;; esac; then
            I=$(${GREPBINARY} "@@define.*DBDIR" ${AIDECONFIG} | ${AWKBINARY} '{print $3}')
            AIDE_DB=$(echo ${AIDE_DB} | ${SEDBINARY} "s#.*}#${I}#")
@ -330,7 +330,7 @@
 	ROOTDEVICE=$(${MOUNTBINARY} | ${AWKBINARY} '/ on \/ type / { print $1 }')
 	for DEVICE in /dev/mapper/*; do
 	    if [ -e "${DEVICE}" ]; then
-		FIND=$(${INTEGRITYSETUPBINARY} status "${DEVICE}" | ${EGREPBINARY} 'type:.*INTEGRITY')
+		FIND=$(${INTEGRITYSETUPBINARY} status "${DEVICE}" | ${GREPBINARY} -E 'type:.*INTEGRITY')
 		if [ ! -z "${FIND}" ]; then
 		    FOUND=1
 		    LogText "Result: found dm-integrity device ${DEVICE}"
@ -370,7 +370,7 @@
 	ROOTDEVICE=$(${MOUNTBINARY} | ${AWKBINARY} '/ on \/ type / { print $1 }')
 	for DEVICE in /dev/mapper/*; do
 	    if [ -e "${DEVICE}" ]; then
-		FIND=$(${VERITYSETUPBINARY} status "${DEVICE}" | ${EGREPBINARY} 'type:.*VERITY')
+		FIND=$(${VERITYSETUPBINARY} status "${DEVICE}" | ${GREPBINARY} -E 'type:.*VERITY')
 		if [ ! -z "${FIND}" ]; then
 		    FOUND=1
 		    LogText "Result: found dm-verity device ${DEVICE}"
@ -398,13 +398,32 @@
    fi
 #
 #################################################################################
 #
    # Test        : FINT-4344
    # Description : Check if Wazuh system integrity tool is running
    Register --test-no FINT-4344 --weight L --network NO --category security --description "Wazuh syscheck daemon running"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking if Wazuh syscheck daemon is running"
        if IsRunning "wazuh-syscheckd"; then
            LogText "Result: syscheck (Wazuh) active"
            Report "file_integrity_tool[]=wazuh"
            FILE_INT_TOOL="wazuh-syscheck"
            FILE_INT_TOOL_FOUND=1
            Display --indent 4 --text "- Wazuh (syscheck)" --result "${STATUS_FOUND}" --color GREEN
        else
            LogText "Result: syscheck (Wazuh) is not active"
            if IsVerbose; then Display --indent 4 --text "- Wazuh" --result "${STATUS_NOT_FOUND}" --color WHITE; fi
        fi
    fi
 #
 #################################################################################
 #
    # Test        : FINT-4402 (was FINT-4316)
    # Description : Check if AIDE is configured to use SHA256 or SHA512 checksums
    if [ ! "${AIDEBINARY}" = "" -a -n "${AIDECONFIG}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no FINT-4402 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "AIDE configuration: Checksums (SHA256 or SHA512)"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND=$(${GREPBINARY} -v "^#" ${AIDECONFIG} | ${EGREPBINARY} "= .*(sha256|sha512)")
+        FIND=$(${GREPBINARY} -v "^#" ${AIDECONFIG} | ${GREPBINARY} -E "= .*(sha256|sha512)")
        if [ -z "${FIND}" ]; then
            LogText "Result: No SHA256 or SHA512 found for creating checksums"
            Display --indent 6 --text "- AIDE config (Checksum)" --result Suggestion --color YELLOW
--- a/include/tests_file_permissions
+++ b/include/tests_file_permissions
@ -35,7 +35,7 @@
        FOUND=0
        for PROFILE in ${PROFILES}; do
            LogText "Using profile ${PROFILE} for baseline."
-            FILES=$(${EGREPBINARY} '^permfile=|^permdir=' ${PROFILE} | ${CUTBINARY} -d= -f2 | ${CUTBINARY} -d: -f1)
+            FILES=$(${GREPBINARY} -E '^permfile=|^permdir=' ${PROFILE} | ${CUTBINARY} -d= -f2 | ${CUTBINARY} -d: -f1)
            for F in ${FILES}; do
                LogText "Test: checking file/directory ${F}"
                if [ -f "${F}" ]; then
--- a/include/tests_filesystems
+++ b/include/tests_filesystems
@ -356,7 +356,7 @@
        # Proc should be mounted with 'hidepid=2' or 'hidepid=1' at least
        # https://www.kernel.org/doc/html/latest/filesystems/proc.html#chapter-4-configuring-procfs
        LogText "Test: check proc mount with incorrect mount options"
-        FIND=$(${MOUNTBINARY} | ${EGREPBINARY} "${ROOTDIR}proc " | ${EGREPBINARY} -o "hidepid=([0-9]|[a-z][a-z]*)")
+        FIND=$(${MOUNTBINARY} | ${GREPBINARY} -E "${ROOTDIR}proc " | ${GREPBINARY} -E -o "hidepid=([0-9]|[a-z][a-z]*)")
        if [ "${FIND}" = "hidepid=4" -o "${FIND}" = "hidepid=ptraceable" ]; then  # https://lwn.net/Articles/817137/
            Display --indent 2 --text "- Testing /proc mount (hidepid)" --result "${STATUS_OK}" --color GREEN
            LogText "Result: proc mount mounted with ${FIND}"
@ -504,7 +504,7 @@
        fi
        LogText "Test: Checking acl option on xfs root file system"
-        FIND=$(${MOUNTBINARY} | ${AWKBINARY} '{ if ($3=="/" && $5~/xfs/) { print $6 } }' | ${EGREPBINARY} 'no_acl|no_user_xattr')
+        FIND=$(${MOUNTBINARY} | ${AWKBINARY} '{ if ($3=="/" && $5~/xfs/) { print $6 } }' | ${GREPBINARY} -E 'no_acl|no_user_xattr')
        if [ -z "${FIND}" ]; then
            FOUND=1
            # some other tests to do ?
@ -638,7 +638,7 @@
        NDEVMOUNTS=$(mount | ${AWKBINARY} '{print $6}' | ${GREPBINARY} -v nodev | ${WCBINARY} -l)
        NEXECMOUNTS=$(mount | ${AWKBINARY} '{print $6}' | ${GREPBINARY} -v noexec | ${WCBINARY} -l)
        NSUIDMOUNTS=$(mount | ${AWKBINARY} '{print $6}' | ${GREPBINARY} -v nosuid | ${WCBINARY} -l)
-        NWRITEANDEXECMOUNTS=$(mount | ${AWKBINARY} '{print $6}' | ${GREPBINARY} -v noexec | ${EGREPBINARY} -v '^\(ro[,)]' | ${WCBINARY} -l)
+        NWRITEANDEXECMOUNTS=$(mount | ${AWKBINARY} '{print $6}' | ${GREPBINARY} -v noexec | ${GREPBINARY} -E -v '^\(ro[,)]' | ${WCBINARY} -l)
        LogText "Result: Total without nodev:${NDEVMOUNTS} noexec:${NEXECMOUNTS} nosuid:${NSUIDMOUNTS} ro or noexec (W^X): ${NWRITEANDEXECMOUNTS}, of total ${NMOUNTS}"
        Display --indent 2 --text "- Total without nodev:${NDEVMOUNTS} noexec:${NEXECMOUNTS} nosuid:${NSUIDMOUNTS} ro or noexec (W^X): ${NWRITEANDEXECMOUNTS} of total ${NMOUNTS}"
    fi
@ -814,13 +814,13 @@
            AVAILABLE_MODPROBE_FS=""
            for FS in ${LIST_FS_NOT_SUPPORTED}; do
                # Check if filesystem is present in modprobe output
-                FIND=$(${MODPROBEBINARY} -v -n ${FS} 2>/dev/null | ${EGREPBINARY} "/${FS}.ko" | ${TAILBINARY} -1)
+                FIND=$(${MODPROBEBINARY} -v -n ${FS} 2>/dev/null | ${GREPBINARY} -E "/${FS}.ko" | ${TAILBINARY} -1)
                if [ -n "${FIND}" ]; then
                    LogText "Result: found ${FS} support in the kernel (output = ${FIND})"
                    Debug "Module ${FS} present in the kernel"
                    LogText "Test: Checking if ${FS} is active"
                    # Check if FS is present in lsmod output
-                    FIND=$(${LSMODBINARY} | ${EGREPBINARY} "^${FS}")
+                    FIND=$(${LSMODBINARY} | ${GREPBINARY} -E "^${FS}")
                    if IsEmpty "${FIND}"; then
                        LogText "Result: module ${FS} is currently not loaded in the kernel."
