{"id":20322885,"url":"https://github.com/naemazam/logforenix","last_synced_at":"2025-10-14T05:36:05.684Z","repository":{"id":227423423,"uuid":"771394595","full_name":"naemazam/logForenix","owner":"naemazam","description":"log Forenix 🕵️- Your Linux Forensic Artifacts Collector Tool! 🚀","archived":false,"fork":false,"pushed_at":"2024-06-18T09:39:53.000Z","size":964,"stargazers_count":31,"open_issues_count":0,"forks_count":1,"subscribers_count":1,"default_branch":"main","last_synced_at":"2025-04-11T19:53:05.697Z","etag":null,"topics":["cyber-security","cybersecurity","cybersecurity-tools","forensic","forensic-analysis","forensics","forensics-investigations","forensics-tools","linux","log","logging"],"latest_commit_sha":null,"homepage":"","language":"Shell","has_issues":true,"has_wiki":null,"has_pages":null,"mirror_url":null,"source_name":null,"license":"mit","status":null,"scm":"git","pull_requests_enabled":true,"icon_url":"https://github.com/naemazam.png","metadata":{"files":{"readme":"README.md","changelog":null,"contributing":null,"funding":".github/FUNDING.yml","license":"LICENSE","code_of_conduct":null,"threat_model":null,"audit":null,"citation":null,"codeowners":null,"security":"SECURITY.md","support":null,"governance":null,"roadmap":null,"authors":null,"dei":null,"publiccode":null,"codemeta":null,"zenodo":null},"funding":{"github":null,"patreon":"theterminalboy","open_collective":null,"ko_fi":null,"tidelift":null,"community_bridge":null,"liberapay":null,"issuehunt":null,"lfx_crowdfunding":null,"polar":null,"buy_me_a_coffee":null,"custom":null}},"created_at":"2024-03-13T08:14:19.000Z","updated_at":"2024-09-12T21:58:46.000Z","dependencies_parsed_at":"2024-06-18T09:26:41.257Z","dependency_job_id":"6eec98f7-9836-444d-ad3c-1dc477706be5","html_url":"https://github.com/naemazam/logForenix","commit_stats":null,"previous_names":["naemazam/log-hunter"],"tags_count":0,"template":false,"template_full_name":null,"purl":"pkg:github/naemazam/logForenix","repository_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/naemazam%2FlogForenix","tags_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/naemazam%2FlogForenix/tags","releases_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/naemazam%2FlogForenix/releases","manifests_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/naemazam%2FlogForenix/manifests","owner_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners/naemazam","download_url":"https://codeload.github.com/naemazam/logForenix/tar.gz/refs/heads/main","sbom_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories/naemazam%2FlogForenix/sbom","scorecard":null,"host":{"name":"GitHub","url":"https://github.com","kind":"github","repositories_count":279018012,"owners_count":26086235,"icon_url":"https://github.com/github.png","version":null,"created_at":"2022-05-30T11:31:42.601Z","updated_at":"2022-07-04T15:15:14.044Z","status":"online","status_checked_at":"2025-10-14T02:00:06.444Z","response_time":60,"last_error":null,"robots_txt_status":"success","robots_txt_updated_at":"2025-07-24T06:49:26.215Z","robots_txt_url":"https://github.com/robots.txt","online":true,"can_crawl_api":true,"host_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub","repositories_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repositories","repository_names_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/repository_names","owners_url":"https://repos.ecosyste.ms/api/v1/hosts/GitHub/owners"}},"keywords":["cyber-security","cybersecurity","cybersecurity-tools","forensic","forensic-analysis","forensics","forensics-investigations","forensics-tools","linux","log","logging"],"created_at":"2024-11-14T19:25:29.471Z","updated_at":"2025-10-14T05:36:05.645Z","avatar_url":"https://github.com/naemazam.png","language":"Shell","funding_links":["https://patreon.com/theterminalboy"],"categories":[],"sub_categories":[],"readme":"\u003cp align=\"center\"\u003e\n  \u003cimg src=\"https://github.com/naemazam/logForenix/blob/main/img/log.png\" alt=\"Logo\" width=\"200\"\u003e\n\u003c/p\u003e\n\n\n# 🕵️ log Forenix🕵️\n\nWelcome to log Forenix (Log + Forencis + Linux ) - Your Linux Forensic Artifacts Collector Tool! 