INTERACTIVE RKHUNTER SIMULATION
Live Scanner Terminal
Simulate a real rkhunter, chkrootkit, or AIDE scan against a staged Linux system. Watch the tool discover hidden processes, modified binaries, and persistence mechanisms in real-time.
// RKHUNTER LIVE — Malware Detection Training Platform
// Select a tool and system profile, then run the scan.
// Watch for WARNING, FOUND, and INFECTED markers.
root@forensic-sandbox:~# █
// SCAN PROGRESS
Ready
0%
// SCAN RESULTS
Checks Passed—
Warnings—
Critical Findings—
Errors—
// SYSTEM INFO
Hostnameforensic-sandbox
OSUbuntu 22.04
Kernel5.15.0-89
Profile—
// TOOL INFO
rkhunterv1.4.6
chkrootkit0.55
AIDE0.17.4
Lynis3.0.8
DETECTION TECHNIQUE BREAKDOWN
Detection Methods Lab
Rootkit hunters use multiple detection techniques because each rootkit type evades some methods. Click any method to see a live demo of the technique in action.
ANALYST TRAINING EXERCISE
Scan Results Analyzer
A scan has been run on a compromised system. For each finding, determine whether it's a real threat or a false positive — just like a real forensic analyst would.
0/8
CORRECT CLASSIFICATIONS
🔬
Select a finding to analyze
Click any result from the scan output
THREAT INTELLIGENCE DATABASE
Rootkit Family Catalog
Six rootkit families detected by rkhunter — classified by operating layer, evasion technique, and real-world deployment. Click any card to open the full forensic breakdown.
FORENSIC INVESTIGATION EXERCISES
Hunt Missions
You're a forensic analyst. Run the correct commands to investigate each scenario. Type commands or click suggestions — then interpret the output to reach your conclusion.
0/6
MISSIONS COMPLETED
🎯
Select a mission to begin
Choose any investigation from the list
KNOWLEDGE ASSESSMENT · 12 QUESTIONS
Knowledge Quiz
Test your understanding of rootkit detection techniques, tool usage, and forensic methodology.
0 of 12
0/12