Session hijacking tools


rootstealer (command injector for X11)

session hijacking

The rootstealer tool shows an attack that uses X11 by injecting commands via the X11 library (libX11). It detects when the user opens a terminal with root permissions, then activates its predefined commands.

Missing a favorite tool in this list? Share a tool suggestion and we will review it.