A little post-exploit tool that carefully clean *NIX access logs

A tool for dumping wtmp files and patching wtmp records

LogAnalysisTool: provide a new approach for pattern attack search and for calculation of severity of logins in Linux's Wtmp, Btmp and Secure log. Searched patterns: Brute Force, Password Spraying. Also check of IPWhois and Reputation. Plus utility functions.

Parsing utmp file

Using utmpx.h, LoginRecords Allows you to parse UTMP, WMTP and BTMP files on Linux

WuTamp is a forensic tool designed to parse corrupted `wtmpx` and `utmpx` files from Solaris hosts. Attackers may intentionally corrupt these log files, sometimes by inserting bytes at the beginning of the file to disrupt SPARC 4-byte alignment, or by overwriting/deleting usernames and hostnames within the record entries.