How can i check my Linux OS for malicious contents and codes? Taking in consideration the harmful and malicious environment we work in. Chkrootkit and other old school tools won’t work here they probably won’t contain such samples of new codes and files.
ClamAV is your best bet.
Have you checked lynis?
Does it also check for spywares? Kinda being a noob here. Like those of msfvenom?
simplest way to check for virus is that check your OS startup files or configuration software
for example, if you are in linux,
Open Autostart file with any text editor, Autostart File Path:
if you add these five lines in it
[Desktop Entry] Type=Application X-GNOME-Autostart-enabled=true Name=Xinput Exec="destination_file_name"
files becomes persistence, as system when reboots, it automatically runs the executable.
By looking the last line, we can easily find the path where the evil file is stored.
Simply delete it and restart your pc
i know two methods to make file persistence:
one is, add a registry entry in this path
and other one is,
paste the evil file in this directory,
or simple checks for temp or appdata directory carefully.
as most virus store themself there in windows
There’s no use of scanning OS such as Kali and Parrotsec for malwares and unwanted piece of codes with any AV as these OS themselves contains suspicious tools and codes for hacking hence making every or at least most of the tools fall under the category of suspicious files. Best way is to check manually and remove those files or if you highly suspect that you are being targeted just get the shit out of there, fresh install your OS and stay cautious.
@An101 Don’t spread spam and unnecessary messages. We don’t need them. For such messages do PM instead if really needed.
If such behaviour continues then you may face a strict action. No cross posting allowed here.
Looks like Moderator had done his work and banned Ano101 and deleted his posts.
Yes i dd it in order to ensure our community stays healthy and spam free. Community Guidelines violations won’t be tolerated here.