Skip to content

Instantly share code, notes, and snippets.

@hed0rah

hed0rah/anaprobe.sh

Last active April 1, 2026 02:47
Show Gist options

  • Select an option

    Learn more about clone URLs
  • Save hed0rah/ad72270896a05fecbde7081e96b67638 to your computer and use it in GitHub Desktop.

Select an option

Learn more about clone URLs
Save hed0rah/ad72270896a05fecbde7081e96b67638 to your computer and use it in GitHub Desktop.
Download ZIP
linux colonoscopy
Raw
anaprobe.sh
#!/usr/bin/env bash
# =============================================================================
# Run with: sudo ./anaprobe.sh
# Full cavity search.
# =============================================================================
set -o pipefail 2>/dev/null || true
SCRIPT_VERSION="2026.04"
# ====================== COLORS & FORMATTING ======================
if [ -t 1 ]; then
RED=$(tput setaf 1)
GREEN=$(tput setaf 2)
YELLOW=$(tput setaf 3)
BLUE=$(tput setaf 4)
BOLD=$(tput bold)
RESET=$(tput sgr0)
else
RED="" GREEN="" YELLOW="" BLUE="" BOLD="" RESET=""
fi
header() {
echo
echo "${BLUE}${BOLD}═══════════════════════════════════════════════════════════════════════════════${RESET}"
echo "${BLUE}${BOLD} $1${RESET}"
echo "${BLUE}${BOLD}═══════════════════════════════════════════════════════════════════════════════${RESET}"
}
subheader() {
echo
echo "${GREEN}── $1 ──${RESET}"
}
# Enable safe globs
shopt -s nullglob 2>/dev/null || true
# Create archive directory for full dumps (only if we can write)
ANAPROBE_DIR="/tmp/anaprobe"
if [ "$(id -u)" -eq 0 ]; then
mkdir -p "$ANAPROBE_DIR" 2>/dev/null
echo "Full raw dumps will be saved to: $ANAPROBE_DIR" >&2
else
echo "Running non-root — some deep dumps skipped" >&2
fi
# ====================== BASIC INFO ======================
header "ANAPROBE.SH STARTED - $(date '+%Y-%m-%d %H:%M:%S %Z')"
echo "Script version: ${SCRIPT_VERSION}"
echo "Hostname: $(hostname -f 2>/dev/null || hostname)"
echo "Running as: $(whoami) (UID: $(id -u))${YELLOW}$([ "$(id -u)" -ne 0 ] && echo " ← NOT ROOT — some sections limited" || echo " ← ROOT — full cavity search")${RESET}"
echo "Uptime: $(uptime -p 2>/dev/null) | Load: $(cat /proc/loadavg 2>/dev/null | awk '{print $1,$2,$3}' || echo 'N/A')"
echo
# ====================== OS / KERNEL / BOOT ======================
header "OS / KERNEL / BOOT / FIRMWARE / BOOTLOADER"
cat /etc/os-release 2>/dev/null | grep -E 'PRETTY_NAME|NAME|VERSION|ID|HOME_URL|BUILD_ID' || echo "No /etc/os-release"
echo
uname -a
echo "Kernel build: $(cat /proc/version_signature 2>/dev/null || echo 'N/A')"
echo "Booted: $(who -b 2>/dev/null | awk '{print $3 " " $4}' || echo 'N/A')"
if command -v systemd-analyze >/dev/null 2>&1; then
echo "Boot time: $(systemd-analyze 2>/dev/null | head -1)"
echo "Slowest units:"; systemd-analyze blame 2>/dev/null | head -10
fi
journalctl --list-boots -n 5 2>/dev/null | tail -10 || echo "No journalctl boot history"
echo "Firmware: $([ -d /sys/firmware/efi ] && echo "EFI" || echo "BIOS/legacy")"
