Projects / Zeppoo


Zeppoo allows you to detect rootkits on the i386 architecture under Linux by using /dev/kmem and /dev/mem. It can also detect hidden tasks, modules, syscalls, some corrupted symbols, and hidden connections. Anti-Rootkits which don't use these methods can be fooled easily.

Operating Systems

Recent releases

  •  03 Nov 2006 10:50

    Release Notes: Red Hat and Ubuntu are supported with the -r option. MD5 is used. AMD64 is supported. /proc/kallsyms was added. Many bugs were fixed.

    •  18 Jun 2006 17:25

      Release Notes: Execution of a binary (through execve or binfmt) is checked. Symbol verification was added (only for execve).

      •  07 Jun 2006 04:23

        Release Notes: The global option -z was added. Resolving symbols is now more portable.

        •  05 Jun 2006 20:55

          Release Notes: Some bugfixes and code cleanup.

          •  22 May 2006 16:29

            No changes have been submitted for this release.


            Project Spotlight


            A Fluent OpenStack client API for Java.


            Project Spotlight

            TurnKey TWiki Appliance

            A TWiki appliance that is easy to use and lightweight.