Ivan Avilla · Feb 27, 2019 · 11:40 PM UTC

Ivan Avilla

Ivan Avilla @IvDogg

27 Feb 2019

Does anyone have a good forensic triage script for Solaris or AIX? Similar to the awesome NIX forensic script at brimorlabs.com/tools/ by @BriMorLabs #DFIR #CIRT #Forensics

Etrik · Feb 27, 2019 · 11:54 PM UTC

Etrik @Etrik2

27 Feb 2019

i bet @hal_pomeranz may be able to point us in the right direction?

Ivan Avilla · Feb 28, 2019 · 12:18 AM UTC

Ivan Avilla @IvDogg

28 Feb 2019

AIX and Solaris incidents in the same week! /me slicing wrists

Hal Pomeranz · Feb 28, 2019 · 2:26 AM UTC

Hal Pomeranz · Feb 28, 2019 · 2:26 AM UTC

Hal Pomeranz @hal_pomeranz

28 Feb 2019

Replying to @IvDogg @Etrik2 @BriMorLabs

Nothing forensic specific, but I have a vague memory that Solaris included a script for gathering debug info to send with your support requests. It captured some useful forensic data.

Feb 28, 2019 · 2:26 AM UTC

Ivan Avilla · Feb 28, 2019 · 3:08 AM UTC

Ivan Avilla @IvDogg

28 Feb 2019

Replying to @hal_pomeranz @Etrik2

Thanks all, will look into that... I'm having some guys in our lab convert @BriMorLabs script as best as can. Will be sure to share if it works!