chkrootkit
« Back to VersTracker
Description:
Rootkit detector
Type: Formula  |  Latest Version: 0.58b@0  |  Tracked Since: Dec 17, 2025
Links: Homepage  |  formulae.brew.sh
Category: Security
Tags: security rootkit auditing system-utility forensics
Install: brew install chkrootkit
About:
Chkrootkit is a locally installed security tool that checks for signs of a rootkit on the system. It works by analyzing binary files and system binaries for known trojans, checking for modified network interfaces, and looking for suspicious processes. Its primary value is providing a quick, offline method for system administrators to detect potential system compromises.
Key Features:
  • Checks for known rootkits and LKM trojans
  • Verifies integrity of system binaries
  • Detects hidden network interfaces and promiscuous mode
  • Lightweight and runs locally without dependencies
Use Cases:
  • Performing a quick security audit on a Linux server
  • Verifying system integrity after a suspected breach
  • Routine checks for unauthorized modifications
Alternatives:
  • rkhunter – rkhunter performs similar checks but maintains a database of file hashes for more comprehensive integrity verification.
License: GPL-2.0-or-later
Bottles available for: arm64_tahoe, arm64_sequoia, arm64_sonoma, arm64_ventura, sonoma, ventura, arm64_linux, x86_64_linux
Version History
Detected Version Rev Change Commit
Sep 12, 2025 8:48pm 0 VERSION_BUMP 66085c4f
« Back to VersTracker  |  Browse Packages  |  About