An easy way to check for things like rootkits, reverse shells, bind shells, or other indicators of compromise on Linux, looking at task scheduling (such as cron and systemd timers), suspicious command history, network connections, logged in users, recent logins, aliases, PATH variable, and more!
ChicagolandSoftware/rootkit_finder
Folders and files
| Name | Name | Last commit date | ||
|---|---|---|---|---|