A little clarification...
I am a professional Penetration Tester who uses Immunity Canvas as a part of my job, I feel that some people here are missing the point so I thought I'd clarify this for people who are interested in the topic.
1> Rootkit is not an exploit, you need to have root access on the remote machine to be able to install a rootkit. Rootkit's are designed to maintain covert access on the system.
2> It's not a windows v/s linux war all OS'es are equally vulnerable to rootkits, once compromised.
3> Canvas is a completely legit commercial python based pentesting kit just like core impact, this stuff is nothing new, They charge for the hard work involved in security research, hence the commercial support.
4> Holy Father had released commercial rootkits for Windows long back called hacker defender, it even has various editions, depending on how covert one wants the rootkit to be.
5> There are many much better linux rootkits available out there for people who know,.