Rootkit Hunter (rkhunter)
Tool and Usage
|Programming language||shell script|
|Latest release||1.4.4 |
Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.
The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.
The rkhunter project was originally created by Michael Boelen in 2003. Michael agreed to hand over development in 2006 to a project team so development could continue.
Usage and audience
Rootkit Hunter is commonly used for malware detection or malware scanning. Target users for this tool are system administrators.
- Command line interface
Tool review and remarks
The review and analysis of this project resulted in the following remarks for this security tool:
- + Used language is shell script
- + Project is mature (10+ years)
- + The source code of this software is available
History and highlights
|2006||Project development was handed over to project team|
|2003||Project was started by Michael Boelen|
Supported operating systems
Rootkit Hunter is known to work on AIX, FreeBSD, Linux, macOS, NetBSD, OpenBSD, and Solaris.
Rootkit Hunter alternatives
Similar tools to Rootkit Hunter:
chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.
ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.
Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.
Found an improvement? Help the community by submitting an update.