The Linux forensics tool project provides a toolkit that collects the evidence from all PCs 🖥️, using Linux operating system. The gathered evidence includes System Data, Network Data, Event Data, User Data.
- Collect system information
- Collect list of open files
- Collect process status
- Collect disk filesystems information
- Collect list of mounted filesystems
- Collect loaded kernel modules information
- Collect file metadata
- Collect file hashes
- Collect network interfaces
- Collect network statistics
- Collect network routing tables
- Collect list of last logged-in users
- Collect list of failed logins
- Collect bash history
- Collect log files
- Collect browser history
- Collect local users information
- Check the integrity of local user credentials
- Compress files, export encrypted SHA256 signature for integrity check