Fastir_Collector_Linux

by SekoiaLab

133 Stars 43 Forks Last release: Not found GNU General Public License v3.0 10 Commits 0 Releases

Available items

No Items, yet!

The developer of this repository has not created any items for sale yet. Need a bug fixed? Help with integration? A different license? Create a request here:

FastIR Collector Linux

Concepts

This tool collects different artefacts on live Linux and records the results in csv files. With the analysis of these artefacts, an early compromission can be detected. All code must be in a python 2 file and support starts at 2.4. This program should be run as root.

Artefacts

  • System Informations

    • Kernel version
    • Kernel modules
    • Network interfaces
    • Hostname
    • Distribution versions
  • Last Logins

  • Connexions

  • Handles

  • User's data

    • Hidden files in Users profiles
    • SSH know_host files
  • /tmp content

  • Autoruns

    • /etc/*.d
    • /etc/crontab
    • /etc/cron.*/
  • Disks Informations

    • List of partitions
    • MBR
  • Files System Informations

We use cookies. If you continue to browse the site, you agree to the use of cookies. For more information on our use of cookies please see our Privacy Policy.