                        AddHP 2 3
@ -837,8 +837,8 @@
                fi
                FIND=$(${LSBINARY} ${ROOTDIR}etc/modprobe.d/* 2> /dev/null)
                if [ -n "${FIND}" ]; then
-                    FIND1=$(${EGREPBINARY} "^blacklist \+${FS}$" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
+                    FIND1=$(${GREPBINARY} -E "^blacklist \+${FS}$" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
-                    FIND2=$(${EGREPBINARY} "^install \+${FS} \+/bin/true$" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
+                    FIND2=$(${GREPBINARY} -E "^install \+${FS} \+/bin/true$" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
                        if [ -n "${FIND1}" ] || [ -n "${FIND2}" ]; then
                            Display --indent 4 --text "- Module $FS is blacklisted" --result "OK" --color GREEN
                            LogText "Result: module ${FS} is blacklisted"
--- a/include/tests_firewalls
+++ b/include/tests_firewalls
@ -112,7 +112,7 @@
        TABLES="filter"
        for TABLE in ${TABLES}; do
            LogText "Test: gathering information from table ${TABLE}"
-            FIND="$FIND""\n"$(${IPTABLESBINARY} -t ${TABLE} --numeric --list | ${EGREPBINARY}  -z -o -w  '[A-Z]+' | tr -d '\0' | ${AWKBINARY} -v t=${TABLE} 'NR%2 {printf "%s %s ",t, $0 ; next;}1')
+            FIND="$FIND""\n"$(${IPTABLESBINARY} -t ${TABLE} --numeric --list | ${GREPBINARY} -E  -z -o -w  '[A-Z]+' | tr -d '\0' | ${AWKBINARY} -v t=${TABLE} 'NR%2 {printf "%s %s ",t, $0 ; next;}1')
        done
        echo "${FIND}" | while read -r line; do
@ -154,7 +154,7 @@
    if [ -n "${IPTABLESBINARY}" -a ${IPTABLES_ACTIVE} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no FIRE-4512 --preqs-met ${PREQS_MET} --os Linux --weight L --network NO --root-only YES --category security --description "Check iptables for empty ruleset"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND=$(${IPTABLESBINARY} --list --numeric 2> /dev/null | ${EGREPBINARY} -v "^(Chain|target|$)" | ${WCBINARY} -l | ${TRBINARY} -d ' ')
+        FIND=$(${IPTABLESBINARY} --list --numeric 2> /dev/null | ${GREPBINARY} -E -v "^(Chain|target|$)" | ${WCBINARY} -l | ${TRBINARY} -d ' ')
        if [ -n "${FIND}" ]; then
            FIREWALL_ACTIVE=1
            if [ ${FIND} -le 5 ]; then
@ -506,7 +506,7 @@
    Register --test-no FIRE-4540 --os Linux --preqs-met ${PREQS_MET} --weight L --network NO --root-only YES --category security --description "Check for empty nftables configuration"
    if [ ${SKIPTEST} -eq 0 ]; then
        # Check for empty ruleset
-        NFT_RULES_LENGTH=$(${NFTBINARY} --stateless list ruleset 2> /dev/null | ${EGREPBINARY} -v "table|chain|;$|}$|^$" | ${WCBINARY} -l)
+        NFT_RULES_LENGTH=$(${NFTBINARY} --stateless list ruleset 2> /dev/null | ${GREPBINARY} -E -v "table|chain|;$|}$|^$" | ${WCBINARY} -l)
        if [ ${NFT_RULES_LENGTH} -le 3 ]; then
            FIREWALL_EMPTY_RULESET=1
            LogText "Result: this firewall set has 3 rules or less and is considered to be empty"
--- a/include/tests_hardening
+++ b/include/tests_hardening
@ -99,7 +99,7 @@
            else
                Display --indent 4 --text "- Installed malware scanner" --result "${STATUS_NOT_FOUND}" --color RED
            fi
-            ReportSuggestion "${TEST_NO}" "Harden the system by installing at least one malware scanner, to perform periodic file system scans" "-" "Install a tool like rkhunter, chkrootkit, OSSEC"
+            ReportSuggestion "${TEST_NO}" "Harden the system by installing at least one malware scanner, to perform periodic file system scans" "-" "Install a tool like rkhunter, chkrootkit, OSSEC, Wazuh"
            AddHP 1 3
            LogText "Result: no malware scanner found"
        fi
--- a/include/tests_homedirs
+++ b/include/tests_homedirs
@ -57,7 +57,7 @@
    if [ ${SKIPTEST} -eq 0 ]; then
        # Check if users' home directories permissions are 750 or more restrictive
        FOUND=0
-        USERDATA=$(${EGREPBINARY} -v '^(daemon|git|halt|root|shutdown|sync)' ${ROOTDIR}etc/passwd | ${AWKBINARY} -F: '($7 !~ "/(false|nologin)$") { print }')
+        USERDATA=$(${GREPBINARY} -E -v '^(daemon|git|halt|root|shutdown|sync)' ${ROOTDIR}etc/passwd | ${AWKBINARY} -F: '($7 !~ "/(false|nologin)$") { print }')
        while read -r LINE; do
            USER=$(echo ${LINE} | ${CUTBINARY} -d: -f1)
            DIR=$(echo ${LINE} | ${CUTBINARY} -d: -f6)
@ -93,7 +93,7 @@ EOF
    if [ ${SKIPTEST} -eq 0 ]; then
        # Check if users own their home directories
        FOUND=0
-        USERDATA=$(${EGREPBINARY} -v '^(daemon|git|halt|root|shutdown|sync)' ${ROOTDIR}etc/passwd | ${AWKBINARY} -F: '($7 !~ "/(false|nologin)$") { print }')
+        USERDATA=$(${GREPBINARY} -E -v '^(daemon|git|halt|root|shutdown|sync)' ${ROOTDIR}etc/passwd | ${AWKBINARY} -F: '($7 !~ "/(false|nologin)$") { print }')
        while read -r LINE; do
            USER=$(echo ${LINE} | ${CUTBINARY} -d: -f1)
            DIR=$(echo ${LINE} | ${CUTBINARY} -d: -f6)
--- a/include/tests_insecure_services
+++ b/include/tests_insecure_services
@ -298,7 +298,7 @@
    #if [ ${SKIPTEST} -eq 0 ]; then
    #    # Check presence of Rsh Trust Files
    #    FOUND=0
-    #    for LINE in $(${CAT_BINARY} /etc/passwd | ${EGREPBINARY} -v '^(root|halt|sync|shutdown)' | ${AWKBINARY} -F: '($7 !="/sbin/nologin" && $7 != "/bin/false") { print }'); do
+    #    for LINE in $(${CAT_BINARY} /etc/passwd | ${GREPBINARY} -E -v '^(root|halt|sync|shutdown)' | ${AWKBINARY} -F: '($7 !="/sbin/nologin" && $7 != "/bin/false") { print }'); do
    #        USER=$(echo ${LINE} | ${CUTBINARY} -d: -f1)
    #        DIR=$(echo ${LINE} | ${CUTBINARY} -d: -f6)
    #            if [ -d ${DIR} ]; then
@ -371,7 +371,7 @@
 #
 #################################################################################
 #
-    # Test        : INSE-8312
+    # Test        : INSE-8322
    # Description : Check if telnet server is installed
    Register --test-no INSE-8322 --package-manager-required --weight L --network NO --category security --description "Check if telnet server is installed"
    if [ ${SKIPTEST} -eq 0 ]; then
@ -492,6 +492,8 @@
 #
 #################################################################################
 #
    # Test        : INSE-8050
    # Description : Check for insecure services on macOS
    if [ -n "${LAUNCHCTL_BINARY}" ]; then PREQS_MET="YES"; SKIPREASON=""; else PREQS_MET="NO"; SKIPREASON="No launchctl binary on this system"; fi
    Register --test-no INSE-8050 --os "macOS" --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight M --network NO --category security --description "Check for insecure services on macOS"
    if [ ${SKIPTEST} -eq 0 ]; then
--- a/include/tests_kernel
+++ b/include/tests_kernel
@ -49,7 +49,7 @@
                    LogText "Exception: can't find the target of the symlink of /etc/systemd/system/default.target"
                    ReportException "${TEST_NO}:01"
                else
-                    FIND2=$(${ECHOCMD} ${FIND} | ${EGREPBINARY} "runlevel5|graphical")
+                    FIND2=$(${ECHOCMD} ${FIND} | ${GREPBINARY} -E "runlevel5|graphical")
                    if HasData "${FIND2}"; then
                        LogText "Result: Found match on runlevel5/graphical"
                        Display --indent 2 --text "- Checking default runlevel" --result "runlevel 5" --color GREEN
@ -401,7 +401,7 @@
            elif [ -e ${ROOTDIR}etc/rpi-issue ]; then
                FINDKERNEL="raspberrypi-kernel"
                LogText "Result: ${ROOTDIR}vmlinuz missing due to Raspbian"
-            elif $(${EGREPBINARY} -q 'do_symlinks.*=.*No' ${ROOTDIR}etc/kernel-img.conf); then
+            elif $(${GREPBINARY} -E -q 'do_symlinks.*=.*No' ${ROOTDIR}etc/kernel-img.conf); then
                FINDKERNEL="linux-image-$(uname -r)"
                LogText "Result: ${ROOTDIR}vmlinuz missing due to /etc/kernel-img.conf item do_symlinks = No"
            else
@ -414,8 +414,8 @@
            else
                LogText "Result: found kernel '${FINDKERNEL}' which will be used for further testing"
                LogText "Test: Using apt-cache policy to determine if there is an update available"
-                FINDINSTALLED=$(apt-cache policy ${FINDKERNEL} | ${EGREPBINARY} 'Installed' | ${CUTBINARY} -d ':' -f2 | ${TRBINARY} -d ' ')
+                FINDINSTALLED=$(apt-cache policy ${FINDKERNEL} | ${GREPBINARY} -E 'Installed' | ${CUTBINARY} -d ':' -f2 | ${TRBINARY} -d ' ')
-                FINDCANDIDATE=$(apt-cache policy ${FINDKERNEL} | ${EGREPBINARY} 'Candidate' | ${CUTBINARY} -d ':' -f2 | ${TRBINARY} -d ' ')
+                FINDCANDIDATE=$(apt-cache policy ${FINDKERNEL} | ${GREPBINARY} -E 'Candidate' | ${CUTBINARY} -d ':' -f2 | ${TRBINARY} -d ' ')
                LogText "Kernel installed: ${FINDINSTALLED}"
                LogText "Kernel candidate: ${FINDCANDIDATE}"
                if IsEmpty "${FINDINSTALLED}"; then
@ -692,7 +692,7 @@
                    else
                        # Match on items like /boot/vm5.3.7 or /boot/vmlinuz-5.3.7-1-default. Sort based on versions (-v) and then find the last item
                        # Note: ignore a rescue kernel (e.g. CentOS)
-                        FOUND_VMLINUZ=$(${LSBINARY} -v ${ROOTDIR}boot/vm[l0-9]* 2> /dev/null | ${GREPBINARY} -v '\-rescue\-' | ${TAILBINARY} -1)
+                        FOUND_VMLINUZ=$(${LSBINARY} -v ${ROOTDIR}boot/vm[l0-9]* 2> /dev/null | ${GREPBINARY} -v '\-rescue-' | ${TAILBINARY} -1)
                        LogText "Result: found ${FOUND_VMLINUZ}"
                    fi
@ -826,7 +826,7 @@
            LogText "Check: try to find raspberrypi-kernel file in ${APT_ARCHIVE_DIRECTORY} and extract package date from file name"
            FOUND_KERNEL_DATE=$(${FINDBINARY} ${APT_ARCHIVE_DIRECTORY} -name "raspberrypi-kernel*" -printf "%T@ %Tc %p\n" 2> /dev/null \
-            | ${SORTBINARY} -nr | ${HEADBINARY} -1 | ${GREPBINARY} -o "raspberrypi-kernel.*deb" | ${EGREPBINARY} -o "\.[0-9]+" | ${SEDBINARY} 's/\.//g')
+            | ${SORTBINARY} -nr | ${HEADBINARY} -1 | ${GREPBINARY} -o "raspberrypi-kernel.*deb" | ${GREPBINARY} -E -o "\.[0-9]+" | ${SEDBINARY} 's/\.//g')
            if [ -n "${FOUND_KERNEL_DATE}" ]; then
                FOUND_KERNEL_IN_SECONDS=$(date -d "${FOUND_KERNEL_DATE}" "+%s" 2> /dev/null)
@ -851,21 +851,21 @@
                            next="month"
                        fi
                    elif [ "$next" = "month" ]; then
-                        if [ $(${ECHOCMD} "${part}" | ${EGREPBINARY} -c "[A-Z][a-z]") -ge 1 ]; then