# Bootloader configs (GRUB, systemd-boot, etc.)
subheader "Bootloader"
if [ -f /boot/grub/grub.cfg ] || [ -f /boot/grub2/grub.cfg ]; then
GRUB_CFG=$(find /boot -name grub.cfg 2>/dev/null | head -1)
echo "GRUB config found at $GRUB_CFG"
[ -n "$GRUB_CFG" ] && [ -d "$ANAPROBE_DIR" ] && cp "$GRUB_CFG" "$ANAPROBE_DIR/grub.cfg" 2>/dev/null
elif [ -d /boot/loader ]; then
echo "systemd-boot detected"
bootctl status 2>/dev/null | head -15 || true
else
echo "No standard bootloader config detected"
fi
[ -f /etc/default/grub ] && { echo "GRUB defaults:"; cat /etc/default/grub 2>/dev/null | grep -E 'GRUB_CMDLINE_LINUX|GRUB_TIMEOUT'; }
# ====================== HARDWARE & VIRTUALIZATION ======================
header "HARDWARE & VIRTUALIZATION"
subheader "CPU (/proc/cpuinfo + /sys)"
grep -E 'model name|cpu cores|siblings|cpu MHz|flags' /proc/cpuinfo 2>/dev/null | head -30 || echo " Unable to read cpuinfo"
if [ -d /sys/devices/system/cpu/cpu0/cpufreq ]; then
echo "CPU scaling governors:"
for cpu in /sys/devices/system/cpu/cpu*/cpufreq; do
[ -f "$cpu/scaling_governor" ] && echo " $(basename "$(dirname "$cpu")"): $(cat "$cpu/scaling_governor" 2>/dev/null)"
done
fi
subheader "Memory & Swap (/proc/meminfo)"
free -h 2>/dev/null || echo " free not available"
grep -E 'MemTotal|MemFree|MemAvailable|Buffers|Cached|SwapTotal|SwapFree|Slab|SReclaimable' /proc/meminfo 2>/dev/null | sed 's/^/ /' || echo " Unable to read meminfo"
subheader "Virtualization / Cgroups"
if command -v systemd-detect-virt >/dev/null 2>&1; then
echo "Virt type: $(systemd-detect-virt 2>/dev/null || echo 'none/bare-metal')"
fi
if [ -d /sys/fs/cgroup ]; then
echo "Cgroup version: $([ -f /sys/fs/cgroup/cgroup.controllers ] && echo 'v2' || echo 'v1 or hybrid')"
ls /sys/fs/cgroup 2>/dev/null | head -20
fi
subheader "Disks & Storage"
lsblk -o NAME,SIZE,TYPE,FSTYPE,MOUNTPOINT,ROTA,STATE,TRAN,MODEL 2>/dev/null | tee "$ANAPROBE_DIR/lsblk_full.txt" 2>/dev/null | head -40 || echo " lsblk not available"
echo "Partitions (/proc):"
cat /proc/partitions 2>/dev/null | tail -20
subheader "I/O Schedulers (/sys/block)"
for block in /sys/block/*; do
[ -f "$block/queue/scheduler" ] || continue
dev=$(basename "$block")
sched=$(cat "$block/queue/scheduler" 2>/dev/null)
echo " $dev scheduler: $sched"
done
subheader "Storage Health & Identifiers"
echo "Block devices detected:"
for dev in /dev/sd[a-z] /dev/nvme[0-9]n[0-9]* /dev/vd[a-z] /dev/mmcblk[0-9]*; do
[ -b "$dev" ] || continue
echo " ${dev}"
done
if command -v smartctl >/dev/null 2>&1; then
echo "SMART summary (where available):"
for dev in /dev/sd[a-z] /dev/nvme[0-9]n[0-9]* /dev/vd[a-z] /dev/mmcblk[0-9]*; do
[ -b "$dev" ] || continue
health=$(smartctl -H "$dev" 2>/dev/null | grep -E 'PASSED|FAILED|OK|overall-health' | head -1 || echo "No SMART data")
echo " ${dev}: ${health}"
done
else
echo " smartctl not found"
fi
if command -v blkid >/dev/null 2>&1; then
echo "Block IDs:"; blkid 2>/dev/null | head -30
