rkhunter (Rootkit Hunter) is a Unix-based tool that scans for rootkits, backdoors and possible local exploits. It does this by comparing SHA-1 hashes of important files with known good ones in online databases, searching for default directories (of rootkits), wrong permissions, hidden files, suspicious strings in kernel modules, and special tests for Linux and FreeBSD..., see wikipedia .
You can find it on this website.
On Fedora 36 you can search and install with the DNF tool.
[root@fedora mythcat]# dnf search rkhunter
Last metadata expiration check: 3:38:34 ago on Sat 06 Aug 2022 10:35:34 AM EEST.
======================== Name Exactly Matched: rkhunter ========================
rkhunter.noarch : A host-based tool to scan for rootkits, backdoors and local exploits
[root@fedora mythcat]# dnf install rkhunter.noarch
Last metadata expiration check: 3:39:00 ago on Sat 06 Aug 2022 10:35:34 AM EEST.The first step is to upgrade it and then you can check the system.
[root@fedora mythcat]# rkhunter --propupd
[ Rootkit Hunter version 1.4.6 ]
File created: searched for 179 files, found 139
[root@fedora mythcat]# rkhunter --check
[ Rootkit Hunter version 1.4.6 ]
Checking system commands...
Performing 'strings' command checks
...The result can be found on the log file and you can set settings on the conf file type.
[root@fedora mythcat]# vi /var/log/rkhunter/rkhunter.log
[root@fedora mythcat]# vi /etc/rkhunter.conf