ITP prochunter -- find hidden processes on Linux

Subject: ITP prochunter -- find hidden processes on Linux
From: samueloph@gmail.com (Samuel Henrique)
Date: Sat, 11 Nov 2017 11:34:13 -0200
Message-id: <[🔎] CABwkT9p2L5cww=ZkoRGTPZeQg6zEHcPCN0SsPKA368dfENHZOg@mail.gmail.com>

Package: wnpp
Owner: "Samuel Henrique" <samueloph at gmail.com>
Severity: wishlist

?* Package name    : prochunter
  Upstream Author : nowayout <spartak at autistici.org>
* URL             : https://gitlab.com/nowayout/prochunter
<https://psypanda.github.io/hashID/>
* License         : GPLv2
  Programming Lang: Python, C
  Description     : Find hidden process with all userspace and most of the
kernelspace rootkits

?Prochunter aims to find hidden process with all userspace and most of the
kernelspace rootkits.
This tool is composed of a kernel module that prints out all running
processes walking the task_struct list and creates
/sys/kernel/proc_hunter/set entry. A python script that
invokes
the kernel function and diffs the module output with processes list
collected from userspace (/proc walking).?

?I intend to maintain this package under the pkg-security team.?


-- 
Samuel Henrique <samueloph>
-------------- next part --------------
An HTML attachment was scrubbed...
URL: <http://lists.alioth.debian.org/pipermail/pkg-security-team/attachments/20171111/9a23a7f4/attachment.html>

Reply to:

Prev by Date: yara_3.7.0-3_source.changes ACCEPTED into unstable
Next by Date: dislocker_0.7.1-3~bpo9+1_amd64.changes ACCEPTED into stretch-backports, stretch-backports
Previous by thread: yara_3.7.0-3_source.changes ACCEPTED into unstable
Next by thread: dislocker_0.7.1-3~bpo9+1_amd64.changes ACCEPTED into stretch-backports, stretch-backports
Index(es):
- Date
- Thread