UNHIDE FORENSIC TOOL
Unhide... ..is a forensic tool to find processes hidden by rootkits, Linux kernel modules or by other techniques. It detects hidden processes using six techniques: 1-Compare /proc vs /bin/ps output 2-Compare info gathered from /bin/ps with info gathered by walking thru the procfs. ONLY for Linux 2.6 version 3-Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning) . 4-Full PIDs space ocupation (PIDs bruteforcing). ONLY for Linux 2.6 version Compare /bin/ps output vs /proc , procfs walking and syscall. ONLY for Linux 2.6 version 5-Reverse search, verify that all thread seen by ps are also seen in the kernel. 6- Quick compare /proc, procfs walking and syscall vs /bin/ps output. ONLY for Linux 2.6 version. Unhide-TCP Unhide-tcp is a forensic tool that identifies TCP/UDP ports that are listening but are not list...