Giters

StrangeRanger / inspector

A security tool with the purpose of identifying users who have both successfully and unsuccessfully switched to root or another user on Linux based distributions.

Home Page:https://strangeranger.github.io/inspector/

Geek Repo:Geek Repo

Github PK Tool:Github PK Tool

securityroot-privilegesrootsecurity-toolsswitch-userpython3linuxidentifying-usersinspector

Inspector

Project Tracker Platform Code style: black CodeFactor

Inspector is a security tool with the purpose of identifying users who have both successfully and unsuccessfully switched to root or another user on Linux based Distributions. It does this by scanning through /var/log/auth.log for specific patterns that indicate specific actions/executed commands.

Getting Started

Prerequisites

Install the required dependencies using either of the following commands:

  • python3 -m pip install -r requirements.txt (installs globally)
  • pipenv install -r requirements.txt (installs locally via pipenv)

Installing

All you need to do is download the repository. There are no binaries or anything to install.

git clone https://github.com/StrangeRanger/inspector/

Usage

Because Inspector needs to access /var/log/auth.log, you'll be required to execute Inspector with root priviledge:

sudo python3 inspector.py

Supported Distributions

The following is a list of all the Linux Distributions that Inspector officially supports and works on:

Distributions Distro Versions
Ubuntu 20.04
16.04
18.04
Debian 10
9

About

A security tool with the purpose of identifying users who have both successfully and unsuccessfully switched to root or another user on Linux based distributions.

https://strangeranger.github.io/inspector/

securityroot-privilegesrootsecurity-toolsswitch-userpython3linuxidentifying-usersinspector

License:GNU General Public License v2.0

Languages

Language:Python 83.9%Language:Shell 16.1%