fi
subheader "LVM & RAID"
command -v vgs >/dev/null 2>&1 && { echo "LVM:"; vgs 2>/dev/null && lvs 2>/dev/null || echo " none"; }
command -v mdadm >/dev/null 2>&1 && { echo "RAID:"; mdadm --detail --scan 2>/dev/null || echo " none"; }
subheader "PCI / USB / GPU"
lspci 2>/dev/null | grep -E 'VGA|3D|Display|Network|Storage|RAID' || echo " No lspci or no matching devices"
lsusb -t 2>/dev/null || echo " No lsusb"
if command -v nvidia-smi >/dev/null 2>&1; then
nvidia-smi --query-gpu=name,driver_version,memory.total,memory.used --format=csv,noheader 2>/dev/null || true
fi
# ====================== FILESYSTEMS & MOUNTS ======================
header "FILESYSTEMS & MOUNTS"
mount | column -t 2>/dev/null | grep -E '^(/dev|tmpfs|proc|sys|dev|run|overlay)' | tee "$ANAPROBE_DIR/mounts.txt" 2>/dev/null || true
echo "Total mounts: $(cat /proc/mounts 2>/dev/null | wc -l)"
echo "Inodes:"; df -i 2>/dev/null | grep -v 'tmpfs|devtmpfs' | head -20 || echo " df -i unavailable"
# ====================== NETWORK ======================
header "NETWORK & CONNECTIVITY"
ip -brief address show 2>/dev/null || echo " ip command limited"
ip route 2>/dev/null || true
echo; ss -tuln 2>/dev/null | head -30 || echo " ss unavailable"
echo "DNS resolvers:"; cat /etc/resolv.conf 2>/dev/null | grep '^nameserver' || echo " none"
# ====================== DEEP /proc & /sys + KERNEL ======================
header "DEEP DIVE — /proc /sys / KERNEL / TUNABLES"
subheader "/proc summary"
echo " Loadavg: $(cat /proc/loadavg 2>/dev/null)"
echo " Processes: $(cat /proc/stat 2>/dev/null | grep '^processes' | awk '{print $2}')"
echo " Interrupts: $(cat /proc/interrupts 2>/dev/null | wc -l) lines"
echo " Supported filesystems: $(cat /proc/filesystems 2>/dev/null | wc -l)"
echo " Kernel config available: $([ -f /proc/config.gz ] && echo 'YES' || echo 'NO')"
subheader "Sysctl tunables (selected + full dump)"
sysctl -a 2>/dev/null | grep -E 'net.ipv4|kernel.random|vm.swappiness|fs.file-max|kernel.bpf|kernel.unprivileged' | head -40 || true
if [ -d "$ANAPROBE_DIR" ]; then
sysctl -a 2>/dev/null > "$ANAPROBE_DIR/sysctl_full.txt" || true
echo "Full sysctl saved to $ANAPROBE_DIR/sysctl_full.txt"
fi
subheader "BPF status"
if command -v bpftool >/dev/null 2>&1; then
echo "bpftool present — programs:"; bpftool prog 2>/dev/null | head -10 || true
elif [ -d /sys/fs/bpf ]; then
echo "BPF filesystem mounted"
else
echo "BPF not enabled or no bpftool"
fi
subheader "Key /sys"
if [ -d /sys/class/thermal ]; then
echo "Thermal zones:"
for zone in /sys/class/thermal/thermal_zone*; do
[ -f "$zone/type" ] && [ -f "$zone/temp" ] && \
echo " $(cat "$zone/type" 2>/dev/null): $(cat "$zone/temp" 2>/dev/null | awk '{print $1/1000 "°C"}')"
done
fi
if [ -d /sys/class/power_supply ]; then
echo "Power supplies:"; ls /sys/class/power_supply/ 2>/dev/null
fi
echo "Block devices major/minor:"; cat /proc/partitions 2>/dev/null | tail -15 || true
subheader "Kernel modules"
