EvilAbigail alternatives

Looking for a better tool, or simply want to learn about alternatives? There is typically more than one option.

Alternatives (by tag)

74

Alternative: chkrootkit

chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

Some areas that are checked include:

  • interface in promiscuous mode
  • lastlog deletions
  • wtmp deletions
  • wtmpx deletions
  • signs of LKM trojans
  • utmp deletions

Project details

chkrootkit is written in C, shell script.

Strengths

  • + Used language is shell script
  • + Project is mature (10+ years)

Weaknesses

  • - Long time between releases

Typical usage

  • malware scan

chkrootkit project page

81

Alternative: ClamAV

ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.

ClamAV is a popular scan engine to detect malicious software (malware).

Project details

ClamAV is written in C.

Strengths

  • + Many maintainers
  • + The source code of this software is available

Typical usage

  • malware scan

ClamAV project page

81

Alternative: Rootkit Hunter (rkhunter)

Security tool to search for traces of rootkits, backdoors, and other malicious components on systems running Linux and other flavors of Unix

Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

Project details

Rootkit Hunter is written in shell script.

Strengths

  • + Used language is shell script
  • + Project is mature (10+ years)
  • + The source code of this software is available

Typical usage

  • malware scan

Rootkit Hunter project page

60

Alternative: WeBaCoo

WeBaCoo is short for Web Backdoor Cookie Script-Kit. It is a tool to get a backdoor that is controlled by a specified cookie.

Project details

WeBaCoo is written in Perl, Ruby.

Strengths

  • + The source code of this software is available

Typical usage

  • application testing
  • penetration test

WeBaCoo project page