The rootstealer tool shows an attack that uses X11 by injecting commands via the X11 library (libX11). It detects when the user opens a terminal with root permissions, then activates its predefined commands.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.
Looking for more specific topics within this tool group? Have a look at the following relevant topics.
LSE is the place where Linux security experts are trained. With labs, in-depth guides, and a lot of Linux security tools.