+                        if [ $(${ECHOCMD} "${part}" | ${GREPBINARY} -E -c "[A-Z][a-z]") -ge 1 ]; then
                            UNAME_DATE_MONTH="${part}"
                            next="day"
                        fi
                    elif [ "${next}" = "day" ]; then
-                        if [ $(${ECHOCMD} ${part} | ${EGREPBINARY} -c "[0-9][0-9]") -ge 1 ]; then
+                        if [ $(${ECHOCMD} ${part} | ${GREPBINARY} -E -c "[0-9][0-9]") -ge 1 ]; then
                            UNAME_DATE_DAY="${part}"
                            next="time"
                        fi
                    elif [ "${next}" = "time" ]; then
-                        if [ $(${ECHOCMD} ${part} | ${EGREPBINARY} -c ":[0-9][0-9]:") -ge 1 ]; then
+                        if [ $(${ECHOCMD} ${part} | ${GREPBINARY} -E -c ":[0-9][0-9]:") -ge 1 ]; then
                            next="year"
                        fi
                    elif [ "${next}" = "year" ]; then
-                        if [ $(${ECHOCMD} ${part} | ${EGREPBINARY} -c "[0-9][0-9]") -ge 1 ]; then
+                        if [ $(${ECHOCMD} ${part} | ${GREPBINARY} -E -c "[0-9][0-9]") -ge 1 ]; then
                            UNAME_DATE_YEAR="${part}"
                            break
                        fi
--- a/include/tests_logging
+++ b/include/tests_logging
@ -28,6 +28,7 @@
    METALOG_RUNNING=0
    RFC3195D_RUNNING=0
    RSYSLOG_RUNNING=0
    WAZUH_AGENT_RUNNING=0
    SOLARIS_LOGHOST=""
    SOLARIS_LOGHOST_FOUND=0
    SOLARIS_LOGHOST_LOCALHOST=0
@ -45,7 +46,7 @@
    Register --test-no LOGG-2130 --weight L --network NO --category security --description "Check for running syslog daemon"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Searching for a logging daemon"
-        FIND=$(${PSBINARY} ax | ${EGREPBINARY} "syslogd|syslog-ng|metalog|systemd-journal" | ${GREPBINARY} -v "grep")
+        FIND=$(${PSBINARY} ax | ${GREPBINARY} -E "syslogd|syslog-ng|metalog|systemd-journal" | ${GREPBINARY} -v "grep")
        if [ -z "${FIND}" ]; then
            Display --indent 2 --text "- Checking for a running log daemon" --result "${STATUS_WARNING}" --color RED
            LogText "Result: Could not find a syslog daemon like syslog, syslog-ng, rsyslog, metalog, systemd-journal"
@ -220,6 +221,23 @@
    fi
 #
 #################################################################################
 #
    # Test        : LOGG-2144
    # Description : Check for wazuh-agent presence on Linux systems
    Register --test-no LOGG-2144 --os Linux --weight L --network NO --category security --description "Checking wazuh-agent"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Result: Searching for wazuh-agent instances in the process list"
        if IsRunning "wazuh-agent"; then
            LogText "Result: Found wazuh-agent in process list"
            Display --indent 4 --text "- Checking wazuh-agent status" --result "${STATUS_FOUND}" --color GREEN
            WAZUH_AGENT_RUNNING=1
        else
            LogText "Result: wazuh-agent NOT found in process list"
            Display --indent 4 --text "- Checking wazuh-agent daemon status" --result "${STATUS_NOT_FOUND}" --color WHITE
        fi
    fi
 #
 #################################################################################
 #
    # Test        : LOGG-2146
    # Description : Check for logrotate (/etc/logrotate.conf and logrotate.d)
@ -261,7 +279,7 @@
    Register --test-no LOGG-2148 --weight L --preqs-met ${PREQS_MET} --network NO --category security --description "Checking logrotated files"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking which files are rotated with logrotate and if they exist"
-        FIND=$(${LOGROTATEBINARY} -d -v ${ROOTDIR}etc/logrotate.conf 2>&1 | ${EGREPBINARY} "considering log|skipping" | ${GREPBINARY} -v '*' | ${SORTBINARY} -u | ${AWKBINARY} '{ if ($2!="log") { print "File:"$2":does_not_exist" } else { print "File:"$3":exists" } }')
+        FIND=$(${LOGROTATEBINARY} -d -v ${ROOTDIR}etc/logrotate.conf 2>&1 | ${GREPBINARY} -E "considering log|skipping" | ${GREPBINARY} -v '*' | ${SORTBINARY} -u | ${AWKBINARY} '{ if ($2!="log") { print "File:"$2":does_not_exist" } else { print "File:"$3":exists" } }')
        if [ -z "${FIND}" ]; then
            LogText "Result: nothing found"
        else
@ -280,7 +298,7 @@
    Register --test-no LOGG-2150 --weight L --preqs-met ${PREQS_MET} --network NO --category security --description "Checking directories in logrotate configuration"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking which directories can be found in logrotate configuration"
-        FIND=$(${LOGROTATEBINARY} -d -v ${ROOTDIR}etc/logrotate.conf 2>&1 | ${EGREPBINARY} "considering log|skipping" | ${GREPBINARY} -v '*' | ${SORTBINARY} -u | ${AWKBINARY} '{ if ($2=="log") { print $3 } }' | ${SEDBINARY} 's@/[^/]*$@@g' | ${SORTBINARY} -u)
+        FIND=$(${LOGROTATEBINARY} -d -v ${ROOTDIR}etc/logrotate.conf 2>&1 | ${GREPBINARY} -E "considering log|skipping" | ${GREPBINARY} -v '*' | ${SORTBINARY} -u | ${AWKBINARY} '{ if ($2=="log") { print $3 } }' | ${SEDBINARY} 's@/[^/]*$@@g' | ${SORTBINARY} -u)
        if IsEmpty "${FIND}"; then
            LogText "Result: nothing found"
        else
@ -345,7 +363,7 @@
    if [ ${SOLARIS_LOGHOST_FOUND} -eq 1 ] && [ -n "${SOLARIS_LOGHOST}" ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no LOGG-2153 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking loghost is localhost"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND=$(echo "${SOLARIS_LOGHOST}" | ${AWKBINARY} '{ print $1 }' | ${EGREPBINARY} "::1|127.0.0.1|127.1")
+        FIND=$(echo "${SOLARIS_LOGHOST}" | ${AWKBINARY} '{ print $1 }' | ${GREPBINARY} -E "::1|127.0.0.1|127.1")
        if [ -n "${FIND}" ]; then
            SOLARIS_LOGHOST_LOCALHOST=1
            LogText "Result: loghost entry is localhost (default)"
@ -371,7 +389,7 @@
            TARGET="${ROOTDIR}etc/rsyslog.conf"
            if [ -f ${TARGET} ]; then
                LogText "Test: analyzing file ${TARGET} for remote target"
-                DATA=$(${EGREPBINARY} "@@?([a-zA-Z0-9\-])+(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?" ${TARGET} | ${GREPBINARY} -v "#" | ${TRBINARY} -cd "[:print:]\n" | ${SEDBINARY} 's/[[:blank:]]\{1,\}/:space:/g')
+                DATA=$(${GREPBINARY} -E "@@?([a-zA-Z0-9\-])+(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?" ${TARGET} | ${GREPBINARY} -v "#" | ${TRBINARY} -cd "[:print:]\n" | ${SEDBINARY} 's/[[:blank:]]\{1,\}/:space:/g')
                if [ -z "${DATA}" ]; then
                    LogText "Result: no remote target found"
                else
@ -391,7 +409,7 @@
                for F in ${FILES}; do
                    F=$(echo ${F} | ${SEDBINARY} 's/:space:/ /g')
                    LogText "Test: analyzing file ${F} for remote target"
-                    DATA=$(${EGREPBINARY} "@@?([a-zA-Z0-9\-])+(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?" ${F} | ${GREPBINARY} -v "#" | ${TRBINARY} -cd "[:print:]\n" | ${SEDBINARY} 's/[[:blank:]]\{1,\}/:space:/g')
+                    DATA=$(${GREPBINARY} -E "@@?([a-zA-Z0-9\-])+(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?(\.)?(([a-zA-Z0-9-])+)?" ${F} | ${GREPBINARY} -v "#" | ${TRBINARY} -cd "[:print:]\n" | ${SEDBINARY} 's/[[:blank:]]\{1,\}/:space:/g')
                    if [ -n "${DATA}" ]; then
                        LogText "Result: found remote target"
                        REMOTE_LOGGING_ENABLED=1
@ -403,7 +421,7 @@
                        done
                    else
                        # Check new style configuration (omrelp/omfwd). This can be all on one line or even split over multiple lines.
-                        DATA=$(${EGREPBINARY} "target=\"([a-zA-Z0-9\-])" ${F})
+                        DATA=$(${GREPBINARY} -E "target=\"([a-zA-Z0-9\-])" ${F})
                        if [ -n "${DATA}" ]; then
                            LogText "Result: most likely remote log host is used, as keyword 'target' is used"
                            REMOTE_LOGGING_ENABLED=1
@ -424,7 +442,7 @@
        if [ -f ${SYSLOGD_CONF} ]; then
            LogText "Test: check if logs are also logged to a remote logging host"
-            FIND=$(${EGREPBINARY} "@[a-zA-Z0-9]|destination\s.+(udp|tcp).+\sport" ${SYSLOGD_CONF} | ${GREPBINARY} -v "^#" | ${GREPBINARY} -v "[a-zA-Z0-9]@")
+            FIND=$(${GREPBINARY} -E "@[a-zA-Z0-9]|destination\s.+(udp|tcp).+\sport" ${SYSLOGD_CONF} | ${GREPBINARY} -v "^#" | ${GREPBINARY} -v "[a-zA-Z0-9]@")
            if [ -n "${FIND}" ]; then
                FIND2=$(echo "${FIND}" | ${GREPBINARY} -v "@loghost")
                if [ ${SOLARIS_LOGHOST_LOCALHOST} -eq 1 ] && [ -z "${FIND2}" ]; then
@ -435,9 +453,9 @@
                fi
            else
                # Search for configured destinations with an IP address or hostname, then determine which ones are used as a log destination
-                DESTINATIONS=$(${GREPBINARY} "^destination" ${SYSLOGD_CONF} | ${EGREPBINARY} "(udp|tcp)" | ${GREPBINARY} "port" | ${AWKBINARY} '{print $2}')
+                DESTINATIONS=$(${GREPBINARY} "^destination" ${SYSLOGD_CONF} | ${GREPBINARY} -E "(udp|tcp)" | ${GREPBINARY} "port" | ${AWKBINARY} '{print $2}')
                for DESTINATION in ${DESTINATIONS}; do
-                    FIND2=$(${GREPBINARY} "log" ${SYSLOGD_CONF} | ${GREPBINARY} "source" | ${EGREPBINARY} "destination\(${DESTINATION}\)")
+                    FIND2=$(${GREPBINARY} "log" ${SYSLOGD_CONF} | ${GREPBINARY} "source" | ${GREPBINARY} -E "destination\(${DESTINATION}\)")
                    if [ -n "${FIND2}" ]; then
                        LogText "Result: found destination ${DESTINATION} configured for remote logging"
                        REMOTE_LOGGING_ENABLED=1
@ -446,6 +464,21 @@
            fi
        fi
        # Test wazuh-agent configuration for syslog configuration
        if [ ${WAZUH_AGENT_RUNNING} ]; then
            WAZUH_AGENT_CONF="/var/ossec/etc/ossec.conf"
        fi
        if [ -f ${WAZUH_AGENT_CONF} ]; then
            LogText "Test: Checking Wazuh agent configuration for remote syslog forwarding"
            FIND=$(${EGREPBINARY} '<location>/var/log/syslog</location>' ${WAZUH_AGENT_CONF})
            if [ "${FIND}" ]; then
                DESTINATION=$(${EGREPBINARY} -o '<address>([A-Za-z0-9\.\-\_]*)</address>' ${WAZUH_AGENT_CONF} | sed 's/<address>//' | sed 's/<\/address>//')
                LogText "Result: found destination ${DESTINATION} configured for remote logging with wazuh"
                REMOTE_LOGGING_ENABLED=1
            fi
        fi
        # Show result
        if [ ${REMOTE_LOGGING_ENABLED} -eq 0 ]; then
