Introduction

When you’re handed the keys to a virtual machine (VM) without documentation — no network diagrams, no SOPs, no nothing — it’s like walking into a datacenter blindfolded. This post shows how you can quickly profile the system, identify critical configurations, assess security posture, and inventory applications using a systematic Bash script.

Reality Check

Note: Many organizations restrict root access, direct file system scans, or bulk configuration dumps — for valid security reasons. The level of access this script assumes is often only available in lab, dev, or smaller org setups. Always check with your security team before running such scripts in production.

1. Identify the Landscape

Start with basic VM profiling:

  • Hostname and OS details
  • Memory, disk, and root access check
  • SSH status

Script Insight:

hostname
cat /etc/*release
free -h
df -h /
ss -tuln | grep :22

2. Who’s Been Here Before?

Audit all user accounts, last login times, shells, and home directories. Look for any dormant or suspicious accounts.

Example:

getent passwd
lastlog

3. Explore User Environments

Understand user behavior:

  • Shell aliases
  • Environment variables
  • SSH keys and known hosts

These give clues about frequently used tools and remote access patterns.

4. Inventory What’s Installed

Identify packages, services, and manually installed software:

  • Use dpkg, rpm, or systemctl
  • Parse command histories (.bash_history) for install commands

This is especially useful for recreating environments or detecting manual tweaks.

5. Configuration Files and Services

Look for:

  • Config files in /etc/
  • VPN, firewall, and SSH configs
  • Cron jobs and auto-start services

You’ll find both intended and legacy configurations here — some of which may need cleanup.

6. Web and Network Stack

Check for:

  • Listening ports
  • Apache/Nginx server blocks
  • Docker or Podman containers
  • SSL certificate locations and expiration

This helps identify publicly accessible apps and how traffic is routed.

7. Infrastructure Components

The script scans for:

  • Kubernetes clusters
  • LXD/LXC containers
  • Logging/monitoring tools
  • Configuration management (Chef, Puppet)

Knowing what’s managing what saves hours of troubleshooting.

8. Security Concerns

Flag large files, git repos, and potentially suspicious processes. Also, look for:

  • SSO systems (LDAP, Okta, Kerberos)
  • Cloud credentials or SDK configs (AWS, GCP, Azure)

Conclusion: Structure Before Strategy

Once you’ve mapped out the VM, only then can you:

  • Triage security risks
  • Design automation
  • Implement monitoring
  • Apply hardening steps

Final Tip

Turn this script into an Ansible playbook or systemd timer to periodically snapshot system state — especially in dev/test VMs.

Trending now

How a Single Character Can Save You Thousands in BigQuery
71 seconds to build your free custom webhook (Illustrated step by step)
99 seconds to make bitcoin call your phone number
99 seconds to make bitcoin send you Telegram messages