- Saves established connections and listening ports, including those using raw sockets
- Lists current processes and shows parents and child programs with resource usage
- verify the integrity of aptitude packages
- List current IP table rules
- List current network interfaces with CIDR ranges and current IP address
- List current open file descriptors
- List current users on the machine and also user groups
- Shows systemd journal
- Shows current sudo configuration
- Saves bash and python history for root and all users
- Saves authorized keys and know hosts for all users
- Saves SSHD configuration
- Saves current DNS settings
- Saves cron jobs for all users
- Tars all files
-
Notifications
You must be signed in to change notification settings - Fork 0
xprotectszn/Linux-IR-automation
Folders and files
| Name | Name | Last commit message | Last commit date | |
|---|---|---|---|---|
Repository files navigation
About
Bash script to collect forensic artifacts during an incident.
Resources
Stars
Watchers
Forks
Releases
No releases published
Packages 0
No packages published