            Report "remote_syslog_configured=0"
@ -539,7 +572,7 @@
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking open log files with lsof"
        if [ -n "${LSOFBINARY}" ]; then
-            FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n 2>&1 | ${GREPBINARY} "log$" | ${EGREPBINARY} -v "WARNING|Output information" | ${AWKBINARY} '{ if ($5=="REG") { print $9 } }' | ${SORTBINARY} -u | ${GREPBINARY} -v "^$")
+            FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n 2>&1 | ${GREPBINARY} "log$" | ${GREPBINARY} -E -v "WARNING|Output information" | ${AWKBINARY} '{ if ($5=="REG") { print $9 } }' | ${SORTBINARY} -u | ${GREPBINARY} -v "^$")
            for I in ${FIND}; do
                LogText "Found logfile: ${I}"
            done
@ -572,7 +605,7 @@
            LSOF_GREP="${LSOF_GREP}|anacron|awk|run-parts"
        fi
-        FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n +L 1 2>&1 | ${EGREPBINARY} -vw "${LSOF_GREP}" | ${EGREPBINARY} -v '/dev/zero|/\[aio\]' | ${AWKBINARY} '{ if ($5=="REG") { printf "%s(%s)\n", $10, $1 } }' | ${GREPBINARY} -v "^$" | ${SORTBINARY} -u)
+        FIND=$(${LSOFBINARY}${LSOF_EXTRA_OPTIONS} -n +L 1 2>&1 | ${GREPBINARY} -E -vw "${LSOF_GREP}" | ${GREPBINARY} -E -v '/dev/zero|/\[aio\]' | ${AWKBINARY} '{ if ($5=="REG") { printf "%s(%s)\n", $10, $1 } }' | ${GREPBINARY} -v "^$" | ${SORTBINARY} -u)
        if [ -n "${FIND}" ]; then
            LogText "Result: found one or more files which are deleted, but still in use"
            for I in ${FIND}; do
--- a/include/tests_mac_frameworks
+++ b/include/tests_mac_frameworks
@ -158,10 +158,14 @@
                Display --indent 6 --text "- Checking current mode and config file" --result "${STATUS_WARNING}" --color RED
            fi
            Display --indent 8 --text "Current SELinux mode: ${FIND}"
-            PERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${TRBINARY} '\n' ' ')
+            if [ -n "${SEMANAGEBINARY}" ]; then
-            NPERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${WCBINARY} -l)
+                PERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${TRBINARY} '\n' ' ')
-            Display --indent 8 --text "Found ${NPERMISSIVE} permissive SELinux object types"
+                NPERMISSIVE=$(${SEMANAGEBINARY} permissive --list --noheading | ${WCBINARY} -l)
-            LogText "Permissive SELinux object types: ${PERMISSIVE}"
+                Display --indent 8 --text "Found ${NPERMISSIVE} permissive SELinux object types"
                LogText "Permissive SELinux object types: ${PERMISSIVE}"
            else
                LogText "Result: semanage binary NOT found, can't analyse permissive domains"
            fi
            UNCONFINED=$(${PSBINARY} -eo label,pid,command | ${GREPBINARY} '[u]nconfined_t' | ${TRBINARY} '\n' ' ')
            INITRC=$(${PSBINARY} -eo label,pid,command | ${GREPBINARY} '[i]nitrc_t' | ${TRBINARY} '\n' ' ')
            NUNCONFINED=$(${PSBINARY} -eo label | ${GREPBINARY} '[u]nconfined_t' | ${WCBINARY} -l)
--- a/include/tests_mail_messaging
+++ b/include/tests_mail_messaging
@ -70,18 +70,18 @@
        unset FIND FIND2 FIND3 FIND4
        # Local Only
-        FIND=$(echo "${EXIM_ROUTERS}" | ${EGREPBINARY} '^nonlocal')
+        FIND=$(echo "${EXIM_ROUTERS}" | ${GREPBINARY} -E '^nonlocal')
        # Internet Host
-        FIND2=$(echo "${EXIM_ROUTERS}" | ${EGREPBINARY} '^dnslookup_relay_to_domains')
+        FIND2=$(echo "${EXIM_ROUTERS}" | ${GREPBINARY} -E '^dnslookup_relay_to_domains')
        # Smarthost or Satellite
-        FIND3=$(echo "${EXIM_ROUTERS}" | ${EGREPBINARY} '^smarthost')
+        FIND3=$(echo "${EXIM_ROUTERS}" | ${GREPBINARY} -E '^smarthost')
        if [ -n "${FIND}" ]; then
            EXIM_TYPE="LOCAL ONLY"
        elif [ -n "${FIND2}" ]; then
            EXIM_TYPE="INTERNET HOST"
        elif [ -n "${FIND3}" ]; then
-            FIND4=$(echo "${EXIM_ROUTERS}" | ${EGREPBINARY} '^hub_user_smarthost')
+            FIND4=$(echo "${EXIM_ROUTERS}" | ${GREPBINARY} -E '^hub_user_smarthost')
            if [ -n "${FIND4}" ]; then
                EXIM_TYPE="SATELLITE"
            else
@ -415,7 +415,7 @@
    Register --test-no MAIL-8920 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check OpenSMTPD status"
    if [ ${SKIPTEST} -eq 0  ]; then
        LogText "Test: check smtpd status"
-        FIND=$(${PSBINARY} ax | ${EGREPBINARY} "(/smtpd|smtpd: \[priv\]|smtpd: smtp)" | ${GREPBINARY} -v "grep")
+        FIND=$(${PSBINARY} ax | ${GREPBINARY} -E "(/smtpd|smtpd: \[priv\]|smtpd: smtp)" | ${GREPBINARY} -v "grep")
        if [ ! "${FIND}" = "" ]; then
            LogText "Result: found running smtpd process"
            Display --indent 2 --text "- OpenSMTPD status" --result "${STATUS_RUNNING}" --color GREEN
--- a/include/tests_malware
+++ b/include/tests_malware
@ -39,6 +39,7 @@
    MALWARE_SCANNER_INSTALLED=0
    MALWARE_DAEMON_RUNNING=0
    ROOTKIT_SCANNER_FOUND=0
    SENTINELONE_SCANNER_RUNNING=0
    SOPHOS_SCANNER_RUNNING=0
    SYMANTEC_SCANNER_RUNNING=0
    SYNOLOGY_DAEMON_RUNNING=0
@ -52,16 +53,12 @@
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking presence McAfee VirusScan for Command Line"
        if [ -x /usr/local/uvscan/uvscan ]; then
-            Display --indent 2 --text "- ${GEN_CHECKING} McAfee VirusScan for Command Line" --result "${STATUS_FOUND}" --color GREEN
+            Display --indent 2 --text "- ${GEN_CHECKING} McAfee VirusScan for Command Line (deprecated)" --result "${STATUS_FOUND}" --color RED
            LogText "Result: Found ${MCAFEECLBINARY}"
-            MALWARE_SCANNER_INSTALLED=1
+            AddHP 0 2
-            AddHP 2 2
+            LogText "Result: McAfee Antivirus for Linux has been deprecated as of 1 Oct 2023 and will not receive updates. Please use another antivirus instead."
-            Report "malware_scanner[]=mcafeecl"
+       fi
        else
            LogText "Result: McAfee VirusScan for Command Line not found"
        fi
    fi
 #
 #################################################################################
 #
    # Test        : MALW-3275
@ -128,7 +125,7 @@
        # Avast (macOS)
        LogText "Test: checking process com.avast.daemon"
-        if IsRunning "com.avast.daemon"; then
+        if IsRunning --full "com.avast.daemon"; then
            FOUND=1
            AVAST_DAEMON_RUNNING=1
            MALWARE_DAEMON_RUNNING=1
@ -231,6 +228,20 @@
            Report "malware_scanner[]=mcafee"
        fi
       # SentinelOne
       LogText "Text: checking process sentineld (SentinelOne)"
       if IsRunning "sentineld"; then SENTINELONE_SCANNER_RUNNING=1; fi # macOS
       if IsRunning "s1-agent"; then SENTINELONE_SCANNER_RUNNING=1; fi # Linux
       if IsRunning "SentinelAgent"; then SENTINELONE_SCANNER_RUNNING=1; fi # Windows
       if [ ${SENTINELONE_SCANNER_RUNNING} -eq 1 ]; then
            FOUND=1
            if IsVerbose; then Display --indent 2 --text "- ${GEN_CHECKING} SentinelOne" --result "${STATUS_FOUND}" --color GREEN; fi
            LogText "Result: Found SentinelOne"
            MALWARE_DAEMON_RUNNING=1
            MALWARE_SCANNER_INSTALLED=1
            Report "malware_scanner[]=sentinelone"
        fi
        # Sophos savscand/SophosScanD
        LogText "Test: checking process savscand"
        if IsRunning "savscand"; then
@ -354,6 +365,24 @@
    fi
 #
 #################################################################################
 #
    # Test        : MALW-3291
    # Description : Check if Microsoft Defender Antivirus is installed
    Register --test-no MALW-3291 --weight L --network NO --category security --description "Check for mdatp"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking presence mdatp"
        if [ ! "${MDATPBINARY}" = "" ]; then
            Display --indent 2 --text "- Checking Microsoft Defender Antivirus" --result "${STATUS_FOUND}" --color GREEN
            LogText "Result: Found ${MDATPBINARY}"
            MALWARE_SCANNER_INSTALLED=1
            AddHP 2 2
            Report "malware_scanner[]=mdatp"
        else
            LogText "Result: mdatp couldn't be found"
        fi
    fi
 #
 #################################################################################
 #
    # Test        : MALW-3286
    # Description : Check running freshclam if clamd process is running
--- a/include/tests_nameservices
+++ b/include/tests_nameservices
@ -339,7 +339,7 @@
    Register --test-no NAME-4210 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check DNS banner"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Trying to determine version from banner"
-        FIND=$(${DIGBINARY} @localhost version.bind chaos txt | ${GREPBINARY} "^version.bind" | ${GREPBINARY} TXT | ${EGREPBINARY} "[0-9].[0-9].[0-9]*")
+        FIND=$(${DIGBINARY} @localhost version.bind chaos txt | ${GREPBINARY} "^version.bind" | ${GREPBINARY} TXT | ${GREPBINARY} -E "[0-9].[0-9].[0-9]*")
        if [ "${FIND}" = "" ]; then
            LogText "Result: no useful information in banner found"
            Display --indent 4 --text "- Checking BIND version in banner" --result "${STATUS_OK}" --color GREEN
@ -485,7 +485,7 @@
                LogText "Result: ypldap is running"
                Display --indent 2 --text "- Checking ypldap status" --result "${STATUS_FOUND}" --color GREEN
            else
-                ReportSuggestion "Disable the usage of NIS/NIS+ and use an alternative like LDAP or Kerberos instead"
+                ReportSuggestion "${TEST_NO}" "Disable the usage of NIS/NIS+ and use an alternative like LDAP or Kerberos instead"
            fi
        else
            LogText "Result: ypbind is not active"
@ -571,7 +571,7 @@
    Register --test-no NAME-4402 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check duplicate line in /etc/hosts"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: check duplicate line in ${ROOTDIR}etc/hosts"
-        OUTPUT=$(${AWKBINARY} '{ print $1, $2 }' ${ROOTDIR}etc/hosts | ${EGREPBINARY} -v '^(#|$)' | ${EGREPBINARY} "[a-f0-9]" | ${SORTBINARY} | ${UNIQBINARY} -d)
+        OUTPUT=$(${AWKBINARY} '{ print $1, $2 }' ${ROOTDIR}etc/hosts | ${GREPBINARY} -E -v '^(#|$)' | ${GREPBINARY} -E "[a-f0-9]" | ${SORTBINARY} | ${UNIQBINARY} -d)
        if [ -z "${OUTPUT}" ]; then
            LogText "Result: OK, no duplicate lines found"
            Display --indent 4 --text "- Duplicate entries in hosts file" --result "${STATUS_NONE}" --color GREEN
@ -592,7 +592,7 @@
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Check /etc/hosts contains an entry for this server name"
        if [ -n "${HOSTNAME}" ]; then
