TuxResponse - Linux Incident Response

(358 views)

TuxResponse is incident response script for linux systems written in bash. It can automate incident response activities on Linux systems and enable you to triage systems quickly, while not compromising with the results. Usually corporate systems would have some kind of monitoring and control, but there are exceptions due to shadow IT and non-standard images deployed in corps. What amounts to typing of 10 commands with trial end testing, can be done in a press of a button. Tested on: Ubuntu 14+ CentOS 7+ Primary purpose: Take advantage of built-in tools and functionality in Linux (tools like dd, awk, grep, cat, netstat, etc) Reduce the amount of commands incident responder needs to remember/use in response scenario. Automation External tools in the package: LiME Exif Chckrootkit Yara + Linux scanning rules (needs network to fetch the repo) Example automation: INSTALL LiME function init_lime(){ if [ -f /usr/bin/yum ]; then yum -y....

January 10, 2020
Subscribe
Notify of
guest
0 Comments
Inline Feedbacks
View all comments
© HAKIN9 MEDIA SP. Z O.O. SP. K. 2023
What certifications or qualifications do you hold?
Max. file size: 150 MB.
What level of experience should the ideal candidate have?
What certifications or qualifications are preferred?

Download Free eBook

Step 1 of 4

Name(Required)

We’re committed to your privacy. Hakin9 uses the information you provide to us to contact you about our relevant content, products, and services. You may unsubscribe from these communications at any time. For more information, check out our Privacy Policy.