chkrootkit (Check Rootkit) is a Unix-based program intended to help system administrators check their system for local signs of known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.
chkrootkit (Check Rootkit) is a Unix-based program intended to help system administrators check their system for local signs of known rootkits. It is a shell script using common UNIX/Linux tools like the strings and grep commands to search core system programs for signatures and for comparing a traversal of the /proc filesystem with the output of the ps (process status) command to look for discrepancies.
It can be used from a rescue disc (typically a live CD) or it can optionally use an alternative directory from which to run all of its commands. These techniques allow chkrootkit to trust the commands upon which it depends a bit more.
Discovered by embedding cosine similarity (sentence-transformers MiniLM, 384-dim).