-            DATA=$(${EGREPBINARY} -v '^(#|$|^::1\s|localhost)' ${ROOTDIR}etc/hosts | ${GREPBINARY} -i ${HOSTNAME})
+            DATA=$(${GREPBINARY} -E -v '^(#|$|^::1\s|localhost)' ${ROOTDIR}etc/hosts | ${GREPBINARY} -i ${HOSTNAME})
            if [ -n "${DATA}" ]; then
                LogText "Result: Found entry for ${HOSTNAME} in ${ROOTDIR}etc/hosts"
                Display --indent 4 --text "- Presence of configured hostname in /etc/hosts" --result "${STATUS_FOUND}" --color GREEN
@ -615,7 +615,7 @@
    Register --test-no NAME-4406 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check server hostname mapping"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Check server hostname not locally mapped in ${ROOTDIR}etc/hosts"
-        DATA=$(${EGREPBINARY} -v '^(#|$)' ${ROOTDIR}etc/hosts | ${EGREPBINARY} '^(localhost|::1)\s' | ${GREPBINARY} -w ${HOSTNAME})
+        DATA=$(${GREPBINARY} -E -v '^(#|$)' ${ROOTDIR}etc/hosts | ${GREPBINARY} -E '^(localhost|::1)\s' | ${GREPBINARY} -w ${HOSTNAME})
        if [ -n "${DATA}" ]; then
            LogText "Result: Found this server hostname mapped to a local address"
            LogText "Output: ${DATA}"
--- a/include/tests_networking
+++ b/include/tests_networking
@ -280,7 +280,7 @@
    Register --test-no NETW-3001 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Find default gateway (route)"
    if [ $SKIPTEST -eq 0 ]; then
        LogText "Test: Searching default gateway(s)"
-        FIND=$(${NETSTATBINARY} -rn | ${EGREPBINARY} "^0.0.0.0|default" | ${TRBINARY} -s ' ' | ${CUTBINARY} -d ' ' -f2)
+        FIND=$(${NETSTATBINARY} -rn | ${GREPBINARY} -E "^0.0.0.0|default" | ${TRBINARY} -s ' ' | ${CUTBINARY} -d ' ' -f2)
        if [ -n "${FIND}" ]; then
            for I in ${FIND}; do
                LogText "Result: Found default gateway ${I}"
@ -750,7 +750,7 @@
                        UNCOMMON_PROTOCOL_DISABLED=0
                        # First check modprobe.conf
                        if [ -f ${ROOTDIR}etc/modprobe.conf ]; then
-                            DATA=$(${GREPBINARY} "^install \+${P} \+/bin/true$" ${ROOTDIR}etc/modprobe.conf)
+                            DATA=$(${GREPBINARY} "^install \+${P} \+/bin/(true|false)$" ${ROOTDIR}etc/modprobe.conf)
                            if [ -n "${DATA}" ]; then
                                LogText "Result: found ${P} module disabled via modprobe.conf"
                                UNCOMMON_PROTOCOL_DISABLED=1
@ -759,7 +759,7 @@
                        # Then additional modprobe configuration files
                        if [ -d ${ROOTDIR}etc/modprobe.d ]; then
                            # Return file names (-l) and suppress errors (-s)
-                            DATA=$(${GREPBINARY} -l -s "^install \+${P} \+/bin/true$" ${ROOTDIR}etc/modprobe.d/*)
+                            DATA=$(${GREPBINARY} -l -s "^install \+${P} \+/bin/(true|false)$" ${ROOTDIR}etc/modprobe.d/*)
                            if [ -n "${DATA}" ]; then
                                UNCOMMON_PROTOCOL_DISABLED=1
                                for F in ${DATA}; do
--- a/include/tests_php
+++ b/include/tests_php
@ -285,9 +285,9 @@
    # Test        : PHP-2368
    # Description : Check php register_globals option
    # Notes       : Don't test for it if PHP version is 5.4.0 or later (it has been removed)
-    if [ -n "${PHPINIFILE}" -a -n "${PHPVERSION}" -a -n "${EGREPBINARY}" ]; then
+    if [ -n "${PHPINIFILE}" -a -n "${PHPVERSION}" -a -n "${GREPBINARY}" ]; then
        if [ -f "${PHPINIFILE}" ]; then
-            FIND=$(echo ${PHPVERSION} | ${EGREPBINARY} "^(4.|5.[0-3])")
+            FIND=$(echo ${PHPVERSION} | ${GREPBINARY} -E "^(4.|5.[0-3])")
            if [ -z "${FIND}" ]; then
                PREQS_MET="NO"; Debug "Found most likely PHP version 5.4.0 or higher (${PHPVERSION}) which does not use register_globals"
            else
@ -305,7 +305,7 @@
    Register --test-no PHP-2368 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP register_globals option"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking PHP register_globals option"
-        FIND=$(${EGREPBINARY} -i 'register_globals.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
+        FIND=$(${GREPBINARY} -E -i 'register_globals.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
        if [ -n "${FIND}" ]; then
            Display --indent 4 --text "- Checking register_globals option" --result "${STATUS_WARNING}" --color RED
            ReportWarning "${TEST_NO}" "PHP option register_globals option is turned on, which can be a risk for variable value overwriting"
@ -338,7 +338,7 @@
                    ;;
            esac
            LogText "Test: Checking file ${FILE}"
-            FIND=$(${EGREPBINARY} -i 'expose_php.*(on|yes|1)' ${FILE} | ${GREPBINARY} -v '^;')
+            FIND=$(${GREPBINARY} -E -i 'expose_php.*(on|yes|1)' ${FILE} | ${GREPBINARY} -v '^;')
            if HasData "${FIND}"; then
                LogText "Result: found a a possible match on expose_php setting"
                LogText "Data: ${FIND}"
@ -367,7 +367,7 @@
    Register --test-no PHP-2374 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP enable_dl option"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking PHP enable_dl option"
-        FIND=$(${EGREPBINARY} -i 'enable_dl.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
+        FIND=$(${GREPBINARY} -E -i 'enable_dl.*(on|yes|1)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
        if [ -n "${FIND}" ]; then
            Display --indent 4 --text "- Checking enable_dl option" --result "${STATUS_ON}" --color YELLOW
            Report "Result: enable_dl option is turned on, which can be used to enable more modules dynamically and circumventing security controls"
@ -389,7 +389,7 @@
    Register --test-no PHP-2376 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP allow_url_fopen option"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking PHP allow_url_fopen option"
-        FIND=$(${EGREPBINARY} -i 'allow_url_fopen.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
+        FIND=$(${GREPBINARY} -E -i 'allow_url_fopen.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
        if [ -z "${FIND}" ]; then
            Display --indent 4 --text "- Checking allow_url_fopen option" --result "${STATUS_ON}" --color YELLOW
            LogText "Result: allow_url_fopen option is turned on, which can be used for downloads via PHP and is a security risk"
@ -412,7 +412,7 @@
    Register --test-no PHP-2378 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check PHP allow_url_include option"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking PHP allow_url_include option"
-        FIND=$(${EGREPBINARY} -i 'allow_url_include.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
+        FIND=$(${GREPBINARY} -E -i 'allow_url_include.*(off|no|0)' ${PHPINIFILE} | ${GREPBINARY} -v '^;')
        if [ -z "${FIND}" ]; then
            Display --indent 4 --text "- Checking allow_url_include option" --result "${STATUS_ON}" --color YELLOW
            Report "Result: allow_url_include option is turned on, which can be used for downloads via PHP and is a risk"
@ -436,7 +436,7 @@
    #if [ ${SKIPTEST} -eq 0 ]; then
    #    FOUND=0
    #    SIMULATION=0
-    #    MAJOR_VERSION=$(echo ${PHPVERSION} | ${EGREPBINARY} "^7")
+    #    MAJOR_VERSION=$(echo ${PHPVERSION} | ${GREPBINARY} -E "^7")
    #    if [ "${OS}" = "OpenBSD" ]; then
    #        FOUND=1                    # On OpenBSD, Suhosin is hard linked into PHP
    #        SIMULATION=off
@ -519,7 +519,7 @@
                    ;;
            esac
            LogText "Test: Checking file ${FILE}"
-            FIND=$(${EGREPBINARY} -i "^listen = [0-9]{1,5}$" ${FILE})
+            FIND=$(${GREPBINARY} -E -i "^listen = [0-9]{1,5}$" ${FILE})
            if HasData "${FIND}"; then
                LogText "Result: found listen on just a port number"
                LogText "Data: ${FIND}"
--- a/include/tests_ports_packages
+++ b/include/tests_ports_packages
@ -127,11 +127,15 @@
        LogText "Test: Querying brew to get package list"
        Display --indent 4 --text "- Querying brew for installed packages"
        LogText "Output:"; LogText "-----"
-        GPACKAGES=$(brew list)
+        GPACKAGES=$(brew list --versions)
-        for J in ${GPACKAGES}; do
+        while IFS= read -r PKG; do
-            LogText "Found package ${J}"
+            PACKAGE_NAME=$(echo ${PKG} | ${CUTBINARY} -d ' ' -f1)
-            INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${J}"
+            PACKAGE_VERSION=$(echo ${PKG} | ${CUTBINARY} -d ' ' -f2)
-        done
+            LogText "Found package: ${PACKAGE_NAME} (version: ${PACKAGE_VERSION})"
            INSTALLED_PACKAGES="${INSTALLED_PACKAGES}|${PACKAGE_NAME},${PACKAGE_VERSION}"
        done << EOF
 $GPACKAGES
 EOF
    else
        LogText "Result: brew can NOT be found on this system"
    fi
@ -347,12 +351,13 @@
    Register --test-no PKGS-7322 --os "Linux" --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight L --network NO --category security --description "Discover vulnerable packages with arch-audit"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: checking arch-audit output for vulnerable packages"
-        FIND=$(${ARCH_AUDIT_BINARY} | ${SEDBINARY} 's/\.\..*$//' | ${SEDBINARY} 's/, //g' | ${SEDBINARY} 's/\(\["\|"\]\)//g' | ${SEDBINARY} 's/""/,/g' | ${AWKBINARY} '{ if($1=="Package") { print $2"|"$6"|"}}' | ${AWKBINARY} -F'|' 'NF>1{a[$1] = a[$1]","$2}END{for(i in a){print i""a[i]"|"}}' | ${SEDBINARY} 's/,/|cve=/' | ${SORTBINARY})
+        FIND=$(${ARCH_AUDIT_BINARY} | ${SEDBINARY} 's/ High risk!//' | ${SEDBINARY} 's/ Medium risk!//' | ${SEDBINARY} 's/ Low risk!//' | ${SEDBINARY} 's/\.\..*$//' | ${SEDBINARY} 's/, /,/g' | ${SEDBINARY} 's/\(\["\|"\]\)//g' | ${SEDBINARY} 's/""/,/g' | ${AWKBINARY} '{if ($0 ~ /is affected by CVE\-/) {print $1"|"$5"|"} else {ORS=""; print $1"|"; for (i=5; i<=NF; i++)print $i; print "\n"; ORS="\n"}}'| ${AWKBINARY} -F'|' 'NF>1{a[$1] = a[$1]","$2}END{for(i in a){print i""a[i]"|"}}' | ${SEDBINARY} 's/,CVE-/|cve=CVE-/' | ${SORTBINARY})
        if [ -z "${FIND}" ]; then
            LogText "Result: no vulnerable packages found with arch-audit"
            AddHP 10 10
        else
            LogText "Result: found one or more vulnerable packages"
            VULNERABLE_PACKAGES_FOUND=1
            for ITEM in ${FIND}; do
                LogText "Found line: ${ITEM}"
                Report "vulnerable_package[]=${ITEM}"
@ -836,7 +841,7 @@
