Unhide is a forensic tool to find hidden processes and TCP/UDP ports by rootkits / LKMs or by another hidden technique.
// Unhide (ps) Detecting hidden processes. Implements three techniques ·Compare /proc vs /bin/ps output ·Compare info gathered from /bin/ps with info gathered from syscalls (syscall scanning) ·Full PIDs space ocupation (PIDs bruteforcing) // Unhide-TCP Identify TCP/UDP ports that are listening but not listed in /bin/netstat doing brute forcing of all TCP/UDP ports availables. ------------- http://www.security-projects.com/?Unhide
