unhide
20210124_1Forensic tool to find hidden processes and TCP/UDP ports
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. It consists of two programs: unhide and unhide-tcp. unhide detects hidden processes through: * Comparison of /proc vs /bin/ps output. * Comparison of info gathered from /bin/ps with info gathered from. * Syscalls (syscall scanning). * Full PIDs space ocupation (PIDs bruteforcing). unhide-tcp identifies TCP/UDP ports that are listening but not listed in /bin/netstat by doing brute forcing of all TCP/UDP ports availables.
Origin: security/unhide
Category: security
Size: 1.29MiB
License: GPLv3
Maintainer: ntarmos@ceid.upatras.gr
Dependencies: 0 packages
Required by: 0 packages
Website: www.unhide-forensics.info
$
pkg install unhideMore in security
gnutls3.8.12
GNU Transport Layer Security librarypy311-cryptography45.0.7_2,1
Cryptographic recipes and primitives for Python developerslibgcrypt1.11.2
General purpose cryptographic library based on the code from GnuPGlibgpg-error1.58
Common error values for all GnuPG componentsca_root_nss3.117_2
Root certificate bundle from the Mozilla Projectcyrus-sasl2.1.28_5
RFC 2222 SASL (Simple Authentication and Security Layer)libsodium1.0.21
Library to build higher-level cryptographic toolsphp84-filter8.4.16
The filter shared extension for phplibsecret0.21.7_2
Library to access the secret service APIp5-IO-Socket-SSL2.095
Perl5 interface to SSL sockets