rootkits Archives - Sandfly Security

Linux Stealth Rootkit Process Decloaking Tool – sandfly-processdecloak

August 17, 2020

We have released a new tool called sandfly-processdecloak designed to decloak hidden processes from two common and easily deployed Linux Loadable Kernel Module (LKM) stealth rootkits: Diamorphine and Reptile. You can download the tool from …

Detect Linux Loadable Kernel Module Stealth Rootkits Agentlessly with Sandfly

May 30, 2018April 27, 2018

Watch Sandfly’s agentless intrusion detection and threat hunting technology detect a Linux stealth rootkit. Sandfly automates the investigation and alerting of Linux rootkit compromises so you can respond quickly to threats. Hunt for rootkits. Don’t …