    Register --test-no PKGS-7383 --preqs-met ${PREQS_MET} --os Linux --weight M --network NO --category security --description "Check for YUM package update management"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: YUM package update management"
-        FIND=$(${YUMBINARY} repolist 2>/dev/null | ${GREPBINARY} repolist | ${SEDBINARY} 's/[[:blank:]]//g' | ${SEDBINARY} 's/[,.]//g' | ${AWKBINARY} -F ":" '{print $2}' | ${EGREPBINARY} "^[0-9]+$")
+        FIND=$(${YUMBINARY} repolist 2>/dev/null | ${GREPBINARY} repolist | ${SEDBINARY} 's/[[:blank:]]//g' | ${SEDBINARY} 's/[,.]//g' | ${AWKBINARY} -F ":" '{print $2}' | ${GREPBINARY} -E "^[0-9]+$")
        if [ -z "${FIND}" -o "${FIND}" = "0" ]; then
            LogText "Result: YUM package update management failed"
            Display --indent 2 --text "- YUM package management consistency" --result "${STATUS_WARNING}" --color RED
@ -1030,7 +1035,7 @@
        if [ ${OPTION_DEBIAN_SKIP_SECURITY_REPOSITORY} -eq 0 ]; then
            if [ -f ${ROOTDIR}etc/apt/sources.list ]; then
                LogText "Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list file"
-                FIND=$(${EGREPBINARY} "security.debian.org|security.ubuntu.com|security/? " ${ROOTDIR}etc/apt/sources.list | ${GREPBINARY} -v '#' | ${SEDBINARY} 's/ /!space!/g')
+                FIND=$(${GREPBINARY} -E "security.debian.org|security.ubuntu.com|security/? " ${ROOTDIR}etc/apt/sources.list | ${GREPBINARY} -v '#' | ${SEDBINARY} 's/ /!space!/g')
                if [ -n "${FIND}" ]; then
                    FOUND=1
                    Display --indent 2 --text "- Checking security repository in sources.list file" --result "${STATUS_OK}" --color GREEN
@ -1043,7 +1048,7 @@
            fi
            if [ -d /etc/apt/sources.list.d ]; then
                LogText "Searching for security.debian.org/security.ubuntu.com or security repositories in /etc/apt/sources.list.d directory"
-                FIND=$(${EGREPBINARY} -r "security.debian.org|security.ubuntu.com|security/? " /etc/apt/sources.list.d | ${GREPBINARY} -v '#' | ${SEDBINARY} 's/ /!space!/g')
+                FIND=$(${GREPBINARY} -E -r "security.debian.org|security.ubuntu.com|security/? " /etc/apt/sources.list.d | ${GREPBINARY} -v '#' | ${SEDBINARY} 's/ /!space!/g')
                if [ -n "${FIND}" ]; then
                    FOUND=1
                    Display --indent 2 --text "- Checking security repository in sources.list.d directory" --result "${STATUS_OK}" --color GREEN
@ -1338,7 +1343,7 @@
        if [ "${DPKGBINARY}" ]; then
            TESTED=1
            KERNEL_PKG_NAMES="linux-image-[0-9]|raspberrypi-kernel|pve-kernel-[0-9]"
-            KERNELS=$(${DPKGBINARY} -l 2> /dev/null | ${EGREPBINARY} "${KERNEL_PKG_NAMES}" | ${WCBINARY} -l)
+            KERNELS=$(${DPKGBINARY} -l 2> /dev/null | ${GREPBINARY} -E "${KERNEL_PKG_NAMES}" | ${WCBINARY} -l)
            if [ ${KERNELS} -eq 0 ]; then
                LogText "Result: found no kernels from dpkg -l output, which is unexpected"
            elif [ ${KERNELS} -gt 5 ]; then
--- a/include/tests_printers_spoolers
+++ b/include/tests_printers_spoolers
@ -144,14 +144,14 @@
        LogText "Test: Checking CUPS daemon listening network addresses"
        # Search for Port statement
-        FIND=$(${EGREPBINARY} "^Port 631" ${CUPSD_CONFIG_FILE})
+        FIND=$(${GREPBINARY} -E "^Port 631" ${CUPSD_CONFIG_FILE})
        if [ -n "${FIND}" ]; then
            LogText "Result: found CUPS listening on port 631 (most likely all interfaces)"
            PORT_FOUND=1
        fi
        # Checking network addresses
-        FIND=$(${EGREPBINARY} "^(SSL)?Listen" ${CUPSD_CONFIG_FILE} | ${GREPBINARY} -v "/" | ${AWKBINARY} '{ print $2 }')
+        FIND=$(${GREPBINARY} -E "^(SSL)?Listen" ${CUPSD_CONFIG_FILE} | ${GREPBINARY} -v "/" | ${AWKBINARY} '{ print $2 }')
        COUNT=0
        for ITEM in ${FIND}; do
            LogText "Result: found network address: ${ITEM}"
@ -222,7 +222,7 @@
        QDAEMON_CONFIG_FILE="${ROOTDIR}etc/qconfig"
        FileIsReadable ${QDAEMON_CONFIG_FILE}
        if [ ${CANREAD} -eq 1 ]; then
-            FIND=$(${GREPBINARY} -v "^\*" ${QDAEMON_CONFIG_FILE} | ${EGREPBINARY} "backend|device")
+            FIND=$(${GREPBINARY} -v "^\*" ${QDAEMON_CONFIG_FILE} | ${GREPBINARY} -E "backend|device")
            if [ -n "${FIND}" ]; then
                LogText "Result: printers are defined in ${QDAEMON_CONFIG_FILE}"
                Display --indent 2 --text "- Checking /etc/qconfig file" --result "${STATUS_FOUND}" --color GREEN
--- a/include/tests_scheduling
+++ b/include/tests_scheduling
@ -35,7 +35,7 @@
    # Description : Check cron daemon
    Register --test-no SCHD-7702 --weight L --network NO --category security --description "Check status of cron daemon"
    if [ ${SKIPTEST} -eq 0 ]; then
-        FIND=$(${PSBINARY} aux | ${EGREPBINARY} "( cron$|/cron(d)? )")
+        FIND=$(${PSBINARY} aux | ${GREPBINARY} -E "( cron$|/cron(d)? )")
        if IsEmpty "${FIND}"; then
            LogText "Result: no cron daemon found"
        else
@ -55,12 +55,12 @@
        BAD_FILE_PERMISSIONS=0
        BAD_FILE_OWNERSHIP=0
        FindCronJob() {
-            sCRONJOBS=$(${EGREPBINARY} '^([0-9*])' $1 | ${TRBINARY} '\t' ' ' | ${TRBINARY} -s ' ' | ${TRBINARY} ' ' ',' | ${SORTBINARY})
+            sCRONJOBS=$(${GREPBINARY} -E '^([0-9*])' $1 | ${TRBINARY} '\t' ' ' | ${TRBINARY} -s ' ' | ${TRBINARY} ' ' ',' | ${SORTBINARY})
        }
        CRONTAB_FILE="${ROOTDIR}etc/crontab"
        if [ -f ${CRONTAB_FILE} ]; then
-            ${EGREPBINARY} -q -s 'lynis audit system' ${CRONTAB_FILE} && LYNIS_CRONJOB="file:/etc/crontab"
+            ${GREPBINARY} -E -q -s 'lynis audit system' ${CRONTAB_FILE} && LYNIS_CRONJOB="file:/etc/crontab"
            if IsWorldWritable ${CRONTAB_FILE}; then LogText "Result: insecure file permissions for cronjob file ${CRONTAB_FILE}"; Report "insecure_fileperms_cronjob[]=${CRONTAB_FILE}"; BAD_FILE_PERMISSIONS=1; AddHP 0 5; fi
            if ! IsOwnedByRoot ${CRONTAB_FILE}; then LogText "Result: incorrect owner found for cronjob file ${CRONTAB_FILE}"; Report "bad_fileowner_cronjob[]=${CRONTAB_FILE}"; BAD_FILE_OWNERSHIP=1; AddHP 0 5; fi
            FindCronJob ${CRONTAB_FILE}
@ -86,7 +86,7 @@
                            if IsWorldWritable ${FILE}; then LogText "Result: insecure file permissions for cronjob file ${J}"; Report "insecure_fileperms_cronjob[]=${J}"; BAD_FILE_PERMISSIONS=1; AddHP 0 5; fi
                            if ! IsOwnedByRoot ${FILE}; then LogText "Result: incorrect owner found for cronjob file ${J}"; Report "bad_fileowner_cronjob[]=${J}"; BAD_FILE_OWNERSHIP=1; AddHP 0 5; fi
                            FILENAME=$(echo ${FILE} | ${AWKBINARY} -F/ '{print $NF}')
-                            if [ "${FILENAME}" = "lynis" ]; then ${EGREPBINARY} -q -s 'lynis audit system' ${CRONTAB_FILE} && LYNIS_CRONJOB="file:${FILE}"; fi
+                            if [ "${FILENAME}" = "lynis" ]; then ${GREPBINARY} -E -q -s 'lynis audit system' ${CRONTAB_FILE} && LYNIS_CRONJOB="file:${FILE}"; fi
                            FindCronJob ${FILE}
                            if HasData "${sCRONJOBS}"; then
                                for K in ${sCRONJOBS}; do
@ -121,7 +121,7 @@
                            if IsWorldWritable ${FILE}; then LogText "Result: insecure file permissions for cronjob file ${FILE}"; Report "insecure_fileperms_cronjob[]=${FILE}"; BAD_FILE_PERMISSIONS=1; AddHP 0 5; fi
                            if ! IsOwnedByRoot ${FILE}; then LogText "Result: incorrect owner found for cronjob file ${FILE}"; Report "bad_fileowner_cronjob[]=${FILE}"; BAD_FILE_OWNERSHIP=1; AddHP 0 5; fi
                            FILENAME=$(echo ${FILE} | ${AWKBINARY} -F/ '{print $NF}')
-                            if [ "${FILENAME}" = "lynis" ]; then ${EGREPBINARY} -q -s 'lynis audit system' ${CRONTAB_FILE} && LYNIS_CRONJOB="file:${FILE}"; fi
+                            if [ "${FILENAME}" = "lynis" ]; then ${GREPBINARY} -E -q -s 'lynis audit system' ${CRONTAB_FILE} && LYNIS_CRONJOB="file:${FILE}"; fi
                            LogText "Result: Found cronjob (${I}): ${FILE}"
                            Report "cronjob[]=${FILE}"
                        done
@ -141,7 +141,7 @@
            FIND=$(${FINDBINARY} /var/spool/cron/crontabs -xdev -type f -print 2> /dev/null)
            for I in ${FIND}; do
                if FileIsReadable ${I}; then
-                    ${EGREPBINARY} -q -s 'lynis audit system' ${I} && LYNIS_CRONJOB="file:${I}"
+                    ${GREPBINARY} -E -q -s 'lynis audit system' ${I} && LYNIS_CRONJOB="file:${I}"
                    FindCronJob ${I}
                    for FILE in ${sCRONJOBS}; do
                        LogText "Found cronjob (/var/spool/cron/crontabs): ${I} (${FILE})"
@ -154,7 +154,7 @@
                FIND=$(find ${ROOTDIR}var/spool/cron -type f -print)
                for I in ${FIND}; do
                    if FileIsReadable ${I}; then
-                        ${EGREPBINARY} -q -s 'lynis audit system' ${I} && LYNIS_CRONJOB="file:${I}"
+                        ${GREPBINARY} -E -q -s 'lynis audit system' ${I} && LYNIS_CRONJOB="file:${I}"
                        FindCronJob ${I}
                        for FILE in ${sCRONJOBS}; do
                            LogText "Found cronjob in ${ROOTDIR}var/spool/cron: ${I} (${FILE})"
@ -169,7 +169,7 @@
        if [ "${OS}" = "Linux" ]; then
            if [ -f /etc/anacrontab ]; then
                LogText "Test: checking anacrontab"
-                sANACRONJOBS=$(${EGREPBINARY} '^([0-9@])' /etc/anacrontab | ${TRBINARY} '\t' ' ' | ${TRBINARY} -s ' ' | ${TRBINARY} ' ' ',' | ${SORTBINARY})
+                sANACRONJOBS=$(${GREPBINARY} -E '^([0-9@])' /etc/anacrontab | ${TRBINARY} '\t' ' ' | ${TRBINARY} -s ' ' | ${TRBINARY} ' ' ',' | ${SORTBINARY})
                if [ -n "${sANACRONJOBS}" ]; then
                    Report "scheduler[]=anacron"
                    for I in ${sANACRONJOBS}; do
--- a/include/tests_shells
+++ b/include/tests_shells
@ -52,7 +52,7 @@
    Register --test-no SHLL-6202 --os FreeBSD --weight L --network NO --category security --description "Check console TTYs"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking console TTYs"
-        FIND=$(${EGREPBINARY} '^console' ${ROOTDIR}etc/ttys | ${GREPBINARY} -v 'insecure')
+        FIND=$(${GREPBINARY} -E '^console' ${ROOTDIR}etc/ttys | ${GREPBINARY} -v 'insecure')
        if [ -z "${FIND}" ]; then
            Display --indent 2 --text "- Checking console TTYs" --result "${STATUS_OK}" --color GREEN
            LogText "Result: console is secured against single user mode without password."
