Rootkit Hunter

Rootkit Hunter (rkhunter) is the tool to find evidence of malicious software on systems running Linux, Mac OS X, and UNIX. As the original author of this tool, I released the first version in 2003. In 2006, the project was handed over to a new team, to ensure its development kept going.


  • Both the tool and my name have been listed in several printed magazines
  • rkhunter is part of the LPI 303 exam objectives


After the lessons learned from Rootkit Hunter, I started a new project with a broader goal: help people improving security defenses on their systems. Also focused on Linux, macOS, and Unix-based systems. This auditing and system hardening tool is still under development since its original release in 2007.

Linux Audit

Linux Audit is the name of my Linux security blog. Articles cover topics in-depth with the goal to be available to both beginners and more advanced Linux users. The blog was created by me in 2014 as a research project. Its goal is to provide a knowledge hub and share information about Linux security. Main topics include Linux system hardening, security auditing, and compliance. Linux Audit is an ongoing project and new articles are published after extensive research. Quality above quantity.

Linux Security Expert

The Linux Security Expert (LSE) project has the goal to create a security library, including a training focused on Linux security. One of the bigger sections is a database of open source security tools that are categorized and tagged. It also ranks the tools in a top 100. The project goal is to become a one-stop place for Linux security, whenever one is seeking to learn or doing practical tasks for better understanding.