A Script To Monitor Application Network Connections 🔒 How would you spot a reverse shell such as was used in Lexus Nexus breach?

teriradichel@infosec.exchange

A Script To Monitor Application Network Connections How would you spot a reverse shell such as was used in Lexus Nexus breach? I vibe coded this script to see parent and child processes with application paths, process names, IPs, ports, IN or OUT.

I combined output from different tools to make an easier to read format. You’d want to use a different script to detect beaconong and it won’t catch everything but it’s still a good way to spot things that shouldn’t be on your network at a glance.

A Script To Monitor Application Network Connections

Considering how to spot rogue network traffic such as a reverse shell used in the Lexus Nexus breach

(teriradichel.substack.com)