rootkit-detection topic

List rootkit-detection repositories

sharpeye

169
Stars
6
Forks
169
Watchers

SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System

verified publisher icon sgInnora

ghostscan

159
Stars
7
Forks
159
Watchers

A modern, Rust-powered Linux scanner that unmasks hidden rootkits, stealthy eBPF tricks, and ghost processes in one fast sweep (50+ scanners)

verified publisher icon h2337

sandfly-forensic-scripts

55
Stars
4
Forks
55
Watchers

Small scripts to help with Linux forensics and incident response.

verified publisher icon sandflysecurity

sandfly-kernel-module-decloak

35
Stars
4
Forks
35
Watchers

Scripts to decloak Linux Loadable Kernel Module (LKM) stealth rootkits.

verified publisher icon sandflysecurity

rootkit-detection-ebpf-time-trace

26
Stars
3
Forks
26
Watchers

Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.

verified publisher icon ait-aecid