|You are here:|
What is a rootkit?
- A rootkit is a collection of tools that are used to attain, maintain, and hide access by the attacker. It does that by intercepting the system functions (Windows API).
- User-mode rootkits do this in user space whereas kernel-mode rootkits do that in the kernel space
User-mode rootkits and Kernel-mode rootkits
User and Kernel space
Pages in this Category
This category has the following 3 subcategories, out of 3 total.