LinuxCheck : Linux Information Collection Script 2019

LinuxCheck is a small Linux information collection script is mainly used for emergency response. It can be used under Debian or Centos.

Features

  • CPU TOP10, memory TOP10
  • CPU usage
  • boot time
  • Hard disk space information
  • User information, passwd information
  • Environmental variable detection
  • Service list
  • System program changes (debsums -e and rpm -va)
  • Network traffic statistics
  • Network connection, listening port
  • Open port
  • Routing table information
  • Route forwarding
  • ARP
  • DNS Server
  • SSH login information
  • SSH login IP
  • iptables information
  • SSH key detection
  • SSH burst IP
  • Crontab detection
  • Crontab backdoor detection
  • Find common configuration files
  • Find common software
  • Audit history files
  • Querying HOSTS files
  • lsmod exception kernel module
  • Anomaly file detection (nc, tunnel, proxy common hacker tools)
  • Large file detection (some large files packaged)
  • Free space, hard disk mount
  • Open port
  • LD_PRELOAD detection
  • LD_LIBRARY_PATH
  • ld.so.preload
  • NIC promiscuous mode
  • Most used software
  • Change the file mtime in the last 7 days
  • Change the file ctime in the last 7 days
  • View SUID file
  • Find: hidden files
  • Find sensitive files (nc, nmap, tunnel)
  • alias
  • LSOF -L1
  • SSHD
  • Find bash bounce shell
  • php webshell scan
  • jsp webshell scan
  • asp / aspx webshell scan
  • Detection of mining process
  • rkhunter scan

Also Read – Sooty : The SOC Analysts All-In-One CLI Tool To Automate & Speed Up Workflow

Usage

Networking status:

apt-get install silversearcher-ag
yum -y install the_silver_searcher

Offline status:

Debian:dpkg -i silversearcher-ag_2.2.0-1+b1_amd64.deb
Centos:rpm -ivh the_silver_searcher-2.1.0-1.el7.x86_64.rpm

$git clone https://github.com/al0ne/LinuxCheck.git
$chmod u+x LinuxCheck.sh
$./LinuxCheck.sh
If you have installed ag and rkhunter, you can directly use the following command:
$ bash -c “$(curl -sSL https://raw.githubusercontent.com/al0ne/LinuxCheck/master/LinuxCheck.sh)”
The file will be saved in the format $ipaddr_hostname_username_timestamp.log

Download
R K

Share
Published by
R K
Tags: linuxLinuxCheck
6 years ago

Recent Posts

How To Use Variables In Bash Scripts

Introduction Variables are one of the most important basics of Bash scripting. A variable is…

17 hours ago

How To Run A Bash Script In Linux Step By Step

Introduction Running a Bash script in Linux is a basic but important skill for anyone…

17 hours ago

How To Write Your First Bash Script In Linux Step By Step

Introduction Writing your first Bash script in Linux is one of the best ways to…

17 hours ago

Install Docker on Ubuntu 24.04 With Easy Setup Guide

Docker has become one of the most important tools in modern software development. If you…

18 hours ago

APT Command Linux: Essential Package Management Guide

The APT Command Linux users rely on is one of the most powerful tools for…

21 hours ago

Install RPM on Ubuntu: Easy Guide to Run RPM Packages

Ubuntu users usually install software through .deb packages or the APT package manager. However, some…

1 day ago