SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System
-
Updated
May 29, 2025 - Python
SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System
A modern, Rust-powered Linux scanner that unmasks hidden rootkits, stealthy eBPF tricks, and ghost processes in one fast sweep (45+ scanners)
Small scripts to help with Linux forensics and incident response.
Scripts to decloak Linux Loadable Kernel Module (LKM) stealth rootkits.
Detection of rootkit file hiding activities through analysis of shifts in kernel function execution times.
Linux-Defender 🛡️ A robust Linux hardening script for securing your system in one shot ⚙️🔐 ✅ Checks for rootkits, malware, and suspicious activity 🔥 Configures firewall, antivirus, and audit tools 🎯 Supports Arch, Debian, Kali, and Parrot OS 🕵️♂️ Includes kali-anonsurf support for anonymous browsing on Kali
Kernel-based rootkit detection tool with modules for detecting hidden processes, files, and kernel anomalies.
A tool that detects files and directories that may be hidden by trojan and rootkits on Unix platforms
Scan to oblivion—protect, cleanse, secure.
SharpEye: Advanced Linux Intrusion Detection and Threat Hunting System
Device-Security-Audit is a Python-based security audit tool that helps assess and enhance the security of your systems. It includes checks for Docker container vulnerabilities, rootkit detection, network traffic monitoring, and cloud and Kubernetes security. With customizable options and parallel task execution, it's simply the best.
A simple tool to uncover files, directories, and connections hidden by malware.
Cabbage is a simple python-based wrapper designed to automate and simplify post-mortem analysis of Solaris 10 kernel crash dumps and uncover evidence of rootkits and malicious activity.
🔍 Detect hidden kernel modules and rootkits using the sandfly-kernel-module-decloak script for enhanced Linux security and threat analysis.
🔍 Conduct a fast, one-shot sweep for Linux incident response, collecting actionable leads from various system components with ease.
Add a description, image, and links to the rootkit-detection topic page so that developers can more easily learn about it.
To associate your repository with the rootkit-detection topic, visit your repo's landing page and select "manage topics."