chkrootKit is a free and open-source security scanner designed to detect known rootkits.
It scans your system for signs of rootkits, which are malicious programs that can grant unauthorized access and control over a compromised system.
It contains various programs/scripts which include:
chkrootkit – a shell script that checks system binaries for rootkit modification.
ifpromisc.c – it checks if an interface is in promiscuous mode.
chklastlog.c – this checks for lastlog deletions.
chkwtmp.c – this checks for wtmp deletions.
check_wtmpx.c – checks for wtmpx deletions (Solaris only).
chkproc.c – checks for signs of LKM trojans.
chkdirs.c – this checks for signs of LKM trojans.
strings.c – it performs quick and dirty string replacement.
chkutmp.c – this checks for utmp deletions.
Install chkrootkit