Linux Expl0rer - Forensics Toolbox - Installation & Configuration
Key Takeaways
The video demonstrates the installation and configuration of Linux Expl0rer, a live forensics toolbox for Linux endpoints written in Python and Flask, using tools such as git, pip, and nano.
Full Transcript
[Music] hey guys hackersploit here back again with another video and in this video we're going to be looking at linux explorer and you might be asking yourself well what is linux explorer well linux explorer is a forensics toolbox for linux operating systems so in reality what they give you or what this script is is essentially is giving you an advanced process manager and a forensic toolbox that will allow you to analyze anything on the linux on a linux client all right so some of the functionality that it does offer is it will give you a full process list it will allow you to inspect the memory map and you can you know also fetch memory strings so it's fantastic for forensics for those of you interested in forensics this is a fantastic tool that can allow you to perform uh some forensic analysis on a client or on a target computer it allows you to dump the you know process memory again uh very very useful for forensics it allows you to view the user list on that system it allows you to search for files you can look at the system log the firewall log bash history so really really useful stuff it allows you to have an anti-root kit uh software or framework so one of the the supported one here is ch rootkit and yeah so let's look at how to get it installed and some of the requirements that you need to install before you move on so uh it does require python uh more specifically python 2.7 right and uh it needs requires url y-a-r-a uh it requires ch root kit if you are planning on using it i'm not gonna use it right now but i'll show you how to install it all right so uh let me just open up the link here i have it open up on my browser as you can see it's on github and i will be leaving the link in the description so you can check it out so i'm just going to clone the repository like so so i'm just going to copy the link there and what i'm gonna do is open up my terminal which is right here already have it opened up let me just zoom in so you guys have a better idea of what's going on all right so i'm on my desktop and that's probably where i want to store it if you're on your computer i recommend that you keep it in your optional folder so that is you know your opt folder where you keep all programs that are not installed with the system because these tools are may have some bugs and you know mixing it up with your system isn't the best of things to do so yeah let's clone it so git clone git clone by the way this does work on any linux distribution so you know you can use it on ubuntu fedora whatever you feel is comfortable for you so i'm just going to paste the link there we are and i'm just going to hit enter and depending on your internet speed it will get the file downloaded uh so yeah for please forgive my slow internet right now it isn't the best of connection speeds but it should get it downloaded immediately so uh just give it a few seconds to start up and get all the files downloaded and we should be good to go all right so uh let it just finish up there we are it's getting all the files that we need uh there are quite a lot of files actually all right so we've got it on my desktop for some reason um i can't seem to get it in my desktop oh it's probably on my root directory so what i'm going to do is go to my desktop sorry there we are because i am in my user sorry oh i am on my desktop sorry so let me just list that out there we are so it is the linux explorer file so let me just enter there all right so let me clear the terminal now and uh to list the files there are a few things that you have to do and one of them is to look at the requirements all right so all the ins the required packages for that matter so what i'm going to do is i'm just going to display the requirements that are you know given to us in the requirements.txt file all right so i'm going to hit enter and it's going to tell you need these packages to be installed so you need flask psu tools just some libraries and utilities that you need so what you can do is you can install it using the pip install the ap install r and use the requirements the requirements.txt so you'll automatically get the packages for you so you can just do that i probably have them already installed so it shouldn't take too much time as well and once you have the requirements installed there we are so i already have them installed as you can see a requirement already satisfied so i know i have them but for you in your case you can go ahead and get it done right uh so um another thing you have to make sure that you need to do is we need to configure the um we need to configure the python file so let me just clear this up and if i list the files we have the python uh the config.python so python config.python and oops let me use the nanoeditor mybad config config.python there we are so in here if you wanted to use the uh the vto otx apis uh that's a special tool sorry about that notification that's um that's essentially an api that allows you to or that gives you root kick root kit detection all right so you if you want to use the api you can go ahead and just google it and you can get the api and that will allow you to use their um their rootkit detector all right so but i'm not going to use that because it's really not necessary at the moment so i'm just going to exit the that i'm just going to exit that and we can move on to uh you know installing our other required uh packages or the requirements basically so you make sure you have python i'm sure the distro you're on already has python installed so no need for that uh you can then just install yara or y-a-r-a so apt get install yara there we are and i probably already have it installed there we are okay and then you can choose to install your ch root kit which is also optional get install a ch root kit like so and it should install it ch root kit for some reason i'm not getting it ch yeah chk rootkit sorry about that my spelling was wrong uh so chk rootkit there we are already have it installed and once you're done that should be good to go now and what you have to do now is start the the file explorer server the linux explorer server for that matter so the way to do that is to use the python so python uh linux explorer if you're using