Tool and Usage
|Latest release||No release found|
Why this tool?
Tools like rootkits are often used by attackers to conceal their presence. Rootkits are a good source to understand malware and help with improving analysis skills. This rootkit focuses on anti-debugging and anti-detection. The availability of the source can be very helpful to understand the related risks.
How it works
Azazel is a userland rootkit that uses a library loading technique (LD_PRELOAD). Via this technique, it can intercept system calls and remain hidden.
Usage and audience
Azazel is commonly used for malware analysis. Target users for this tool are security professionals.
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + The source code of this software is available
Similar tools to Azazel:
chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.
Diamorphine is a so-called LKM rootkit for Linux. It runs on different kernels in the 2.6, 3.x, and 4.x branch.
Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix
Found an improvement? Help the community by submitting an update.
Related tool information
This tool is categorized as a Linux rootkit.