The rootstealer tool shows an attack that uses X11 by injecting commands via the X11 library (libX11). It detects when the user opens a terminal with root permissions, then activates its predefined commands.
Missing a favorite tool in this list? Share a tool suggestion and we will review it.
LSE is the place where Linux security experts are trained. With labs, in-depth guides, and a lot of Linux security tools.