ITP prochunter -- find hidden processes on Linux
Samuel Henrique
samueloph at gmail.com
Sat Nov 11 13:34:13 UTC 2017
Package: wnpp
Owner: "Samuel Henrique" <samueloph at gmail.com>
Severity: wishlist
* Package name : prochunter
Upstream Author : nowayout <spartak at autistici.org>
* URL : https://gitlab.com/nowayout/prochunter
<https://psypanda.github.io/hashID/>
* License : GPLv2
Programming Lang: Python, C
Description : Find hidden process with all userspace and most of the
kernelspace rootkits
Prochunter aims to find hidden process with all userspace and most of the
kernelspace rootkits.
This tool is composed of a kernel module that prints out all running
processes walking the task_struct list and creates
/sys/kernel/proc_hunter/set entry. A python script that
invokes
the kernel function and diffs the module output with processes list
collected from userspace (/proc walking).
I intend to maintain this package under the pkg-security team.
--
Samuel Henrique <samueloph>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20171111/9a23a7f4/attachment.html>
More information about the Pkg-security-team
mailing list