AQG Filesystem Scanner↑
The AQtive Guard Filesystem Scanner is a command-line application that scans the filesystem or a container image to find cryptographic material. The logged information is formatted for analysis by AQtive Guard.
Requirements↑
- Windows Server x64
- Linux x64 and kernel >= 4.0
How it works↑
Starting from the chosen root location, the AQG Filesystem Scanner goes through every file in the directory tree below, recursively descending into all subdirectories (without pursuing symbolic links). It tests the initial bytes of each file against a set of detectors for supported formats.
Note
The AQG Filesystem Scanner alters the access timestamp of files but won’t alter the modification and change timestamps. Additionally, the scanner only performs read-only actions, so it won’t lock files for other processes. A file with a mandatory or exclusive lock placed on it by another process will be skipped by the scanner, but the scanner will be able to access and open files with advisory locks on them.
It parses supported files and logs the cryptographic material in a format suitable for analysis by AQtive Guard. No sensitive data, such as private keys, is stored. In the case of encrypted keystores, if a password is provided, the AQG Filesystem Scanner also attempts to decrypt the encrypted portions using that password.