TIGER, or the 'tiger' scripts, is a set of Bourne shell scripts,
C programs and data files which are used to perform a security audit
of UNIX systems.  It is designed to hopefully be easy to use, easy to
understand and easy to enhance.

'tiger' incorporates checks primarily oriented towards Linux integrity
including: md5sums checks installed files, (and it can call AIDE or
Intergrit aswell), analysis of local listening processes, and then some.

Tiger uses 'chkrootkit' for rootkit scanning if found on the system;
slackbuilds.org provides a build script for that too.