LSE toolsLSE toolsEvilAbigail (268)EvilAbigail (268)

Tool and Usage

Evil Abigail automates a so-called evil maid attack. It does so by backdooring the initial ramdisk (initrd) of Linux systems.

Why this tool?

This tool is used to perform an attack that is known as "evil maid".

How it works

For this attack, physical access is needed. After booting from an alternative disk, the initrd of Linux is backdoored. This backdoor can be used to gain access to the system.

Usage and audience

EvilAbigail is commonly used for offensive security. Target users for this tool are pentesters and security professionals.

Author and Maintainers

EvilAbigail is under development by Rory McNamara.


Supported operating systems

EvilAbigail is known to work on Linux.

EvilAbigail alternatives

Similar tools to EvilAbigail:



chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.



ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.


Rootkit Hunter

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix

See all alternatives tools for EvilAbigail »

Found an improvement? Become an influencer and submit an update.
Project details
Latest releaseNo release found

Project health

This score is calculated by different factors, like project age, last release date, etc.


GitHub iconEvilAbigail GitHub project


This tool is categorized as a system backdooring tool.

Related terms