EvilAbigail alternatives
Looking for an alternative tool to replace EvilAbigail? During the review of EvilAbigail we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.
Top 3
- ClamAV (malware scanner)
- Rootkit Hunter (malware scanner)
- WeBaCoo (backdoor tool for web applications)
These tools are ranked as the best alternatives to EvilAbigail.
Alternatives (by score)
ClamAV
Introduction
ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.
Project details
ClamAV is written in C.
Strengths and weaknesses
- + Many maintainers
- + The source code of this software is available
Typical usage
- Malware analysis
- Malware detection
- Malware scanning
Rootkit Hunter (rkhunter)
Introduction
Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.
The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.
Project details
Rootkit Hunter is written in shell script.
Strengths and weaknesses
- + Used language is shell script
- + Project is mature (10+ years)
- + The source code of this software is available
Typical usage
- Malware detection
- Malware scanning
WeBaCoo
Introduction
WeBaCoo could be useful for penetration tests and security assessments, to test the effectiveness of security monitoring solutions.
Project details
WeBaCoo is written in Perl, Ruby.
Strengths and weaknesses
- + The source code of this software is available
Typical usage
- Application testing
- Penetration testing
chkrootkit
Introduction
The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.
Some areas that are checked include:
- interface in promiscuous mode
- lastlog deletions
- wtmp deletions
- wtmpx deletions
- signs of LKM trojans
- utmp deletions
Project details
chkrootkit is written in C, shell script.
Strengths and weaknesses
- + Used language is shell script
- + Project is mature (10+ years)
- - Long time between releases
Typical usage
- Malware detection
- Malware scanning
sshLooter
Introduction
The most likely use for tools like this is backdoor a system after root permissions were gained. By planting it into the PAM stack, it allows for password sniffing.
Project details
sshLooter is written in Python, shell script.
Strengths and weaknesses
- + The source code is easy to read and understand
- - Unknown project license
Typical usage
- Information snooping
- Password discovery
- Password sniffing
Some relevant tool missing as an alternative to EvilAbigail? Please contact us with your suggestion.