Forencics Recompiler for Linux - Project

less than 1 minute read

  less than 1 minute read

This script will recompile most of the information that is usually obtained from a Linux system before an expert or forensic analysis. In addition all the information will be signed with SHA256.


forencics recompiler linux

Preview files tree

forencics recompiler linux 1


The following actions are performed on the Linux system:

  • Dump of the following items:
    • File sudoers, passwd and shadow.
    • The system files with read permissions
    • System directories
    • System shells history
    • Current system processes
    • Network configurations and connections
    • System logs (including lastlog)
    • List of system files larger than 1GB