Welcome to IPBForumSkins Demo
Register now to gain access to all of our features. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more. If you already have an account, login here - otherwise create an account for free today!
Video Games

Video Games Community


Nu sunteti conectat. Conectati-va sau inregistrati-va

 »  Video Games | Resurse » Programe » 

Unhide-hidden processes and tpc/udp ports by rotkits

Vezi subiectul anterior Vezi subiectul urmator In jos  Mesaj [Pagina 1 din 1]

1 Unhide-hidden processes and tpc/udp ports by rotkits la data de Mier Feb 25, 2015 1:19 am

aNdz0r

avatar

Founder

   Founder
Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique. Unhide runs in Unix/Linux and Windows Systems. It implements six main techniques.


   Features



       Compare /proc vs /bin/ps output
       Compare info gathered from /bin/ps with info gathered by walking thru the procfs. ONLY for unhide-linux version
       Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning).
       Full PIDs space ocupation (PIDs bruteforcing). ONLY for unhide-linux version
       Compare /bin/ps output vs /proc, procfs walking and syscall. ONLY for unhide-linux version. Reverse search, verify that all thread seen by ps are also seen in the kernel.
       Quick compare /proc, procfs walking and syscall vs /bin/ps output. ONLY for unhide-linux version. It’s about 20 times faster than tests 1+2+3 but maybe give more false positives.



   URL: http://www.unhide-forensics.info

   Via: ToolsWatch.org – The Hackers Arsenal Tools Portal » 2014 Top Security Tools as Voted by ToolsWatch.org Readers

Vezi profilul utilizatorului

Vezi subiectul anterior Vezi subiectul urmator Sus  Mesaj [Pagina 1 din 1]

Permisiunile acestui forum:
Nu puteti raspunde la subiectele acestui forum