Skip to content
/ Sherlock Public

An easy to use tool built for incident response teams.

License

MIT license
2 stars 0 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

Akshay-Rohatgi/Sherlock

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

41 Commits
misc
misc
 
 
src
src
 
 
.gitignore
.gitignore
 
 
LICENSE
LICENSE
 
 
Makefile
Makefile
 
 
README.md
README.md
 
 

Repository files navigation

Sherlock

Sherlock is a tool for incident response teams to quickly gather log files and find system resources and binaries that may have been tampered with by attackers. This tool can also be used to establish baselines before an attack.

Information

  • Blue teaming and incident response can be stressful, hopefully this tool makes it a little easier!
  • Has only been tested on Debian based systems so far.

Usage

make # uses makefile and builds in /src/sherlock
sudo src/sherlock help

Services supported

Nginx
Apache2
OpenSSH-Server
MySQL Server

Example

sudo ./sherlock help

help_page

sudo ./sherlock nginxConfigSave

nginx_config_save

Dev environment

git clone https://github.com/Akshay-Rohatgi/Sherlock
cd Sherlock && bash misc/install.sh

About

An easy to use tool built for incident response teams.

Topics

linux incident-response cybersecurity blue-teams

Resources

Readme

License

MIT license
Activity

Stars

2 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases 1

Sherlock v1.0.0 Latest
Aug 10, 2020

Languages