{"id":13809830,"url":"https://github.com/SekoiaLab/Fastir_Collector_Linux","last_synced_at":"2025-05-14T10:31:08.847Z","repository":{"id":77509021,"uuid":"50354664","full_name":"SekoiaLab/Fastir_Collector_Linux","owner":"SekoiaLab","description":null,"archived":false,"fork":false,"pushed_at":"2021-01-26T08:20:51.000Z","size":25,"stargazers_count":173,"open_issues_count":2,"forks_count":42,"subscribers_count":23,"default_branch":"master","last_synced_at":"2024-11-19T03:40:49.837Z","etag":null,"topics":[],"latest_commit_sha":null,"homepage":null,"language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"gpl-3.0","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/SekoiaLab.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null}},"created_at":"2016-01-25T14:10:58.000Z","updated_at":"2024-11-14T07:44:22.000Z","dependencies_parsed_at":null,"dependency_job_id":"e0df3466-92c2-422f-bd2c-714610e3c074","html_url":"https://github.com/SekoiaLab/Fastir_Collector_Linux","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SekoiaLab%2FFastir_Collector_Linux","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SekoiaLab%2FFastir_Collector_Linux/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SekoiaLab%2FFastir_Collector_Linux/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/SekoiaLab%2FFastir_Collector_Linux/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/SekoiaLab","download_url":"https://codeload.github.com/SekoiaLab/Fastir_Collector_Linux/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":254120624,"owners_count":22018024,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":[],"created_at":"2024-08-04T02:00:37.082Z","updated_at":"2025-05-14T10:31:08.585Z","avatar_url":"https://github.com/SekoiaLab.png","language":"Python","readme":"# FastIR Collector Linux\n\n**We changed our approach to live forensics acquisition, which means FastIR Collector is no longer maintained. We recommend using our new [FastIR Artifacts collector](https://github.com/SekoiaLab/fastir_artifacts) instead**\n\n## Concepts\nThis tool collects different artefacts on live Linux and records the results in csv files.\nWith the analysis of these artefacts, an early compromission can be detected.\nAll code must be in a python 2 file and support starts at 2.4. This program should be run as root.\n\n## Artefacts\n\n* System Informations   \n  * Kernel version\n  * Kernel modules\n  * Network interfaces\n  * Hostname\n  * Distribution versions\n\n* Last Logins\n\n* Connexions\n\n* Handles\n\n* User's data\n  * Hidden files in Users profiles\n  * SSH know_host files\n\n* /tmp content\n\n* Autoruns\n  * /etc/\\*.d\n  * /etc/crontab\n  * /etc/cron.\\*/\n\n* Disks Informations  \n  * List of partitions\n  * MBR\n\n* Files System Informations\n  \n","funding_links":[],"categories":["IR Tools Collection","Links","IR tools Collection"],"sub_categories":["Linux Evidence Collection","Incident Response"],"project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSekoiaLab%2FFastir_Collector_Linux","html_url":"https://awesome.ecosyste.ms/projects/github.com%2FSekoiaLab%2FFastir_Collector_Linux","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2FSekoiaLab%2FFastir_Collector_Linux/lists"}