BeanBagKing/hunting.sh

## hunting.sh
# Linux - Look for attempts to hide files (note the spaces)
find / \( -name '. ' -o -name '.. ' -o -name '...' -o -name ' ' \)

# Linux - Find last 20 modified files
### Excluded directoreis for /proc, /sys
### Excludes /tmp/sort* as these are used by this process
##### Exclude directory - find . -type d \( -path dir1 -o -path dir2 -o -path dir3 \) -prune -o -print
find / -type d \( -path /proc -o -path /sys \) -prune -o -print -type f ! -wholename "/tmp/sort*" -exec stat --format '%Y :%y %n' "{}" \; | sort -nr | cut -d: -f2- | head

# Find 20 largest files
find / -type f -exec du -Sh {} + | sort -rh | head -n 20

# Find all files larger than * (somewhat sorted by size)
find / -type f -size +10M -exec ls -lh {} \; | sort -k 5 -r
	# Linux - Look for attempts to hide files (note the spaces)
	find / \( -name '. ' -o -name '.. ' -o -name '...' -o -name ' ' \)

	# Linux - Find last 20 modified files
	### Excluded directoreis for /proc, /sys
	### Excludes /tmp/sort* as these are used by this process
	##### Exclude directory - find . -type d \( -path dir1 -o -path dir2 -o -path dir3 \) -prune -o -print
	find / -type d \( -path /proc -o -path /sys \) -prune -o -print -type f ! -wholename "/tmp/sort*" -exec stat --format '%Y :%y %n' "{}" \; \| sort -nr \| cut -d: -f2- \| head

	# Find 20 largest files
	find / -type f -exec du -Sh {} + \| sort -rh \| head -n 20

	# Find all files larger than * (somewhat sorted by size)
	find / -type f -size +10M -exec ls -lh {} \; \| sort -k 5 -r