Dear Kali Linux / Offensive Security Tool Team,

My name is Priyaj Yadav, and I would like to propose Veritas for inclusion in Kali Linux under:

• Forensics
• Incident Response
• Anti-Rootkit

GitHub:
https://github.com/priyajyadav8-crypto/veritas

Veritas is a Rust + eBPF-based Linux integrity and forensic tool that compares kernel-visible state against userspace-visible state to detect hidden activity on compromised systems.

Current Features

• Hidden process detection via kernel/userspace diffing
• Hidden network socket detection
• LD_PRELOAD injection detection
• Rootkit module scanning
• Critical filesystem integrity checks
• Human-readable and JSON output modes

Example:

veritas --diff

Verified Against Diamorphine

Veritas was successfully tested against the Diamorphine rootkit on Debian 13 (kernel 6.12).

During testing:

• PID 9201 was hidden from ps
• Veritas detected the hidden process through kernel-level visibility comparison

I have attached:

• Final project PDF
• Verification screenshots
• Detection output screenshots

Technical Details

• Language: Rust
• eBPF Framework: Aya
• License: GPL-2.0
• Binary: 2.7MB static musl build
• Dependencies: None
• Kernel Support: Linux 5.15+

Included:

• CLI flags (--diff, --json, --processes, --network, --fs)
• Man page
• Documentation
• Static release binary

The project is ready for packaging review and technical evaluation.

Thank you for your time and consideration.

Respectfully,

Priyaj Yadav
GitHub: https://github.com/priyajyadav8-crypto
Email: [email protected]