Skip to content
No description, website, or topics provided.
Python
Branch: master
Clone or download
Latest commit ea13f14 Feb 20, 2018
Permalink
Type Name Latest commit message Commit time
Failed to load latest commit information.
LICENSE Specify repository license as GPL 3 Oct 9, 2017
README.md Update README.md Oct 19, 2017
fastIR_collector_linux.py

README.md

FastIR Collector Linux

Concepts

This tool collects different artefacts on live Linux and records the results in csv files. With the analysis of these artefacts, an early compromission can be detected. All code must be in a python 2 file and support starts at 2.4. This program should be run as root.

Artefacts

  • System Informations

    • Kernel version
    • Kernel modules
    • Network interfaces
    • Hostname
    • Distribution versions
  • Last Logins

  • Connexions

  • Handles

  • User's data

    • Hidden files in Users profiles
    • SSH know_host files
  • /tmp content

  • Autoruns

    • /etc/*.d
    • /etc/crontab
    • /etc/cron.*/
  • Disks Informations

    • List of partitions
    • MBR
  • Files System Informations

You can’t perform that action at this time.