• This repository has been archived on 03/Mar/2024
  • Stars
    star
    406
  • Rank 106,421 (Top 3 %)
  • Language
    HTML
  • License
    Apache License 2.0
  • Created almost 7 years ago
  • Updated 8 months ago

Reviews

There are no reviews yet. Be the first to send feedback to the community and the maintainers!

Repository Details

Easy-to-use live forensics toolbox for Linux endpoints

Linux Expl0rer

Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.

Alt Text

Capabilities

ps

users

  • users list

find

  • Search for suspicious files by name/regex

netstat

  • Whois

logs

  • syslog
  • auth.log(user authentication log)
  • ufw.log(firewall log)
  • bash history

anti-rootkit

  • chkrootkit

yara

  • Scan a file or directory using YARA signatures by @Neo23x0
  • Scan a running process memory address space
  • Upload your own YARA signature

Requirements

  • Python 3.6

Installation

wget https://github.com/intezer/linux-explorer/archive/master.zip -O master.zip
unzip master.zip
cd linux-explorer-master
./deploy.sh

Usage

  1. Start your browser
firefox http://127.0.0.1:8080

Configure API keys (optional)

nano config.py

Edit following lines:

INTEZER_APIKEY = '<key>'
VT_APIKEY = '<key>'
OTX_APIKEY = '<key>'
MALSHARE_APIKEY = '<key>'

Notes

Misc

More Repositories

1

docker-ida

Run IDA Pro disassembler in Docker containers for automating, scaling and distributing the use of IDAPython scripts.
Python
284
star
2

yara-rules

YARA
121
star
3

MemoryPatchDetector

Detects code differentials between executables in disk and the corresponding processes/modules in memory
Python
113
star
4

GithubDownloader

Find and download files from multiple Github repositories
Python
98
star
5

MoP

MoP - "Master of Puppets" - Advanced malware tracking framework
Python
81
star
6

analyze-community-ghidra-plugin

Ghidra plugin for https://analyze.intezer.com
Python
69
star
7

Malware-Reverse-Engineering-for-Beginners

This repository contains relevant samples and data related to "Malware Reverse Engineering for Beginners" articles.
C
59
star
8

log4jscan

Shell
58
star
9

ELF-Malware-Analysis-101

This repository contains relevant samples and data related to the ELF Malware Analysis 101 articles
C
38
star
10

ssdeep-elastic

An example for implementation of ssdeep similarity search optimized with elasticsearch
Python
36
star
11

analyze-python-sdk

Basic SDK for Intezer Analyze API 2.0
Python
28
star
12

analyze-scripts

Python
25
star
13

ost-map

YARA
20
star
14

scripts

Python
16
star
15

DynamicDNS

Finds dynamic DNS (like no-ip.org) domains from a given list of domains
Python
14
star
16

ssdeep-windows

Python
12
star
17

analyze-cli

Python
12
star
18

community-intellignce

Here we gather IOCs that are related to campaigns initiated by APTs and Cybercrime groups.
11
star
19

intezer-volatility-plugin

Intezer plugin for Volatility 3 to conduct memory dump analysis.
Python
8
star
20

CassandraAccessControl

Weโ€™re releasing an open-source tool you can use now, which we developed as a homemade Just-In-Time database access control tool for our sensitive database. This tool syncs with our directory service, slack, SIEM, and finally, our Apache Cassandra database.
Python
6
star
21

Linux-binaries-map

JavaScript
6
star
22

r2analyze

Python
5
star
23

EDRConnectDeployment

Deployment For Intezer's EDR Connect
PowerShell
2
star
24

intezer.github.io

CSS
2
star
25

Windows11-FlareVM-Install

2
star
26

vs-autocompiler

PowerShell
1
star
27

EDRConnect

Python
1
star
28

microsoft-sentinel-integration

1
star
29

python-cassandra-driver

A docker image where python installed with datastax's cassandra driver
Shell
1
star