Advanced process execution monitoring utility for linux (procmon like)
-
Updated
Mar 4, 2016 - C
Advanced process execution monitoring utility for linux (procmon like)
An example rootkit that gives a userland process root permissions
hodgepodge
Enumerate which window API calls are hooked by an EDR using inline patching technique
A system call interception tool
Inline syscalls made for MSVC supporting x64 and WOW64
System call interception in linux-kernel module (kernel 2.6.34.7-61.fc13.x86_64)
Some custom Linux kernel modules written for own purposes or just as exercises
Patching and hooking the Linux kernel with only a stripped Linux kernel image.
HiddenGhost is an new solution for find system call table with support for 5.7x kernels +
system call hook for Linux
Add a description, image, and links to the syscall-hook topic page so that developers can more easily learn about it.
To associate your repository with the syscall-hook topic, visit your repo's landing page and select "manage topics."