Microsoft company new free online service , to ensure that Linux environment images are scanned for rootkits, hidden processes, malware, and suspicious activity such as intercepting system calls and using LD_PRELOAD to replace library functions. The service requires uploading a snapshot of the system image to an external Microsoft server and is focused on checking the stuffing of virtual environments.
The output is formed , which reflects the state of system tables, kernel modules, network connections, debugging functions and processes, which can be used in the course of forensic analysis of the consequences of hacks. Supports analysis of over 4000 variants of the Linux kernel. loading snapshots of virtual environments in VMRS (Hyper-V checkpoint) and CORE (VMware snapshot) formats, as well as working system memory state dumps created using tools ΠΈ . The service code is written in Rust.
Source: opennet.ru