Linux Analyzers
  • Generic WebShell Analyzer (wsa)
    Scans device for the webshells using webshell specific YARA rules
  • Vulnerability Analyzer (vua)
    Executes rules for identifying if your device compromised with a known vulnerability
  • YARA Scanner (gys)
    Scans your system with your YARA repositories(refer to blog post here).
  • Process Analyzer (lpa)
    Executes rules for running Processes, Process modules and Process handles
  • CronJob Analyzer (cra)
    Executes rules for CronJob tasks.
  • Package Manager Analyzer (pkgmngr)
    Executes rules Package Managers
  • Shell History Analyzer (sha)
    Executes rules for Shell histories.
Last modified 2mo ago
Copy link