lsmod 2>/dev/null | head -30 | tee "$ANAPROBE_DIR/lsmod.txt" 2>/dev/null || echo " lsmod unavailable"
# ====================== SECURITY ======================
header "SECURITY — SELINUX / APPARMOR / FIREWALL / NAMESPACES"
subheader "SELinux / AppArmor"
if command -v sestatus >/dev/null 2>&1; then
sestatus 2>/dev/null | tee "$ANAPROBE_DIR/selinux_status.txt" 2>/dev/null
elif command -v getenforce >/dev/null 2>&1; then
echo "SELinux mode: $(getenforce 2>/dev/null)"
fi
if command -v apparmor_status >/dev/null 2>&1; then
apparmor_status 2>/dev/null | head -20 | tee "$ANAPROBE_DIR/apparmor_status.txt" 2>/dev/null
fi
subheader "Firewall rules (full dump to file)"
if command -v nft >/dev/null 2>&1; then
echo "nftables — full rules saved"
nft list ruleset > "$ANAPROBE_DIR/firewall_nft.txt" 2>/dev/null || true
elif command -v iptables >/dev/null 2>&1; then
echo "iptables — full rules saved"
iptables -L -n -v > "$ANAPROBE_DIR/firewall_iptables.txt" 2>/dev/null || true
elif command -v ufw >/dev/null 2>&1; then
ufw status verbose > "$ANAPROBE_DIR/firewall_ufw.txt" 2>/dev/null || true
elif command -v firewall-cmd >/dev/null 2>&1; then
firewall-cmd --list-all --verbose > "$ANAPROBE_DIR/firewall_firewalld.txt" 2>/dev/null || true
else
echo " No known firewall tool"
fi
subheader "Users & Login"
who -u 2>/dev/null || true
echo "Logged-in: $(who 2>/dev/null | wc -l) | Total accounts: $(getent passwd 2>/dev/null | wc -l)"
echo "Last logins:"; last -a -n 15 2>/dev/null | head -15 || true
echo "Failed logins:"; lastb -a -n 10 2>/dev/null | head -10 || true
# ====================== PERFORMANCE & CONTAINERS ======================
header "PERFORMANCE SNAPSHOT"
ps -eo pid,ppid,user,comm,%cpu,%mem,etime --sort=-%cpu 2>/dev/null | head -20 || true
ps -eo pid,ppid,user,comm,%cpu,%mem,etime --sort=-%mem 2>/dev/null | head -20 || true
header "CONTAINERS & RUNTIMES"
command -v docker >/dev/null 2>&1 && echo "Docker: $(docker --version 2>/dev/null)" || echo "No docker"
command -v podman >/dev/null 2>&1 && echo "Podman: $(podman --version 2>/dev/null)" || echo "No podman"
command -v kubectl >/dev/null 2>&1 && echo "kubectl present" || echo "No kubectl"
# ====================== PACKAGE MANAGERS ======================
header "PACKAGE MANAGERS"
command -v apt >/dev/null 2>&1 && echo "APT upgradable: $(apt list --upgradable 2>/dev/null | wc -l)"
command -v dnf >/dev/null 2>&1 && echo "DNF present"
command -v pacman >/dev/null 2>&1 && echo "Pacman present"
# ====================== FINAL ======================
header "CAVITY SEARCH COMPLETE"
echo "All accessible subsystems inspected."
if [ -d "$ANAPROBE_DIR" ]; then
echo "Full raw files saved to $ANAPROBE_DIR"
echo " → lsblk_full.txt, sysctl_full.txt, firewall_*.txt, grub.cfg, etc."
fi
echo
echo "Recommended: sudo ./anaprobe.sh > anaprobe_$(hostname)_$(date +%Y%m%d_%H%M).txt"
Sign up for free to join this conversation on GitHub. Already have an account? Sign in to comment