Discover hidden processes and listening ports

• August 25, 2015
• Linux

If you ever suspect your system has been hacked, one of the first tools I check against is unhide. It will let you know if any processes (or ports) are hidden from the system. It can be installed with all major package systems (apt/yum/ports/etc) or you can download it directly from the developers website @ http://www.unhide-forensics.info/.

To use the application:

unhide proc
unhide sys
unhide brute

 
also bundled with the application is unhide-tcp to find hidden applications using tcp or udp ports:

unhide-tcp

 
NOTE: There is also a Windows version, but i’ve not used it myself so your milage may vary.