WeBaCoo alternatives

Looking for an alternative tool to replace WeBaCoo? During the review of WeBaCoo we looked at other open source tools. Based on their category, tags, and text, these are the ones that have the best match.

Top 3

  1. chkrootkit (malware scanner)
  2. ClamAV (malware scanner)
  3. EvilAbigail (automation of evil made attack against Linux)

These tools are ranked as the best alternatives to WeBaCoo.

Alternatives (by score)

59

chkrootkit

Introduction

The chkrootkit tool consists of multiple parts that may detect the presence of rootkit parts of rootkit behavior on a system.

Some areas that are checked include:

  • interface in promiscuous mode
  • lastlog deletions
  • wtmp deletions
  • wtmpx deletions
  • signs of LKM trojans
  • utmp deletions

Project details

chkrootkit is written in C, shell script.

Strengths and weaknesses

  • + Used language is shell script
  • + Project is mature (10+ years)
  • - Long time between releases

Typical usage

  • Malware detection
  • Malware scanning

chkrootkit review

100

ClamAV

Introduction

ClamAV is a popular tool to detect malicious software or malware. While it calls itself an antivirus engine, it probably won't encounter many viruses, as they have become rare. It is more likely to find other forms of malware like worms, backdoors, and ransomware. ClamAV can be used in a few ways, from doing an occasional scan up to scanning in batch. ClamAV does not do on-access scanning but can be combined with other tools to obtain similar functionality. ClamAV is often used to support scanning incoming emails for malicious content.

Project details

ClamAV is written in C.

Strengths and weaknesses

  • + Many maintainers
  • + The source code of this software is available

    Typical usage

    • Malware analysis
    • Malware detection
    • Malware scanning

    ClamAV review

    64

    EvilAbigail

    Introduction

    This tool is used to perform an attack that is known as "evil maid".

    Project details

    59

    Rootkit Hunter (rkhunter)

    Introduction

    Rootkit Hunter is a small utility to find suspicious rootkit components. Other known backdoors or malicious software can also be discovered, especially if it has the goal to hide.

    The tool uses different ways to hunt, like using predefined directory locations and comparing the output of system utilities. Another method is by requesting a specific output and see if this output is altered, therefore tricking rootkits to reveal themselves.

    Project details

    Rootkit Hunter is written in shell script.

    Strengths and weaknesses

    • + Used language is shell script
    • + Project is mature (10+ years)
    • + The source code of this software is available

      Typical usage

      • Malware detection
      • Malware scanning

      Rootkit Hunter review

      56

      sshLooter

      Introduction

      The most likely use for tools like this is backdoor a system after root permissions were gained. By planting it into the PAM stack, it allows for password sniffing.

      Project details

      sshLooter is written in Python, shell script.

      Strengths and weaknesses

      • + The source code is easy to read and understand
      • - Unknown project license

      Typical usage

      • Information snooping
      • Password discovery
      • Password sniffing

      sshLooter review

      78

      Wappalyzer

      Introduction

      Wappalyzer can be a useful asset when performing reconnaissance on a particular target like a web application or website. It helps to find what software is used to run a particular page. Components that can be detected are the content management system (CMS), JavaScript framework, e-commerce software, web server, and more.

      Project details

      Wappalyzer is written in Node.js.

      Strengths and weaknesses

      • + Has 300+ contributors
      • + More than 4000 GitHub stars
      • + Many releases available
      • + The source code of this software is available

        Typical usage

        • Information gathering
        • Reconnaissance
        • Software identification

        Wappalyzer review

        93

        ZAP (Zed Attack Proxy)

        Introduction

        ZAP is an intercepting proxy of web traffic. You will need to configure your browser to connect to the web application you wish to test through ZAP.

        Note: Zed Attack Proxy, or ZAP, is also known as zaproxy.

        Project details

        ZAP is written in Java.

        Strengths and weaknesses

        • + More than 50 contributors
        • + More than 2000 GitHub stars
        • + Many maintainers
        • + The source code of this software is available
        • - Many reported issues are still open

        Typical usage

        • Penetration testing
        • Security assessment
        • Software testing
        • Web application analysis

        ZAP review

        Some relevant tool missing as an alternative to WeBaCoo? Please contact us with your suggestion.