# Install rkhunter Rootkit hunter. Version 1.4.6 via Homebrew; verified from local package data. ## Install ```sh sudo av install brew:rkhunter ``` Additional install commands: ### macOS - Homebrew (100%): ```sh brew install rkhunter ``` Evidence: local Homebrew formula metadata - MacPorts (94%): ```sh sudo port install rkhunter ``` Evidence: MacPorts ports tree: sysutils/rkhunter/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1 ### Linux - Debian apt (92%): ```sh sudo apt install rkhunter ``` Evidence: Debian stable package indexes: rkhunter from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz - dnf (92%): ```sh sudo dnf install rkhunter ``` Evidence: Fedora Rawhide package metadata: rkhunter from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst - pacman (92%): ```sh sudo pacman -S rkhunter ``` Evidence: Arch Linux sync databases: rkhunter from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz ## Package Facts - **Package key:** brew:rkhunter - **Package manager:** Homebrew - **Package manager URL:** - **Version:** 1.4.6 - **Source summary:** Rootkit hunter - **Homepage:** - **Repository:** - **Upstream docs:** - **License:** GPL-2.0-or-later - **Source archive:** - **Generated:** 2026-06-10T07:18:26+00:00 ## Executables - rkhunter (cli) - rkhunter (alias) ## Install Behavior - Post-install hook: not defined - Bottle: available on arm64_big_sur, arm64_linux, arm64_monterey, arm64_sequoia, arm64_sonoma, arm64_tahoe, arm64_ventura, big_sur, catalina, monterey, sonoma, ventura ## Freshness - Page generated: 2026-06-10 - Package-manager version: 1.4.6 - Local data status: ok - Upstream repository: https://rkhunter.sourceforge.net/ - info: No package-manager update timestamp was available. - info: Release/tag comparison is only available for GitHub repositories. ## セキュリティノート narrow executable package without higher-risk signals. - **Geiger risk:** green / low - narrow executable package without higher-risk signals ## Source Database Details - **Source Database:** Homebrew formula API - **Tap:** homebrew/core - **Full Name:** rkhunter - **Version Scheme:** 0 - **Revision:** 0 - **Bottle Stable Root URL:** - **Deprecated:** no - **Disabled:** no - **Keg Only:** no - **URL Keys:** stable ## Other Package-Manager Records - Debian apt - rkhunter - 1.4.6-13: normalized package name match | Debian stable package indexes: rkhunter from https://deb.debian.org/debian/dists/stable/main/binary-amd64/Packages.xz | rootkit, backdoor, sniffer and exploit scanner | https://rkhunter.sourceforge.net - Ubuntu apt - rkhunter - 1.4.6-12: normalized package name match | Ubuntu 24.04 LTS package indexes: rkhunter from https://archive.ubuntu.com/ubuntu/dists/noble/universe/binary-amd64/Packages.gz | rootkit, backdoor, sniffer and exploit scanner | https://rkhunter.sourceforge.net - dnf - rkhunter - 1.4.6-32.fc44: normalized package name match | Fedora Rawhide package metadata: rkhunter from https://dl.fedoraproject.org/pub/fedora/linux/development/rawhide/Everything/x86_64/os/repodata/13ee7b80cb813542594d4235c4a0b8695435d5ecf23dd3580bc7515ae1b6180d-primary.xml.zst | A host-based tool to scan for rootkits, backdoors and local exploits | http://rkhunter.sourceforge.net/ - pacman - rkhunter - 1.4.6-4: normalized package name match | Arch Linux sync databases: rkhunter from https://geo.mirror.pkgbuild.com/extra/os/x86_64/extra.db.tar.gz | Checks machines for the presence of rootkits and other unwanted tools. | http://rkhunter.sourceforge.net/ - MacPorts - rkhunter: normalized package name match | MacPorts ports tree: sysutils/rkhunter/Portfile from https://api.github.com/repos/macports/macports-ports/git/trees/master?recursive=1 ## Related Links - [Terminal utility packages](https://www.automicvault.com/ja/pkg/terminal-utilities/) - Matched terminal and command-line workflow metadata. - [Networking and protocol packages](https://www.automicvault.com/ja/pkg/networking-protocol-tools/) - Matched network, protocol, or remote-service metadata. - [Security and crypto packages](https://www.automicvault.com/ja/pkg/security-crypto-tools/) - Matched security, identity, cryptography, password, signing, or certificate metadata. - [Homebrew utility packages](https://www.automicvault.com/ja/pkg/brew-utility-packages/) - Matched Homebrew package provider. - [chkrootkit](https://www.automicvault.com/ja/pkg/brew/chkrootkit/) - Shares av.db curated category or tags: cli, malware-detection, rootkit, security. - [clamav](https://www.automicvault.com/ja/pkg/brew/clamav/) - Shares av.db curated category or tags: cli, malware-detection, security. - [gnutls](https://www.automicvault.com/ja/pkg/brew/gnutls/) - Shares av.db curated category or tags: cli, security. - [krb5](https://www.automicvault.com/ja/pkg/brew/krb5/) - Shares av.db curated category or tags: cli, security. - [nettle](https://www.automicvault.com/ja/pkg/brew/nettle/) - Shares av.db curated category or tags: cli, security. - [nss](https://www.automicvault.com/ja/pkg/brew/nss/) - Shares av.db curated category or tags: cli, security. - [pinentry](https://www.automicvault.com/ja/pkg/brew/pinentry/) - Shares av.db curated category or tags: cli, security. - [cyrus-sasl](https://www.automicvault.com/ja/pkg/brew/cyrus-sasl/) - Shares av.db curated category or tags: cli, security. - [crunch](https://www.automicvault.com/ja/pkg/brew/crunch/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, security. - [flawfinder](https://www.automicvault.com/ja/pkg/brew/flawfinder/) - Security-sensitive metadata or terminology overlaps. Shared terms: cli, security. ## Sources - Nucleus package database - Geiger risk classifier - package-page enrichment - package version freshness - av.db category and tag curation - package relationship graph - external package-manager database matches - cross-ecosystem install command graph