unhide - Tool to find hidden processes and TCP/UDP ports from rootkits

Property Value
Distribution CentOS 6
Repository Psychotic Ninja x86_64
Package name unhide
Package version 20130526
Package release 3.el6.psychotic
Package architecture x86_64
Package type rpm
Installed size 160.77 KB
Download size 61.24 KB
Official Mirror packages.psychotic.ninja
Unhide is a forensic tool to find processes and TCP/UDP ports hidden by
rootkits, Linux kernel modules or by other techniques. It includes two
utilities: unhide and unhide-tcp.
Unhide detects hidden processes using three techniques:
- comparing the output of /proc and /bin/ps
- comparing the information gathered from /bin/ps with the one gathered
from system calls (syscall scanning)
- full scan of the process ID space (PIDs bruteforcing)
unhide-tcp identifies TCP/UDP ports that are listening but are not listed
in /bin/netstat through brute forcing of all TCP/UDP ports available.


Package Version Architecture Repository
unhide-20130526-4.el6.art.i686.rpm 20130526 i686 Atomic
unhide-20130526-4.el6.art.x86_64.rpm 20130526 x86_64 Atomic
unhide-20130526-3.el6.psychotic.i386.rpm 20130526 i386 Psychotic Ninja
unhide-20130526-1.el6.x86_64.rpm 20130526 x86_64 EPEL
unhide-20130526-1.el6.i686.rpm 20130526 i686 EPEL
unhide-20130428-3.el6.art.i686.rpm 20130428 i686 Atomic
unhide-20130428-3.el6.art.x86_64.rpm 20130428 x86_64 Atomic
unhide-0.0.20110113-1.el6.rf.i686.rpm 0.0.20110113 i686 Repoforge (RPMforge)
unhide - - -


Name Value
libc.so.6(GLIBC_2.7)(64bit) -
libpthread.so.0()(64bit) -
libpthread.so.0(GLIBC_2.2.5)(64bit) -
rtld(GNU_HASH) -


Name Value
unhide = 20130526-3.el6.psychotic
unhide(x86-64) = 20130526-3.el6.psychotic


Type URL
Binary Package unhide-20130526-3.el6.psychotic.x86_64.rpm
Source Package unhide-20130526-3.el6.psychotic.src.rpm

Install Howto

  1. Download latest psychotic-release rpm from
  2. Install psychotic-release rpm:
    # rpm -Uvh psychotic-release*rpm
  3. Install unhide rpm package:
    # yum --enablerepo=psychotic install unhide




2014-08-18 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20130526-3
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_22_Mass_Rebuild
2014-06-08 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 20130526-2
- Rebuilt for https://fedoraproject.org/wiki/Fedora_21_Mass_Rebuild
2014-01-09 - Christopher Meng <rpm@cicku.me> - 20130526-1
- Update to 20130526
- Add multilingual manpages.
- SPEC cleanup, build with RELRO.
2013-07-26 - Parag <paragn AT fedoraproject DOT org> - 1.0-10.20121229
- Update to new version
2013-02-15 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-9.20100201
- Rebuilt for https://fedoraproject.org/wiki/Fedora_19_Mass_Rebuild
2012-07-22 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-8.20100201
- Rebuilt for https://fedoraproject.org/wiki/Fedora_18_Mass_Rebuild
2012-01-14 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-7.20100201
- Rebuilt for https://fedoraproject.org/wiki/Fedora_17_Mass_Rebuild
2011-02-07 - Fedora Release Engineering <rel-eng@lists.fedoraproject.org> - 1.0-6.20100201
- Rebuilt for https://fedoraproject.org/wiki/Fedora_15_Mass_Rebuild
2010-05-03 - Rakesh Pandit <rakesh@fedoraproject.org> 1.0-5.20100201
- Updated to 20100201
2009-12-04 - Rakesh Pandit <rakesh@fedoraproject.org> 1.0-5.20090810
- Updated to 20090810

See Also

Package Description
unrar-5.2.4-2.el6.psychotic.x86_64.rpm Extract, test and view RAR archives
xapian-core-1.2.15-2.el6.psychotic.x86_64.rpm The Xapian Probabilistic Information Retrieval Library
xapian-core-1.2.23-2.el6.psychotic.x86_64.rpm The Xapian Probabilistic Information Retrieval Library
xapian-core-devel-1.2.15-2.el6.psychotic.x86_64.rpm Files needed for building packages which use Xapian
xapian-core-devel-1.2.23-2.el6.psychotic.x86_64.rpm Files needed for building packages which use Xapian
xapian-core-libs-1.2.15-2.el6.psychotic.x86_64.rpm Xapian search engine libraries
xapian-core-libs-1.2.23-2.el6.psychotic.x86_64.rpm Xapian search engine libraries
xboxdrv-0.8.8-3.el6.psychotic.x86_64.rpm Userspace Xbox/Xbox360 Gamepad Driver for Linux
youtube-dl-2018.03.03-1.el6.psychotic.noarch.rpm A small command-line program to download online videos
youtube-dl-2018.03.14-1.el6.psychotic.noarch.rpm A small command-line program to download online videos
youtube-dl-2018.07.10-1.el6.psychotic.noarch.rpm A small command-line program to download online videos
ytalk-3.3.0-25.el6.psychotic.x86_64.rpm A chat program for multiple users
zpaq-6.49-4.el6.psychotic.x86_64.rpm zpaq is a free and open source (GPL v3) incremental, journaling command-line archiver