what are seer scripts?

The Seer Suite is a collection of Bash scripts I wrote to see through the surface of any Unix system—files, processes, packages or the network, like magic! If you’ve ever wanted ls, lsof, ps, and a pile of forensics tools to just play nice together, this suite is for you. They’re as fast, portable, and 100% terminal-friendly as possible.

Born from an old work forensics script (“maxinfo”) and endlessly polished on sleepless nights. If you like transparency, you’ll love these.


🔗 View Seer Scripts on GitHub


features

  • Inspect any file—see type, stat, hashes, attributes, metadata, and more
  • Analyze processes by pattern, PID, tree, or open ports
  • Cross-distro package lookup and info (supports major Linux/BSD package managers)
  • LAN and network inspection (interfaces, routes, live hosts, port checks)
  • Shared Bash helper library for DRY code
  • Human-friendly output, color where supported
  • Built to be safe, readable, and easy to hack

why did i write this?

I do a lot of digital forensics work and deep dives and I needed to automate some of the commands I always found myself running manually. The concept behind these was to have a way to zoom in and see all the info for various parts of the system. Basically, automate the boring stuff! I tested extensively and made an effort to be cross-platform friendly and useful in the real world.


usage

Clone/download all scripts (and dotlib.sh!), then make them executable:

git clone https://github.com/forfaxx/seer-suite.git
cd seer-suite
chmod +x *.sh
# (Make sure dotlib.sh is present, or set $DOTFILES for your dotfiles path)

Sample output

./file-seer.sh inspect ~/Downloads/unknown_file

──────────────────────────────
🧾 File: secret.img
──────────────────────────────
Type:          regular file
Size:          1.4 MB
MIME:          application/octet-stream
SHA256:        f0e1d2c3b4a59687e5f4...
Permissions:   rw-r--r--
Owner:         grumble:users
Created:       2024-11-20 03:17:44
Modified:      2024-12-01 21:55:10
Attributes:    (none)

🔍 Stat Summary:
Device: 803h/2051d  Inode: 1284421   Links: 1
Blocks: 2800        IO Block: 4096   regular file

🔑 Extended Attributes:
- (none)

📚 Metadata:
- (no embedded metadata)

───────────────
Hexdump Preview (first 32 bytes)
───────────────
00000000  1f 8b 08 00 00 00 00 00  02 03 7c 0c 00 00 00 00  |..........|.....|
...

Cool bits

There are a few conventions that I really like in these scripts:

  • Subcommand pattern

Every script has a subcommand pattern just like git or docker—easy to remember, easy to extend.

case "$CMD" in
  search)   search_process "$@";;
  info)     process_info "$2";;
  tree)     process_tree;;
  ports)    process_ports;;
  help|*)   usage;;
esac
  • Cross-Platform and defensive patterns

Scripts start with set -euo pipefail to avoid hidden failures. All commands are wrapped to gracefully handle missing components. In cases like the use of ANSI color, I provide an option and handling to avoid polluting output where it isn’t desirable. The suite features these and more, friendly and robust conventions.


A glowing candle for the Seer Suite Happy seeing!