--- a/include/tests_squid
+++ b/include/tests_squid
@ -42,7 +42,7 @@
        LogText "Test: Searching for a Squid daemon"
        FOUND=0
        # Check running processes
-        FIND=$(${PSBINARY} ax | ${EGREPBINARY} "(squid|squid3) " | ${GREPBINARY} -v "grep")
+        FIND=$(${PSBINARY} ax | ${GREPBINARY} -E "(squid|squid3) " | ${GREPBINARY} -v "grep")
        if [ -n "${FIND}" ]; then
            SQUID_DAEMON_RUNNING=1
            LogText "Result: Squid daemon is running"
--- a/include/tests_ssh
+++ b/include/tests_ssh
@ -299,7 +299,7 @@
    if [ ${SKIPTEST} -eq 0 ]; then
        FOUND=0
        # AllowUsers
-        FIND=$(${EGREPBINARY} -i "^AllowUsers" ${SSH_DAEMON_OPTIONS_FILE} | ${AWKBINARY} '{ print $2 }')
+        FIND=$(${GREPBINARY} -E -i "^AllowUsers" ${SSH_DAEMON_OPTIONS_FILE} | ${AWKBINARY} '{ print $2 }')
        if [ -n "${FIND}" ]; then
            LogText "Result: AllowUsers set, with value ${FIND}"
            Display --indent 4 --text "- OpenSSH option: AllowUsers" --result "${STATUS_FOUND}" --color GREEN
@ -310,7 +310,7 @@
        fi
        # AllowGroups
-        FIND=$(${EGREPBINARY} -i "^AllowGroups" ${SSH_DAEMON_OPTIONS_FILE} | ${AWKBINARY} '{ print $2 }')
+        FIND=$(${GREPBINARY} -E -i "^AllowGroups" ${SSH_DAEMON_OPTIONS_FILE} | ${AWKBINARY} '{ print $2 }')
        if [ -n "${FIND}" ]; then
            LogText "Result: AllowUsers set ${FIND}"
            Display --indent 4 --text "- OpenSSH option: AllowGroups" --result "${STATUS_FOUND}" --color GREEN
--- a/include/tests_storage
+++ b/include/tests_storage
@ -38,8 +38,8 @@
        if [ -d "${ROOTDIR}etc/modprobe.d" ]; then
            FIND=$(${LSBINARY} ${ROOTDIR}etc/modprobe.d/* 2> /dev/null)
            if [ -n "${FIND}" ]; then
-                FIND1=$(${EGREPBINARY} "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
+                FIND1=$(${GREPBINARY} -E "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
-                FIND2=$(${EGREPBINARY} "install (ohci1394|firewire[-_]ohci|firewire-core) /bin/(false|true)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
+                FIND2=$(${GREPBINARY} -E "install (ohci1394|firewire[-_]ohci|firewire-core) /bin/(false|true)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
                if [ -n "${FIND1}" ] || [ -n "${FIND2}" ]; then
                    FOUND=1
                    LogText "Result: found firewire ohci driver in disabled state"
@ -49,8 +49,8 @@
            fi
        fi
        if [ -f "${ROOTDIR}etc/modprobe.conf" ]; then
-            FIND1=$(${EGREPBINARY} -r "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" "${ROOTDIR}etc/modprobe.conf" | ${GREPBINARY} -v "#")
+            FIND1=$(${GREPBINARY} -E -r "blacklist (ohci1394|firewire[-_]ohci|firewire-core)" "${ROOTDIR}etc/modprobe.conf" | ${GREPBINARY} -v "#")
-            FIND2=$(${EGREPBINARY} -r "install (ohci1394|firewire[-_]ohci|firewire-core) /bin/(false|true)" "${ROOTDIR}etc/modprobe.conf" | ${GREPBINARY} -v "#")
+            FIND2=$(${GREPBINARY} -E -r "install (ohci1394|firewire[-_]ohci|firewire-core) /bin/(false|true)" "${ROOTDIR}etc/modprobe.conf" | ${GREPBINARY} -v "#")
            if [ -n "${FIND1}" ] || [ -n "${FIND2}" ]; then
                FOUND=1
                LogText "Result: found firewire ohci driver in disabled state"
--- a/include/tests_system_integrity
+++ b/include/tests_system_integrity
@ -30,6 +30,8 @@
 #
 #################################################################################
 #
    # Test        : SINT-7010
    # Description : System Integrity Status
    if [ -x ${ROOTDIR}/usr/bin/csrutil ]; then PREQS_MET="YES"; else PREQS_MET="NO"; SKIPREASON="No CSrutil binary found"; fi
    Register --test-no SINT-7010 --os MacOS --preqs-met ${PREQS_MET} --skip-reason "${SKIPREASON}" --weight H --network NO --category security --description "System Integrity Status"
    if [ ${SKIPTEST} -eq 0 ]; then
--- a/include/tests_time
+++ b/include/tests_time
@ -139,7 +139,7 @@
        for I in ${CRONTAB_FILES}; do
            if [ -f ${I} ]; then
                LogText "Test: checking for ntpdate, rdate, sntp or ntpdig in crontab file ${I}"
-                FIND=$(${EGREPBINARY} "${CRONTAB_REGEX}" ${I} | ${GREPBINARY} -v '^#')
+                FIND=$(${GREPBINARY} -E "${CRONTAB_REGEX}" ${I} | ${GREPBINARY} -v '^#')
                if [ -n "${FIND}" ]; then
                    FOUND=1; NTP_CONFIG_TYPE_SCHEDULED=1
                    Display --indent 2 --text "- Checking NTP client in crontab file (${I})" --result "${STATUS_FOUND}" --color GREEN
@ -161,10 +161,10 @@
        for I in ${CRON_DIRS}; do
            for J in "${I}"/*; do  # iterate over folders in a safe way
                # Check: regular file, readable and not called .placeholder
-                FIND=$(echo "${J}" | ${EGREPBINARY} '/.placeholder$')
+                FIND=$(echo "${J}" | ${GREPBINARY} -E '/.placeholder$')
                if [ -f "${J}" ] && [ -r "${J}" ] && [ -z "${FIND}" ]; then
                    LogText "Test: checking for ntpdate, rdate, sntp or ntpdig in ${J}"
-                    FIND=$("${EGREPBINARY}" "${CRONTAB_REGEX}" "${J}" | "${GREPBINARY}" -v "^#")
+                    FIND=$("${GREPBINARY}" -E "${CRONTAB_REGEX}" "${J}" | "${GREPBINARY}" -v "^#")
                    if [ -n "${FIND}" ]; then
                        FOUND=1; FOUND_IN_CRON=1; NTP_CONFIG_TYPE_SCHEDULED=1
                        LogText "Result: found ntpdate, rdate, sntp or ntpdig in ${J}"
@ -232,7 +232,7 @@
    Register --test-no TIME-3106 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check systemd NTP time synchronization status"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Check the status of time synchronization via timedatectl"
-        FIND=$(${TIMEDATECTL} status | ${EGREPBINARY} "(NTP|System clock) synchronized: yes")
+        FIND=$(${TIMEDATECTL} status | ${GREPBINARY} -E "(NTP|System clock) synchronized: yes")
        if [ -z "${FIND}" ]; then
            LogText "Result: time not synchronized via NTP"
            ReportSuggestion "${TEST_NO}" "Check timedatectl output. Synchronization via NTP is enabled, but status reflects it is not synchronized"
@ -273,7 +273,7 @@
        else
            for ITEM in ${FIND}; do
                LogText "Found stratum 16 peer: ${ITEM}"
-                FIND2=$(${EGREPBINARY} "^ntp-ignore-stratum-16-peer=${ITEM}" ${PROFILE})
+                FIND2=$(${GREPBINARY} -E "^ntp-ignore-stratum-16-peer=${ITEM}" ${PROFILE})
                if IsEmpty "${FIND2}"; then
                    COUNT=$((COUNT + 1))
                    Report "ntp_stratum_16_peer[]=${ITEM}"
@ -303,7 +303,7 @@
    Register --test-no TIME-3120 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check unreliable NTP peers"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking unreliable ntp peers"
-        FIND=$(${NTPQBINARY} -p -n | ${EGREPBINARY} "^(-|#)" | ${AWKBINARY} '{ print $1 }' | ${SEDBINARY} 's/^-//g')
+        FIND=$(${NTPQBINARY} -p -n | ${GREPBINARY} -E "^(-|#)" | ${AWKBINARY} '{ print $1 }' | ${SEDBINARY} 's/^-//g')
        if [ -z "${FIND}" ]; then
            Display --indent 2 --text "- Checking unreliable ntp peers" --result "${STATUS_NONE}" --color GREEN
            LogText "Result: No unreliable peers found"
@ -371,7 +371,7 @@
    Register --test-no TIME-3132 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Check NTP falsetickers"
    if [ ${SKIPTEST} -eq 0 ]; then
        LogText "Test: Checking preferred time source"
-        FIND=$(${NTPQBINARY} -p -n | ${EGREPBINARY} '^x')
+        FIND=$(${NTPQBINARY} -p -n | ${GREPBINARY} -E '^x')
        if [ -z "${FIND}" ]; then
            Display --indent 2 --text "- Checking falsetickers" --result "${STATUS_OK}" --color GREEN
            LogText "Result: No falsetickers found (items preceding with an 'x')"
@ -455,7 +455,7 @@
        else
            LogText "Result: ${FILE} is not empty, which is fine"
            Display --indent 2 --text "- Checking NTP step-tickers file" --result "${STATUS_OK}" --color GREEN
-            sFIND=$(${AWKBINARY} '/^[a-z0-9]/ { print $1 }' ${FILE} | ${EGREPBINARY} -v "^127." | ${EGREPBINARY} -v "^::1")
+            sFIND=$(${AWKBINARY} '/^[a-z0-9]/ { print $1 }' ${FILE} | ${GREPBINARY} -E -v "^127." | ${GREPBINARY} -E -v "^::1")
            for I in ${sFIND}; do
                FIND=$(${GREPBINARY} ^${I} ${FILE} | wc -l)
                if [ ${FIND} -gt 0 ]; then
@ -553,7 +553,7 @@
    Register --test-no TIME-3182 --preqs-met "${PREQS_MET}" --weight L --network NO --category security --description "Check OpenNTPD has working peers"
