Skip to content
This repository has been archived by the owner on Jun 24, 2023. It is now read-only.
/ inspector Public archive

A security tool with the purpose of identifying users who have both successfully and unsuccessfully switched to root or another user on Linux based distributions.

License

Notifications You must be signed in to change notification settings

StrangeRanger/inspector

Repository files navigation

Inspector

Project Tracker Platform Code style: black CodeFactor

Inspector is a security tool with the purpose of identifying users who have both successfully and unsuccessfully switched to root or another user on Linux based Distributions. It does this by scanning through /var/log/auth.log for specific patterns that indicate specific actions/executed commands.

Getting Started

Prerequisites

Install the required dependencies using either of the following commands:

  • python3 -m pip install -r requirements.txt (installs globally)
  • pipenv install -r requirements.txt (installs locally via pipenv)

Installing

All you need to do is download the repository. There are no binaries or anything to install.

git clone https://github.com/StrangeRanger/inspector/

Usage

Because Inspector needs to access /var/log/auth.log, you'll be required to execute Inspector with root priviledge:

sudo python3 inspector.py

Supported Distributions

The following is a list of all the Linux Distributions that Inspector officially supports and works on:

Distributions Distro Versions
Ubuntu 20.04
16.04
18.04
Debian 10
9

About

A security tool with the purpose of identifying users who have both successfully and unsuccessfully switched to root or another user on Linux based distributions.

Topics

Resources

License

Stars

Watchers

Forks

Packages

No packages published