the linux explorer.py or python and it's going to start it and it's going to say running on that link so let's open that link all right and it's going to open up on firefox there we are so uh the link is 127. uh the port is 8080 all right so it's going to open up and it's going to give you this fantastic web interface and it's going to start loading these services and there you have it it gives you these services pretty pretty awesome and you can see all what's running and their process ids their process uh their usernames under which they are running uh if you have multiple accounts all right so you then have your users tab right up here that gives you your users and what they're using so as you can see i have my user the app to the package manager that's running we have bef uh we have um iodine mail so these are all user services that are being run and you can look at their user id uh their username of course you have their home directory what what their directory they are from so it's really really a fantastic tool for forensic analysis and finding out you know what processes are running uh and i really really see this uh you know to be useful for servers of course most servers will run the command line interface but you know if you install a gui and a desktop environment this can be fantastic as well you then have your find which allows you to search for you know files or if you're searching for a specific uh you're searching for specific uh you know hidden files or malware and stuff like that you know for suspicious files uh stuff like that you then have your netstat that allows you to check your your incoming and outgoing connections as you can see so you know we have the um the uh the process manager that is currently working and as you can see it is um it does have connections in incoming and not going through the different ports we then have some other traffic coming and going so yeah pretty pretty awesome let me just zoom back in there we are all right so you can view nut stack you can also view your locks right so i'm gonna just try and uh keep my logs uh to myself but let's look at my ufw uh firewall yeah so i don't have you you have w5 all installed again that's really really another cool tool if you want a video on that please let me know looking at the authorities log as you can see uh yeah the power button yeah and i guess you can see how awesome this can really be so yeah you then have your anti-root kit section which is again for checking for rootkits and you can start the service when you're in so what's gonna happen now is let me just open up the browser is when you get the survey started it will uh obviously give you the functionality of checking whether you have any rootkits installed so really really helpful as well all right you then have yara which again is for setting rule sets and for file directories and you know process id is just scanning your files on your file structure for anything uh for anything that you specify or with the path all right you then have your tick adapters here i mean your rule set which is set to default uh the tick adapter uh and you can see you have your up to ghost dragon ghost right and you can upload your different year rules files so pretty pretty awesome functionality it does give you and if you go back to the processes you can see that again it gives you a lot of information about the services that are running does take a while to start up but um overall pretty pretty awesome then have the ability to perform a search for the processes that are running so that's also pretty pretty cool as well like you can run processes that are running under my username and as you can see it's going to tell you what's running so for example i have the system library running we have the uh we have some the you know the dynamic config service running just really really just normal stuff regarding the system that's running anyway guys that was it for this video linux explorer is quite an awesome tool for forensic analysis and for system management linux system management that is i hope you guys found value in this video if you did please leave a like down below it would really i would really appreciate it if you have any questions or suggestions please let me know in the comment section or you can hit me up on uh the on my social networks or on kik for the latest hacking news and resources please check out my website hsplurge.com the link will be in the description and yeah thank you so much for watching guys have a fantastic day you
Original Description
Hey guys HackerSploit here back again with another video, in this video, we are going to be Installing & Configuring Linux Expl0rer; Easy-to-use live forensics toolbox for Linux endpoints written in Python & Flask.
Linux Expl0rer: https://github.com/intezer/linux-explorer
Configuration & Installation Process:
Clone repository
git clone https://github.com/intezer/linux_expl0rer
pip install -r requirements.txt
nano config.py
VT_APIKEY = key
OTX_APIKEY = key
sudo apt-get install yara
sudo apt-get install chkrootkit
sudo python linux_explorer.py
--------------------------------------------------------------------
Pure VPN Affiliate Link:
PureVPN: https://billing.purevpn.com/aff.php?aff=33288
📗 Get My Courses at $10 Only!
The Complete Deep Web Course 2017:
https://www.udemy.com/the-complete-deep-web-course-2017/?couponCode=DWCBP2017
I Hope you enjoy/enjoyed the video.
If you have any questions or suggestions feel free to ask them in the comments section or on my social networks as well as my blog.
HackerSploit Website: https://hsploit.com/
✔️SOCIAL NETWORKS
-------------------------------
Facebook: https://www.facebook.com/HackerSploit/
Twitter: https://twitter.com/HackerSploit
Discord: https://discord.gg/8BEcPVd
Kik Username: HackerSploit
Patreon: http://patreon.com/hackersploit
--------------------------------
Thanks for watching!
Благодаря за гледането
感谢您观看
Merci d'avoir regardé
Grazie per la visione
Gracias por ver
شكرا للمشاهدة
देखने के लिए धन्यवाद
Watch on YouTube ↗
(saves to browser)
Sign in to unlock AI tutor explanation · ⚡30
Playlist
Uploads from HackerSploit · HackerSploit · 36 of 60
1
2
3
4
5
6
7
8
9
10
11
12
13
14
15
16
17
18
19
20
21
22
23
24
25
26
27
28
29
30
31
32
33
34
35
▶
37
38
39
40
41
42
43
44
45
46
47
48
49
50
51
52
53
54
55
56
57
58
59
60
How To Install Kali Linux 2.0 On Virtual Box
HackerSploit
100 Subscriber Q&A! - How I Learned Ethical Hacking
HackerSploit
BlackArch Linux Review - Better Than Kali Linux?