🚀\n\n## Description\n\nForenix is a powerful shell CLI tool designed to automate the collection of forensic artifacts in Linux systems. It streamlines data collection processes during incident response engagements, reducing dependency on remote tools/agents. With built-in functionality and simplicity, Forenix makes forensic artifact collection a breeze!\n\n\n## Features\n\n- LogForenix collects the command history for both `regular users` and the `root user`. The `.bash_history file` contains a record of commands executed in the Bash shell, providing insights into user activities and potential malicious actions. This includes recurring commands or scripts set to run at specific intervals, which may indicate routine system maintenance or suspicious activities.\n- LogForenix captures network interface information using the `ifconfig` or `ip addr` commands. This includes details such as IP addresses, MAC addresses, and network configurations, helping investigators understand network connectivity and potential network-related security issues.\n- LogForenix gathers network connection information using the `netstat` command. This includes established connections, listening ports, and routing tables, providing visibility into active network connections and potential network-based attacks.\n- LogForenix retrieves a snapshot of running processes with detailed information using the `ps aux` command. This includes process IDs, CPU and memory usage, and associated users, aiding in identifying running applications, services, and potential malicious processes\n- LogForenix collects system log files located in the `/var/log` directory. These logs contain a wealth of information, including system events, error messages, and user activities, enabling forensic analysts to reconstruct system events and detect anomalies or security incidents.\n- LogForenix captures temporary file logs stored in the `/tmp` directory. Temporary files may contain valuable information related to user activities, program executions, or malware persistence, allowing investigators to analyze potential security breaches or unauthorized activities.\n\n## Dependencies\n\n- It Will Check Automatic and Install .. Relax\n\n## How to Run\n\nSure, here are the steps formatted nicely in Markdown:\n\n1. 🫰 Clone this repository:\n   ```bash\n   git clone https://github.com/naemazam/logForenix.git\n   ```\n\n2. 🚔 Navigate to the directory:\n   ```bash\n   cd logForenix\n   ```\n\n3. 📝 Copy `logForenix.sh` to your local machine.\n\n4. 🔑 Grant execution permissions by executing\n\n   ```bash\n   chmod +x logForenix.sh\n   ```\n\n6. 🏃‍♂️ Run the script using the following command:\n\n   ```bash\n   sudo ./logForenix.sh\n   ```\n\n8. ⏳ Wait patiently until the script finishes collecting the logs.\n\n9. 📦 Once completed, find the compressed logs in `/opt/` directory. dir named as \u003c'hostname'\u003e.tar.gz\n\n\n\n## Testing Linux OS List\n\n| Linux OS      | Support |\n|---------------|---------|\n| Ubuntu        | ✅      |\n| Debian        | ✅      |\n| CentOS        | ✅      |\n| Fedora        | ✅      |\n| Arch Linux    | ❌      |\n| RHEL          | ✅      |\n| OpenSUSE      | ✅      |\n\n## Screenshots\n\n![Complete](https://github.com/naemazam/logForenix/blob/main/img/logForenix2.png)\n[Add screenshots here if available]\n\n## ⚠️ Warning:\n\nRunning LogForenix on production systems without proper understanding and authorization may lead to unintended consequences, including data loss or system instability. Always ensure you have appropriate permissions and follow best practices when using Forenix or any other forensic tool in sensitive environments.\n\n![Imag ](https://github.com/naemazam/logForenix/blob/main/img/IMG_6116.JPG)\n\n## About the Author\n\nLogForenix is developed and maintained by [Naem Azam](https://github.com/naemazam). Connect with me on [LinkedIn](https://www.linkedin.com/in/your_profile) for any inquiries or collaboration opportunities.\n\n\n## License\n\nThis project is licensed under the [MIT License](LICENSE).\n","project_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnaemazam%2Flogforenix","html_url":"https://awesome.ecosyste.ms/projects/github.com%2Fnaemazam%2Flogforenix","lists_url":"https://awesome.ecosyste.ms/api/v1/projects/github.com%2Fnaemazam%2Flogforenix/lists"}