    if [ ${SKIPTEST} -eq 0 ]; then
        # Format is "xx/yy peers valid, ..."
-        FIND=$(${NTPCTLBINARY} -s status | ${EGREPBINARY} -o '[0-9]+/[0-9]+' | ${CUTBINARY} -d '/' -f 1)
+        FIND=$(${NTPCTLBINARY} -s status | ${GREPBINARY} -E -o '[0-9]+/[0-9]+' | ${CUTBINARY} -d '/' -f 1)
        if [ -z "${FIND}" ] || [ "${FIND}" -eq 0 ]; then
            ReportWarning "${TEST_NO}" "OpenNTPD has no peers" "${NTPCTLBINARY} -s status"
        fi
--- a/include/tests_tooling
+++ b/include/tests_tooling
@ -259,8 +259,8 @@
    #            # Check email alert configuration
    #            LogText "Test: checking for email actions within ${FAIL2BAN_CONFIG}"
    #
-    #            FIND=$(${EGREPBINARY} "^action = \%\(action_m.*\)s" ${FAIL2BAN_CONFIG})
+    #            FIND=$(${GREPBINARY} -E "^action = \%\(action_m.*\)s" ${FAIL2BAN_CONFIG})
-    #            FIND2=$(${EGREPBINARY} "^action = \%\(action_\)s" ${FAIL2BAN_CONFIG})
+    #            FIND2=$(${GREPBINARY} -E "^action = \%\(action_\)s" ${FAIL2BAN_CONFIG})
    #
    #            if [ -n "${FIND}" ]; then
    #                FAIL2BAN_EMAIL=1
@ -400,7 +400,7 @@
 #
 #################################################################################
 #
-    # Test        : TOOL-5160
+    # Test        : TOOL-5126
    # Description : Check for OSSEC
    Register --test-no TOOL-5126 --weight L --network NO --category security --description "Check for active OSSEC daemon"
    if [ ${SKIPTEST} -eq 0 ]; then
@ -428,6 +428,35 @@
    fi
 #
 #################################################################################
 #
    # Test        : TOOL-5128
    # Description : Check for Wazuh daemon
    Register --test-no TOOL-5128 --weight L --network NO --category security --description "Check for active Wazuh daemon"
    if [ ${SKIPTEST} -eq 0 ]; then
        # Server side
        if IsRunning "wazuh-analysisd"; then
            IDS_IPS_TOOL_FOUND=1
            Report "ids_ips_tooling[]=wazuh"
            Report "ids_ips_tooling[]=wazuh-analysisd"
            LogText "Result: Wazuh analysis daemon is active"
            Display --indent 2 --text "- Checking presence of Wazuh (analysis)" --result "${STATUS_FOUND}" --color GREEN
        else
            LogText "Result: Wazuh analysis daemon not active"
        fi
        # Client side
        if IsRunning "wazuh-agentd"; then
            IDS_IPS_TOOL_FOUND=1
            Report "ids_ips_tooling[]=wazuh"
            Report "ids_ips_tooling[]=wazuh-agentd"
            LogText "Result: Wazuh agent daemon is active"
            Display --indent 2 --text "- Checking presence of Wazuh (agent)" --result "${STATUS_FOUND}" --color GREEN
        else
            LogText "Result: Wazuh agent daemon not active"
        fi
    fi
 #
 #################################################################################
 #
    # Test        : TOOL-5190
    # Description : Check for an IDS/IPS tool
--- a/include/tests_usb
+++ b/include/tests_usb
@ -54,8 +54,8 @@
        if [ -d /etc/modprobe.d ]; then
            FIND=$(${LSBINARY} ${ROOTDIR}etc/modprobe.d/* 2> /dev/null)
            if [ -n "${FIND}" ]; then
-                FIND=$(${EGREPBINARY} -r "install usb[-_]storage /bin/(false|true)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
+                FIND=$(${GREPBINARY} -E -r "install usb[-_]storage /bin/(false|true)" ${ROOTDIR}etc/modprobe.d/* | ${GREPBINARY} -v "#")
-                FIND2=$(${EGREPBINARY} -r "^blacklist usb[-_]storage" ${ROOTDIR}etc/modprobe.d/*)
+                FIND2=$(${GREPBINARY} -E -r "^blacklist usb[-_]storage" ${ROOTDIR}etc/modprobe.d/*)
                if [ -n "${FIND}" -o -n "${FIND2}" ]; then
                    FOUND=1
                    LogText "Result: found usb-storage driver in disabled state (blacklisted)"
@ -65,7 +65,7 @@
            fi
        fi
        if [ -f ${ROOTDIR}etc/modprobe.conf ]; then
-            FIND=$(${EGREPBINARY} "install usb[-_]storage /bin/(false|true)" ${ROOTDIR}etc/modprobe.conf | ${GREPBINARY} "usb-storage" | ${GREPBINARY} -v "#")
+            FIND=$(${GREPBINARY} -E "install usb[-_]storage /bin/(false|true)" ${ROOTDIR}etc/modprobe.conf | ${GREPBINARY} "usb-storage" | ${GREPBINARY} -v "#")
            if [ -n "${FIND}" ]; then
                FOUND=1
                LogText "Result: found usb-storage driver in disabled state"
@ -316,11 +316,11 @@
                    Display --indent 4 --text "- RuleFile" --result "${STATUS_FOUND}" --color GREEN
                    AddHP 1 1
-                    USBGUARD_RULES_ALLOW=$(${EGREPBINARY} -c "^allow" ${USBGUARD_RULES})
+                    USBGUARD_RULES_ALLOW=$(${GREPBINARY} -E -c "^allow" ${USBGUARD_RULES})
                    Display --indent 6 --text "- Controllers & Devices allow" --result "${USBGUARD_RULES_ALLOW}" --color WHITE
-                    USBGUARD_RULES_BLOCK=$(${EGREPBINARY} -c "^block" ${USBGUARD_RULES})
+                    USBGUARD_RULES_BLOCK=$(${GREPBINARY} -E -c "^block" ${USBGUARD_RULES})
                    Display --indent 6 --text "- Controllers & Devices block" --result "${USBGUARD_RULES_BLOCK}" --color WHITE
-                    USBGUARD_RULES_REJECT=$(${EGREPBINARY} -c "^reject" ${USBGUARD_RULES})
+                    USBGUARD_RULES_REJECT=$(${GREPBINARY} -E -c "^reject" ${USBGUARD_RULES})
                    Display --indent 6 --text "- Controllers & Devices reject" --result "${USBGUARD_RULES_REJECT}" --color WHITE
                else
                    LogText "Result: RuleFile not found (\"man usbguard\" for instructions to install initial policies)"
--- a/include/tests_webservers
+++ b/include/tests_webservers
@ -48,6 +48,8 @@
    TMPFILE="${TEMP_FILE}"
    CreateTempFile || ExitFatal
    TMPFILE2="${TEMP_FILE}"
    CreateTempFile || ExitFatal
    TMPFILE3="${TEMP_FILE}"
 #
 #################################################################################
 #
@ -63,7 +65,7 @@
            Display --indent 2 --text "- Checking Apache" --result "${STATUS_NOT_FOUND}" --color WHITE
        else
            LogText "Test: Scanning for Apache binary"
-            IS_APACHE=$(${HTTPDBINARY} -v 2> /dev/null | ${EGREPBINARY} '[aA]pache')
+            IS_APACHE=$(${HTTPDBINARY} -v 2> /dev/null | ${GREPBINARY} -E '[aA]pache')
            if IsEmpty "${IS_APACHE}"; then
                LogText "Result: ${HTTPDBINARY} is not Apache"
                Display --indent 2 --text "- Checking Apache (binary ${HTTPDBINARY})" --result "NO MATCH" --color WHITE
@ -203,7 +205,7 @@
    #if [ ${SKIPTEST} -eq 0 ]; then
    #    # Testing Debian style
    #    LogText "Test: searching loaded/enabled Apache modules"
-    #    apachectl -t -D DUMP_MODULES 2>&1 | ${EGREPBINARY} -v "(Loaded Modules|Syntax OK)" | ${SEDBINARY} 's/(\(shared\|static\))//' | ${SEDBINARY} 's/ //'
+    #    apachectl -t -D DUMP_MODULES 2>&1 | ${GREPBINARY} -E -v "(Loaded Modules|Syntax OK)" | ${SEDBINARY} 's/(\(shared\|static\))//' | ${SEDBINARY} 's/ //'
    #    for I in ${APACHE_MODULES_ENABLED_LOCS}; do
    #        LogText "Test: checking ${I}"
    #        if [ -d ${I} ]; then
@ -300,8 +302,42 @@
 #
 #################################################################################
 #
-    # Test        : HTTP-6660 TODO
+    # Test        : HTTP-6660
    # Description : Search for "TraceEnable off" in configuration files
    if [ ${APACHE_INSTALLED} -eq 1 ]; then PREQS_MET="YES"; else PREQS_MET="NO"; fi
    Register --test-no HTTP-6660 --preqs-met ${PREQS_MET} --weight L --network NO --category security --description "Checking Apache security setting: TraceEnable"
    if [ ${SKIPTEST} -eq 0 ]; then
        for DIR in ${sTEST_APACHE_TARGETS}; do
            if [ -d ${DIR} ]; then
                find ${DIR} -name "*.conf" -print >> ${TMPFILE3}
            fi
        done
        # Check all Apache conf-files for TraceEnable
        if [ -f ${TMPFILE3} ]; then
            Display --indent 2 --text '- Checking TraceEnable setting in:'
            for APACHE_CONFFILE in $(cat ${TMPFILE3}); do
                TRACEENABLE=$( ${GREPBINARY} -i -E '^TraceEnable' ${APACHE_CONFFILE} | ${AWKBINARY} '{print $2}' )
                if [ ! ${TRACEENABLE} ]; then
                    LogText "Result: no TraceEnable setting found in ${APACHE_CONFFILE}"
                    Display --indent 4 --text "  ${APACHE_CONFFILE}" --result "${STATUS_NOT_FOUND}" --color WHITE
                else
                    TRACEENABLED_SETTING=$( echo ${TRACEENABLE} | tr 'A-Z' 'a-z' )
                    if [ x${TRACEENABLED_SETTING} == x'off' ]; then
                        LogText "Result: found TraceEnable setting set to 'off' in ${APACHE_CONFFILE}"
                        Report "Apache setting: 'TraceEnable Off' in ${APACHE_CONFFILE}"
                        Display --indent 4 --text "  ${APACHE_CONFFILE}" --result "${STATUS_FOUND}" --color GREEN
                    else
                        LogText "Result: found TraceEnable setting set to '"${TRACEENABLE}"' in ${APACHE_CONFFILE}"
                        Report "Apache setting: 'TraceEnable "${TRACEENABLE}"' in ${APACHE_CONFFILE}"
                        Display --indent 4 --text "  ${APACHE_CONFFILE}" --result "${STATUS_SUGGESTION}" --color YELLOW
                        ReportSuggestion "${TEST_NO}" "Consider setting 'TraceEnable Off' in ${APACHE_CONFFILE}" "Set TraceEnable to 'On' or 'extended' for testing and diagnostic purposes only."
                    fi
                fi
            done
            rm -f ${TMPFILE3}
        fi
    fi
 #
 #################################################################################
 #
@ -381,7 +417,7 @@
        done
        # Sort all discovered configuration lines and store unique ones. Also strip out the mime types configured in nginx
-        SORTFILE=$(${SORTBINARY} -u ${TMPFILE} | ${SEDBINARY} 's/ /:space:/g' | ${EGREPBINARY} -v "(application|audio|image|text|video)/" | ${EGREPBINARY} -v "({|})")
+        SORTFILE=$(${SORTBINARY} -u ${TMPFILE} | ${SEDBINARY} 's/ /:space:/g' | ${GREPBINARY} -E -v "(application|audio|image|text|video)/" | ${GREPBINARY} -E -v "({|})")
        for I in ${SORTFILE}; do
            I=$(echo ${I} | ${SEDBINARY} 's/:space:/ /g')
            Report "nginx_config_option[]=${I}";
@ -608,6 +644,7 @@
    # Remove temp file (double check)
    if [ -n "${TMPFILE}" ]; then if [ -f ${TMPFILE} ]; then rm -f ${TMPFILE}; fi; fi
    if [ -n "${TMPFILE2}" ]; then if [ -f ${TMPFILE2} ]; then rm -f ${TMPFILE2}; fi; fi
    if [ -n "${TMPFILE3}" ]; then if [ -f ${TMPFILE3} ]; then rm -f ${TMPFILE3}; fi; fi
    WaitForKeyPress
--- a/14
+++ b/14
@ -43,16 +43,16 @@
    PROGRAM_WEBSITE="https://cisofy.com/lynis/"
    # Version details
-    PROGRAM_RELEASE_DATE="2022-05-17"
+    PROGRAM_RELEASE_DATE="2024-03-18"
-    PROGRAM_RELEASE_TIMESTAMP=1652791205
+    PROGRAM_RELEASE_TIMESTAMP=1710671337
-    PROGRAM_RELEASE_TYPE="release" # pre-release or release
+    PROGRAM_RELEASE_TYPE="pre-release" # pre-release or release
-    PROGRAM_VERSION="3.0.8"
+    PROGRAM_VERSION="3.1.2"
    # Source, documentation and license
    PROGRAM_SOURCE="https://github.com/CISOfy/lynis"
    PROGRAM_PACKAGE="https://packages.cisofy.com/"
    PROGRAM_DOCUMENTATION="https://cisofy.com/docs/"
-    PROGRAM_COPYRIGHT="2007-2021, ${PROGRAM_AUTHOR} - ${PROGRAM_WEBSITE}"
+    PROGRAM_COPYRIGHT="2007-2024, ${PROGRAM_AUTHOR} - ${PROGRAM_WEBSITE}"
    PROGRAM_LICENSE="${PROGRAM_NAME} comes with ABSOLUTELY NO WARRANTY. This is free software, and you are
  welcome to redistribute it under the terms of the GNU General Public License.
  See the LICENSE file for details about using this software."
@ -217,10 +217,10 @@
    # Extract the short notation of the language (first two characters).
    if [ -x "$(command -v locale 2> /dev/null)" ]; then
-        LANGUAGE=$(locale | egrep "^LANG=" | cut -d= -f2 | cut -d_ -f1 | tr -d '"' | egrep "^[a-z]{2}$")
+        LANGUAGE=$(locale | grep -E "^LANG=" | cut -d= -f2 | cut -d_ -f1 | tr -d '"' | grep -E "^[a-z]{2}$")
        # Try locale command if shell variable had no value
        if [ -z "${DISPLAY_LANG}" ]; then
-            DISPLAY_LANG=$(locale | egrep "^LANG=" | cut -d= -f2)
+            DISPLAY_LANG=$(locale | grep -E "^LANG=" | cut -d= -f2)
        fi
    else
        LANGUAGE="en"