ch0ic3/awesome-malware-analysis
1
0
Fork 0
mirror of https://github.com/rshipp/awesome-malware-analysis.git synced 2024-12-22 20:26:08 +00:00
Code Issues Actions Packages Projects Releases Wiki Activity

Add Linux rootkit detectors

Browse Source
This commit is contained in:
rshipp 2015-05-09 11:35:33 -06:00
parent ef137604d0
commit ca9d63cb6a
1 changed files with 2 additions and 0 deletions
Show Stats Download Patch File Download Diff File Expand all files Collapse all files

2
README.md
View File

@ -74,6 +74,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
* [AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a * [AnalyzePE](https://github.com/hiddenillusion/AnalyzePE) - Wrapper for a
variety of tools for reporting on Windows PE files. variety of tools for reporting on Windows PE files.
* [chkrootkit](http://www.chkrootkit.org/) - Local Linux rootkit detection.
* [ClamAV](http://www.clamav.net/index.html) - Open source antivirus engine. * [ClamAV](http://www.clamav.net/index.html) - Open source antivirus engine.
* [ExifTool](http://www.sno.phy.queensu.ca/~phil/exiftool/) - Read, write and * [ExifTool](http://www.sno.phy.queensu.ca/~phil/exiftool/) - Read, write and
edit file metadata. edit file metadata.
@ -83,6 +84,7 @@ A curated list of awesome malware analysis tools and resources. Inspired by
up hashes in NIST's National Software Reference Library database. up hashes in NIST's National Software Reference Library database.
* [packerid](http://handlers.sans.org/jclausing/packerid.py) - A cross-platform * [packerid](http://handlers.sans.org/jclausing/packerid.py) - A cross-platform
Python alternative to PEiD. Python alternative to PEiD.
* [Rootkit Hunter](http://rkhunter.sourceforge.net/) - Detect Linux rootkits.
* [ssdeep](http://ssdeep.sourceforge.net/) - Compute fuzzy hashes. * [ssdeep](http://ssdeep.sourceforge.net/) - Compute fuzzy hashes.
* [totalhash.py](https://gist.github.com/malc0de/10270150) - Python script * [totalhash.py](https://gist.github.com/malc0de/10270150) - Python script
for easy searching of the [TotalHash.com](http://totalhash.com/) database. for easy searching of the [TotalHash.com](http://totalhash.com/) database.