Kernel Security Checker

Kernel Security Checker is a useful tool to locate attackers residing within a system by employing a direct analysis of the kernel through /dev/kmem and bypassing the hiding techniques of the intruder (kernel static recompilation or use of LKMs). It can find the modified syscalls from userspace, detect the promiscuous interfaces, and find the modifications applied to a protocol.