Rootkit Hunter (rkhunter)

LSE toolsLSE toolsRootkit Hunter (470)Rootkit Hunter (470)

Tool and Usage

Project details
LicenseGPLv3
Programming languageshell script
AuthorMichael Boelen
Latest release1.4.4 []

Project health

59
This score is calculated by different factors, like project age, last release date, etc.

Introduction

Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

Background information

The rkhunter project was originally created by Michael Boelen in 2003. Michael agreed to hand over development in 2006 to a project team so development could continue.

Usage and audience

Rootkit Hunter is commonly used for malware detection or malware scanning. Target users for this tool are system administrators.

Features

  • Command line interface

Tool review and remarks

The review and analysis of this project resulted in the following remarks for this security tool:

Strengths

  • + Used language is shell script
  • + Project is mature (10+ years)
  • + The source code of this software is available

History and highlights

YearEvent
2006Project development was handed over to project team
2003Project was started by Michael Boelen

Author and Maintainers

Rootkit Hunter was created by Michael Boelen. Currently the project is managed by John Horne.

Installation

Supported operating systems

Rootkit Hunter is known to work on AIX, FreeBSD, Linux, macOS, NetBSD, OpenBSD, and Solaris.

Rootkit Hunter alternatives

Similar tools to Rootkit Hunter:

59

chkrootkit

chkrootkit is a malware scanner to locally check for signs of a rootkit. It is written in shell script and runs on the host system itself.

100

ClamAV

ClamAV is an open source antivirus engine. It can detect malicious software (malware) like trojans, viruses, backdoors and other related threats.

97

LMD

Linux Malware Detect (LMD) is a malware scanner for systems running Linux. The open source software project is released with the GPLv2 license.

All Rootkit Hunter alternatives

Found an improvement? Help the community by submitting an update.

Related tool information

Compare Rootkit Hunter with other tools

Categories

This tool is categorized as a Linux malware detection tool and Linux rootkit scanner.