Sebek
Sebek is a software data collection system designed to circumvent session encryption. It is used on hosts, such as honeypots, when the unauthorized use session encryption (to protect the communication channel )is anticipated. The presence of Sebek is quite difficult to detect, employing technology derived from modern kernel module based root-kits to hide its components and processes from the user.