Linux Forensics

Evasive Linux Malware Detection Video Presentation (BPFDoor)

Linux Forensics
Videos
Presentations
Linux Security
Malware
Education
November 14, 2023

Sandfly founder Craig Rowland recently spoke at the Oslo Cold Incident Response Conference on evasive Linux malware. Although talks were not recorded, he made a video of the presentation he gave…

Detecting Evasive Linux Malware Presentation

Rootkits
Education
Linux Forensics
Malware
October 20, 2023

Sandfly founder Craig Rowland gave a presentation for the FIRST Cold Incident Response Conference in Oslo on evasive Linux backdoors and malware below: Evasive Linux Backdoors and Malware…

SSH Key Compromise Risks and Countermeasures

Malware
Linux Security
Linux Forensics
Education
June 26, 2023

When it comes to securing Linux systems, Secure Shell (SSH) has been one of the most dependable tools at a sysadmin's disposal. However, with every technology solution, there are potential pitfalls…

Linux Stealth Rootkit Process Decloaking Tool Updated

Linux Forensics
Rootkits
Malware
November 21, 2022

Decloaking Linux stealth rootkits that are hiding processes from view is easy with our free tool sandfly-processdecloak which has been updated below: sandfly-processdecloak on Github This free tool…

How To Detect and Decloak Linux Stealth Rootkit Data

Rootkits
Linux Forensics
November 15, 2022

Linux stealth rookits have a variety of mechanisms to hide on a host. Aside from standard tactics such as hiding running processes (which we show you how to decloak here ), they also can hide data…

Sandfly Linux File Entropy Scanner Updated

Malware
Linux Security
Linux Forensics
June 30, 2022

Our entropy scanner sandfly-filescan has been updated and renamed to sandfly-entropyscan and now features Linux process scanning to help quickly spot packed and encrypted malware. You can get it…