Linux is a free and open-source operating system similar to Unix.
The Linux Kernel was originally released in 1991 by Linus Torvalds as a hobby, but has become widely used worldwide.
Links to this note
- /dev/kmem
- /dev/mem
- /dev/null
- awk
- kprobe rootkits
- lsof
- phalanx rootkit
- sed
- udev
- unveilingsedexp-reichert2024
- auditinglinuxprocessesdeepdive-boelen2025
- insmod
- KoviD
- leveragingldaudittobeatldpreload-ribak2020
- libdl
- lsmod
- Main Index
- modinfo
- modprobe
- rkspotter
- rmmod
- gettinganattackeripaddressfromamaliciousatjob-rowland2019
- anatomyofreallinuxintrusion_mitmhoneypot-alonso2016
- knockknock-osxreverser2021
- incidentresponse-luttgens2014
- encrypted bind and reverse shells with socat - erev0s 2020
- metasploit shellcode grows up: encrypted and authenticated C shells-pace2019
- cunleashed-heathfield2000
- skuld-taniumcti2023
- chaos-blacklotuslabs2022
- chaos-goodin2022
- chaos-lang2023
- noabot-constantin2024
- borges2021
- procfs
- ps command
- stealthshell-petrich2024
- watchdog
- runtimeprocessinfection-anonymous2002
- linuxapts-great2020
- falseflags-kaspersky2017
- cron
- cesare1999
- Linus Torvalds
- … hidden directory
- /etc/fstab
- /etc/ld.so.preload persistence
- /proc/System.map
- /var/log
- /var/tmp
- adore
- AIDE
- Android
- APT groups focusing on Linux due to improvements in email filtering and Windows EDR
- Asahi Linux
- auditd
- ausyscall
- auth.log
- avml
- bash
- bash-static
- bdvl
- Berkeley r-commands
- Berkeley Sockets API
- BEURK
- Busybox
- cat command
- cd command
- chattr command
- chmod
- chmod command
- chown command
- chroot
- chsh
- CronRAT
- crontab persistence
- curses
- daemon
- date command
- ddostf
- default shell
- Diamorphine
- diff
- difficulties with Linux telemetry
- directory
- dmesg command
- ELF
- elfcore
- environment
- file command
- file descriptor
- files
- find command
- FUSE
- Gentoo Linux
- GNU ld
- grep
- homebrew (package manager)
- Hopper Disassembler
- hostnamectl
- id command
- init process
- init system
- insmod command
- IPFire
- iwconfig
- Kaiten malware
- Kali Linux
- kill command
- LD_PRELOAD
- ld.so
- libprocesshider
- Linux Distribution
- Linux From Scratch
- Linux Kernel
- Linux Malware
- Linux may give a false sense of security
- Linux Users Group
- LKM rootkit
- ls command
- ltrace
- LUKS
- Lynis
- Main Index - L
- malware replacing legitimate system components
- malware setting files as immutable or append only
- man pages
- Maya's Veil
- Mirai
- mkdir command
- mount command
- musl
- named pipe
- newsboat
- NoaBot
- nobody user
- ntpd
- ntpdate
- osquery
- package manager
- PAM
- parent process
- passwd command
- passwd file
- PEBear
- PID 1
- pipeline
- PowerShell
- PRISM backdoor
- program interpreter
- proxychains
- ptrace
- radare2
- rc script persistence
- rc scripts
- Reptile rootkit
- rkhunter
- root user
- Sandfly
- SELinux
- setuid root
- shadow file
- shadow password suite
- shell script
- signal (operating systems)
- Skeksi virus
- stat command
- stty
- su command
- sudo
- suid
- suid root
- surfraw
- syslog
- systemd
- tar command
- tarball
- taskverse
- tcpdump
- telnet command
- timestomping using the touch command
- top command
- touch command
- tty
- uClibc
- uname command
- Unix
- virtual terminals
- VirtualBox
- vlany
- WINE
- XORDDOS malware
- Yama