HackerSploit
How to Access the Deep Web Safely | Deep Web Starter Guide 1.0
HackerSploit
Wireshark Tutorial for Beginners - Installation
HackerSploit
Wireshark Tutorial for Beginners - Overview of the environment
HackerSploit
Wireshark Tutorial for Beginners - Capture options
HackerSploit
Wireshark Tutorial for Beginners - Filters
HackerSploit
Complete Ethical Hacking Course - Become a Hacker Today - #1 Hacking Terminology
HackerSploit
Complete Ethical Hacking Course #2 - Installing Kali Linux
HackerSploit
Parrot OS 3.5 Review | The Best Kali Linux Alternative
HackerSploit
Nmap Tutorial For Beginners - 1 - What is Nmap?
HackerSploit
Katoolin | How To Install Pentesting Tools On Any Linux Distro
HackerSploit
Nmap Tutorial For Beginners - 2 - Advanced Scanning
HackerSploit
Nmap Tutorial For Beginners - 3 - Aggressive Scanning
HackerSploit
Zenmap Tutorial For Beginners
HackerSploit
How To Setup Proxychains In Kali Linux - #1 - Stay Anonymous
HackerSploit
How To Setup Proxychains In Kali Linux - #2 - Change Your IP
HackerSploit
How To Change Mac Address In Kali Linux | Macchanger
HackerSploit
How To Setup And Use anonsurf On Kali Linux | Stay Anonymous
HackerSploit
Ubuntu 17.04 "Zesty Zapus" Review - Bye Unity
HackerSploit
VPN And DNS For Beginners | Kali Linux
HackerSploit
Tails OS Installation And Review - Access The Deep Web/Dark Net
HackerSploit
Steganography Tutorial - Hide Messages In Images
HackerSploit
The Lazy Script - Kali Linux 2017.1 - Automate Penetration Testing!
HackerSploit
Best Linux Distributions For Penetration Testing
HackerSploit
Netcat Tutorial - The Swiss Army Knife Of Networking - Reverse Shell
HackerSploit
Gaining Access - Web Server Hacking - Metasploitable - #1
HackerSploit
Web Server Hacking - FTP Backdoor Command Execution With Metasploit - #2
HackerSploit
How To Install Kali Linux On VMware - Complete Guide 2018
HackerSploit
Q&A #1 - Best Cyber-security Certifications?
HackerSploit
Terminator - Kali Linux - Multiple Terminals
HackerSploit
Shodan Search Engine Tutorial - Access Routers,Servers,Webcams + Install CLI
HackerSploit
Q&A #2 - Mr Robot?
HackerSploit
Metasploit Community Web GUI - Installation And Overview
HackerSploit
Linux Expl0rer - Forensics Toolbox - Installation & Configuration
HackerSploit
QuasarRAT - The Best Windows RAT? - Remote Administration Tool for Windows
HackerSploit
Metasploit For Beginners - #1 - The Basics - Modules, Exploits & Payloads
HackerSploit
Metasploit For Beginners - #2 - Understanding Metasploit Modules
HackerSploit
Kali Linux Quick Tips - #1 - Adding a non-root user
HackerSploit
Metasploit For Beginners - #3 - Information Gathering - Auxiliary Scanners
HackerSploit
Spectre Meltdown Vulnerability - How To Check Your System
HackerSploit
Metasploit For Beginners - #4 - Basic Exploitation
HackerSploit
ARP Spoofing With arpspoof - MITM
HackerSploit
WordPress Vulnerability Scanning With WPScan
HackerSploit
Generating A PHP Backdoor with weevely
HackerSploit
Nikto Web Vulnerability Scanner - Web Penetration Testing - #1
HackerSploit
How To Install Kali Linux On Windows 10 - Windows Subsystem For Linux
HackerSploit
Stacer - System Optimizer And Monitoring Tool For Linux
HackerSploit
Kali Linux 2018.1 - Kernel Updates & Patches
HackerSploit
MITM With Ettercap - ARP Poisoning
HackerSploit
Password Cracking With John The Ripper - RAR/ZIP & Linux Passwords
HackerSploit
How To Detect Rootkits On Kali Linux - chkrootkit & rkhunter
HackerSploit
Channel Updates - How To Post Questions & Video Suggestions
HackerSploit
Web App Penetration Testing - #1 - Setting Up Burp Suite
HackerSploit
Web App Penetration Testing - #2 - Spidering & DVWA
HackerSploit
Cl0neMast3r - GitHub Repository Cloning Tool
HackerSploit
Kali Linux On Windows 10 Official - WSL - Installation & Configuration
HackerSploit
DoS/DDoS Protection - How To Enable ICMP, UDP & TCP Flood Filtering
HackerSploit
Web App Penetration Testing - #3 - Brute Force With Burp Suite
HackerSploit
More on: Linux & CLI
View skill →Related Reads
📰
📰
📰
📰
Your Scanner Reads One Workflow at a Time. The Attack Lives in the Chain.
Medium · Cybersecurity
Oracle Manipulation: How a $392K Silo Finance Loss Happened in 2026
Dev.to AI
Beyond MFA: Why Identity Security Has Become the Foundation of Modern Cyber Resilience
Medium · Cybersecurity
Texas Hearing Institute Reports Ransomware Attack Impacting 30,000 Residents
Dev.to · BeyondMachines
🎓
Tutor Explanation
DeepCamp AI