For some context, I had a former colleague who found himself working in a company with many compromised servers that had been owned for years with no immediate possibility of replacing them. Knowing that binaries had been modified, he had to verify the integrity of all systems. For this purpose, he created a small script to check everything.