Show HN: Detecting running processes using AF_ALG
Category: security
Tags: kernel, security, linux, af-alg, process-detection
Score: 4.5/10 (Innovation: 4, Technical: 4, Documentation: 6, Utility: 4)
A small Go tool that lists processes using AF_ALG sockets, useful for checking kernel module usage before disabling it. It was created in response to a recent exploit (copy.fail) and provides a simple JSON output of PID, FD, and process name.
Target audience: devops, security engineers, system administrators
Repository: https://github.com/NHAS/detect-running-alg-socket ยท Go
View on Hacker News