chkrootKit is a free and open-source security scanner designed to detect known rootkits.

It scans your system for signs of rootkits, which are malicious programs that can grant unauthorized access and control over a compromised system.

It contains various programs/scripts which include:

• chkrootkit – a shell script that checks system binaries for rootkit modification.
• ifpromisc.c – it checks if an interface is in promiscuous mode.
• chklastlog.c – this checks for lastlog deletions.
• chkwtmp.c – this checks for wtmp deletions.
• check_wtmpx.c – checks for wtmpx deletions (Solaris only).
• chkproc.c – checks for signs of LKM trojans.
• chkdirs.c – this checks for signs of LKM trojans.
• strings.c – it performs quick and dirty string replacement.
• chkutmp.c – this checks for utmp deletions.

Install chkrootkit

https://www.chkrootkit.org/