Wouldn't it be possible to patch chkrootkit not to ignore certain hidden files/dirs in every case, but only if they are empty? I don't see how an empty dot-file could be a useful part of a rootkit, and neither an empty directory or one that contains nothing more than other empty files.