1. A set of software tools with administrator-level access privileges installed on an information system and designed to hide the presence of the tools, maintain the access privileges, and conceal the activities conducted by the tools.

Source: Explore Terms: A Glossary of Common Cybersecurity Terminology, National Initiative for Cybersecurity Careers and Studies (NICCS),

2. A rootkit is a collection of software tools that are installed on a compromised system once it has been penetrated, in order to conceal the presence of the intruder (hacker or malware) and hide processes and files. Rootkits are important components of malware, for instance to prevent the malware from being identified by anti-virus programs.

Source: Information Assurance Situation in Switzerland and Internationally, Reporting and Analysis Centre for Information Assurance MELANI,