Hacker Tools and their Signatures, Part Three: Rootkits

by Toby Miller
Sept. 23, 2017 1 comment Symantec Pen Testing & Audits hackers tools

This is the third installment of a series devoted to examining hacker tools and their signatures. In this installment we will be looking at some of the signatures related to the KOH rootkit. The purpose of this paper is to assist the reader in detecting the KOH rootkit. Through this process, it is hoped that the reader will also learn steps to take to defend against the installation of these types of rootkits.


2flash 7 months, 1 week ago

Good presentation on rootkits and especially KOH! I just wish that the description would have been longer (I like symantec's site too , but I prefer reading it here).