RCLocals is inspired by ‘Autoruns’ from Sysinternals, RCLocals analyzes all Linux startup possibilities to find backdoors, also performs process integrity verification, scan for DLL injected processes and much more
·List GPG keys trusted by the system
·Installed Packages
·File integrity
·Process integrity (process and libraries loaded in a process that not belongs to any installed package)
·Processes with name spoofed (processes that use prctl() to change their name in /bin/ps)
·CRON entries
·RC files
·X system startup files
·Active Systemd Units
·Systemd Timer Units
·tmpfiles.d
·linger users
For only suspicious information:
#python3 rclocals.py –triage
For detailed information:
#python3 rclocals.py –all
Learning Without Walls Remote education has long been a lifeline for students in rural areas…
Have you ever come across a picture on the internet and wondered where it came…
Overview WhatsMyName is a free, community-driven OSINT tool designed to identify where a username exists…
Managing disk usage is a crucial task for Linux users and administrators alike. Understanding which…
Efficient disk space management is vital in Linux, especially for system administrators who manage servers…
Knowing how to check directory sizes in Linux is essential for managing disk space and…