otseca

LSE toolsLSE toolsotseca (387)otseca (387)

Tool and Usage

Project details

License
GPLv3
Programming language
shell script
Author
Michał Żurawski
Latest release
1.0.5
Latest release date

Project health

60
This score is calculated by different factors, like project age, last release date, etc.

Why this tool?

Tools like otseca help with data collection. This could be useful for system administrators to collect data on a regular interval. This data then can be compared with a future data capture. Another possibility is to use it during pentesting. In that case one should have already obtained root access, as the tool requires this as well.

How it works

The tool is written in shell script and uses the Bash interpreter. Its main component is a wrapper to include other commands, which each in turns collect the related data. The HTML report is created by collecting the output and wrapping it up with HTML tags.

Background information

The otseca name is derived from 'other security awareness'.

Usage and audience

otseca is commonly used for configuration audit, penetration testing, or security assessment. Target users for this tool are auditors, pentesters, and system administrators.

Features

  • Command line interface
  • HTML output

Example usage and output

+-----------------------------------------------------------+
: :
: Φ otseca v1.0.0 security audit script :
: :
: Project: https://github.com/trimstray/otseca :
: :
: Debian GNU/Linux, CentOS Linux :
: :
+-----------------------------------------------------------+



[+] --[ Init environment ]--
- create dump directory
- set log file

[+] --[ Dump system information ]--
- "ls /tmp"
- "uname -a"
- "ps -ef"
- "df -H"
- "mount"
- "service --status-all"
- "systemctl list-units"
- "lsmod"
- "lspci"
- "sysctl -a"
- "echo /usr/local/sbin:/usr/local/bin:/usr/sbin:/usr/bin:/sbin:/bin"
- "ls -l /etc/rc*.d"
- "cat /proc/cpuinfo"

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + The source code is easy to read and understand
  • + Tool is modular and extendable
  • + The source code of this software is available

Author and Maintainers

Otseca is under development by Michał Żurawski.

Installation

Supported operating systems

Otseca is known to work on Linux.

otseca alternatives

Similar tools to otseca:

100

Lynis

Lynis is a security auditing tool for systems running Linux, macOS, or Unix. It can be used for security assessments and configuration audits.

89

OpenSCAP

Tools to assist administrators and auditors with assessment, measurement and enforcement of security baselines

70

YASAT

YASAT describes itself as another simple stupid audit tool to test Linux systems. It has many tests for checking the security configuration of the system.

All otseca alternatives

This tool page was updated at . Found an improvement? Help the community by submitting an update.

Related tool information

Categories

This tool is categorized as a Linux security audit tool and configuration audit tool.