HIPS
2025-04-04
Host-Based Intrusion Prevention Systems (HIPS) are host-based cybersecurity tools that monitor for and prevent security compromises, unauthorized ... Read More
module_exit
2025-04-04
module_exit is a macro in the Linux kernel that is ran when a loadable kernel module is unloaded. Read More
module_init
2025-04-04
module_init is a macro in the Linux kernel used to specifiy the initialization function ran when a loadable kernel module is loaded. Read More
prevent LKM unloading with rmmod
2025-04-04
rootkits and EDR software that use LKMs may employ techniques that hide their presence or prevent them from being unloaded–if an attacker ... Read More
printk
2025-04-04
printk is the Linux kernel’s logging function, able to print formatted strings similar to printf() in userspace. It outputs messages to the ... Read More
reference count to avoid LKM removal
2025-04-04
rootkits and EDR software may increase their reference count using try_module_get(THIS_MODULE). This tricks the kernel into thinking that the module ... Read More
tmhook module
2025-04-04
tmhook is a loadable kernel module associated with Trend Micro Deep Security on Linux systems Read More
Trend Micro
2025-04-04
Trend Micro is a global cybersecurity company. https://www.trendmicro.com Read More
Trend Micro Deep Security
2025-04-04
Trend Micro Deep Security is an enterprise security platform that provides HIDS and HIPS, anti-malware, firewall, integrity monitoring, and more. Read More
/dev/kmem
2025-04-03
/dev/kmem is a special file on Linux and Unix-like systems that provides access to the kernel’s virtual memory. It was historically used for ... Read More