{"id":18004038,"url":"https://github.com/chriskalix/emergency-check","last_synced_at":"2025-03-26T10:31:00.931Z","repository":{"id":134213080,"uuid":"204876915","full_name":"chriskaliX/Emergency-check","owner":"chriskaliX","description":"A simple tool to do linux emergency check","archived":false,"fork":false,"pushed_at":"2020-03-16T07:40:33.000Z","size":81,"stargazers_count":10,"open_issues_count":0,"forks_count":3,"subscribers_count":1,"default_branch":"master","last_synced_at":"2025-03-21T15:00:36.105Z","etag":null,"topics":["emergency-alert","emergency-check","linux","python3","security","security-tools"],"latest_commit_sha":null,"homepage":"","language":"Python","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/chriskaliX.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":null,"license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":null,"support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null}},"created_at":"2019-08-28T07:46:55.000Z","updated_at":"2024-08-12T19:52:26.000Z","dependencies_parsed_at":null,"dependency_job_id":"8e299b6f-0739-4597-86d9-942e4dc6311a","html_url":"https://github.com/chriskaliX/Emergency-check","commit_stats":null,"previous_names":[],"tags_count":0,"template":false,"template_full_name":null,"repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chriskaliX%2FEmergency-check","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chriskaliX%2FEmergency-check/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chriskaliX%2FEmergency-check/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/chriskaliX%2FEmergency-check/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/chriskaliX","download_url":"https://codeload.github.com/chriskaliX/Emergency-check/tar.gz/refs/heads/master","host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":245636083,"owners_count":20647899,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["emergency-alert","emergency-check","linux","python3","security","security-tools"],"created_at":"2024-10-30T00:13:14.628Z","updated_at":"2025-03-26T10:31:00.926Z","avatar_url":"https://github.com/chriskaliX.png","language":"Python","funding_links":[],"categories":[],"sub_categories":[],"readme":"\u003c!--\n * @Author: chriskali\n --\u003e\n# Emergency Alert Script\n\n\u003e 这是一款linux下的简单应急响应脚本。这是我在学习GScan之后的学习成果，GScan是一个不论在学习和应急响应上都很好的工具。\n\n\u003e This Script is use for check linux emergency security check.This script is my production of learning [Gscan](https://github.com/grayddq/GScan). GScan is a great tool to both learn and do emergency check.\n\n## Author\n\nChriskaliX\n\n## Usage\n\npython3 main.py\n\n(ONLY python\u003e3.6 supported)\n\n## Run pic\n\n![image](https://github.com/chriskaliX/Emergency-check/blob/master/imgs/showpic.png)\n\n## Check list\n\n\u003e Backdoor\n\n|Checklist|\n|-|\n|LD_PRELOAD|\n|LD_AOUT_PRELOAD|\n|LD_ELF_PRELOAD|\n|LD_LIBRARY_PATH|\n|PROMPT_COMMAND|\n|Ld_so_preload|\n|Cron_check|\n|SSH Process|\n|SSH Softlink|\n|SSH wrapper|\n|Inted|\n|Xinetd|\n|Setuid|\n|Chmod 777(Useless maybe?)|\n|Startup check|\n|Alias|\n\n\u003e Configuration\n\n|Checklist|\n|-|\n|Dns check|\n|Iptables check|\n|Host check|\n|Promiscuous check|\n\n\u003e History Check\n\n|Checklist|\n|-|\n|History check|\n\n\u003e Log Check\n\n|Checklist|\n|-|\n|wtmp|\n|utmp|\n|lastlog|\n|authlog|\n\n\u003e Process Check\n\n|Checklist|\n|-|\n|cpu_mem_check|\n|shell_check|\n|exe_check|\n\n\u003e User Check\n\n|Checklist|\n|-|\n|root check|\n|empty check|\n|sudo check|\n|authorized_check|\n|permission_check|\n\n## Difference\n\n- Pure python3,No Linux command used\n- some differences between file check\n- delete some plugins\n\n## Update log\n\n- 2019-11-01:\n  - fix the softlink problem\n  - fix the logical of backdoor check\n- 2020-03-16:\n  - some explations\n  - add ruby detect in analysis file\n\n## Others \u0026 Reference\n\n- https://xz.aliyun.com/t/7338\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchriskalix%2Femergency-check","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fchriskalix%2Femergency-check","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fchriskalix%2Femergency-check/lists"}