Linux Server Triage tool for CSIRT.
- Collect not only 'log files' but also 'config file' and "web server's script files"
- Find Suspicious Script and Binary on Web Server.
- Include : Backup function of Web Server All Contents on DOCUMENT_ROOT
- [2018.06.20] AUTO Web server's DOCUMENT_ROOT and WEB CONFIG Directories. ( httpd,apache2,nginx support checked)
- [2018.06.20] LOG Archive SCOPE: Automatically from 1 year ago to TODAY when this executed.
Category: Triage
Category URL: http://www.dfir.training/component/mtree/forensic-utilities/triage?Itemid=