Ecosyste.ms: Awesome

An open API service indexing awesome lists of open source software.

Awesome Lists | Featured Topics | Projects

https://github.com/akshay-rohatgi/sherlock

An easy to use tool built for incident response teams.
https://github.com/akshay-rohatgi/sherlock

blue-teams cybersecurity incident-response linux

Last synced: 1 day ago
JSON representation

An easy to use tool built for incident response teams.

Host: GitHub
URL: https://github.com/akshay-rohatgi/sherlock
Owner: Akshay-Rohatgi
License: mit
Created: 2020-08-08T06:42:58.000Z (over 4 years ago)
Default Branch: master
Last Pushed: 2021-01-19T01:42:14.000Z (almost 4 years ago)
Last Synced: 2023-08-02T07:22:15.475Z (over 1 year ago)
Topics: blue-teams, cybersecurity, incident-response, linux
Language: Go
Homepage:
Size: 6.08 MB
Stars: 2
Watchers: 2
Forks: 0
Open Issues: 0
Metadata Files:
- Readme: README.md
- License: LICENSE

Awesome Lists containing this project

README

# Sherlock
Sherlock is a tool for incident response teams to quickly gather log files and find system resources and binaries that may have been tampered with by attackers. This tool can also be used to establish baselines before an attack.

## Information
- Blue teaming and incident response can be stressful, hopefully this tool makes it a little easier!
- Has only been tested on Debian based systems so far.

## Usage
```bash
make # uses makefile and builds in /src/sherlock
sudo src/sherlock help
```

## Services supported
```
Nginx
Apache2
OpenSSH-Server
MySQL Server
```

## Example
```bash
sudo ./sherlock help
```
![help_page](misc/help.png)

```bash
sudo ./sherlock nginxConfigSave
```
![nginx_config_save](misc/nginx.png)

## Dev environment
```bash
git clone https://github.com/Akshay-Rohatgi/Sherlock
cd Sherlock && bash misc/install.sh
```