aide ☆

« Back to VersTracker

Description:
File and directory integrity checker

Type: Formula | Latest Version: 0.19.2@0 | Tracked Since: Dec 17, 2025

Links: Homepage | formulae.brew.sh

Category: Security

Tags: security integrity monitoring auditing fim

Install: brew install aide

About:
AIDE (Advanced Intrusion Detection Environment) is a file and directory integrity checker that creates a database of file checksums and metadata. It periodically compares the current state of the filesystem against this baseline to detect unauthorized modifications, deletions, or additions. This tool is essential for security auditing and monitoring critical system files for changes.

Key Features:

Supports multiple strong hash algorithms including SHA256, SHA512, and MD5
Can detect changes in file permissions, ownership, and timestamps
Database can be stored securely and compared from a read-only medium
Flexible configuration allows for selective monitoring of directories
Supports compression of the integrity database

Use Cases:

Monitoring critical system files and binaries for rootkits or unauthorized changes
Verifying the integrity of web server content and application files
Compliance auditing for security standards that require file integrity monitoring

Alternatives:

Tripwire – Tripwire is another industry-standard FIM tool, but AIDE is open-source and often considered easier to configure for basic use cases.
OSSEC – OSSEC is a host-based intrusion detection system (HIDS) that includes log analysis and rootkit detection in addition to file integrity monitoring.

License: GPL-2.0-or-later

Dependencies: libgcrypt, libgpg-error, pcre2

Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, arm64_ventura, sonoma, ventura, arm64_linux, x86_64_linux

Version History

Detected	Version	Rev	Change	Commit
Sep 14, 2025 2:08pm		0	VERSION_BUMP	3b17394c
Nov 17, 2024 4:39pm		0	VERSION_BUMP	5c010ce8