EvilAbigail alternatives

Looking for an alternative tool to replace EvilAbigail? During the review of EvilAbigail we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. chkrootkit (malware scanner)
  2. ClamAV (malware scanner)
  3. Rootkit Hunter (malware scanner)

These tools are ranked as the best alternatives to EvilAbigail.

Alternatives (by score)

59

chkrootkit

Introduction

The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

Some areas that are checked include:

  • interface in promiscuous mode
  • lastlog deletions
  • wtmp deletions
  • wtmpx deletions
  • signs of LKM trojans
  • utmp deletions

Project details

chkrootkit is written in C, shell script.

Strengths and weaknesses

  • + Used language is shell script
  • + Project is mature (10+ years)
  • - Long time between releases

Typical usage

  • Malware detection
  • Malware scanning

chkrootkit review

78

ClamAV

Introduction

ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.

Project details

ClamAV is written in C.

Strengths and weaknesses

  • + Many maintainers
  • + The source code of this software is available

    Typical usage

    • Malware analysis
    • Malware detection
    • Malware scanning

    ClamAV review

    59

    Rootkit Hunter (rkhunter)

    Introduction

    Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

    The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

    Project details

    Rootkit Hunter is written in shell script.

    Strengths and weaknesses

    • + Used language is shell script
    • + Project is mature (10+ years)
    • + The source code of this software is available

      Typical usage

      • Malware detection
      • Malware scanning

      Rootkit Hunter review

      56

      sshLooter

      Introduction

      The most likely use for tools like this is backdoor a system after root permissions were gained. By planting it into the PAM stack, it allows for password sniffing.

      Project details

      sshLooter is written in Python, shell script.

      Strengths and weaknesses

      • + The source code is easy to read and understand
      • - Unknown project license

      Typical usage

      • Information snooping
      • Password discovery
      • Password sniffing

      sshLooter review

      60

      WeBaCoo

      Introduction

      WeBaCoo could be useful for penetration tests and security assessments, to test the effectiveness of security monitoring solutions.

      Project details

      WeBaCoo is written in Perl, Ruby.

      Strengths and weaknesses

      • + The source code of this software is available

        Typical usage

        • Application testing
        • Penetration testing

        WeBaCoo review

        Some relevant tool missing as an alternative to EvilAbigail? Please contact us with your suggestion.