Linux Test Project (mailing list: https://lists.linux.it/listinfo/ltp)

chroot, mount --bind, and binfmt_misc without privilege/setup for Linux

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

The system call intercepting library

Performing Indirect Clean Syscalls

A kernelspace syscall interceptor and randomized faulter

A language and library for specifying syscall filtering policies.

Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

Use hardware breakpoints to spoof the call stack for both syscalls and API calls

Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.

A tool for checking functions calls return protections

Tiny system call tracer and debugger

Tool tracing syscalls in a fast way using eBPF linux kernel feature

🔍 Trace syscalls from user-space functions, by using eBPF

Advanced process execution monitoring utility for linux (procmon like)

Experimental system call tracer for Linux x86-64, written in Go

Some C code i write to study systems programming (while reading The Linux Programming Interface)

chroot, mount --bind, and binfmt_misc without privilege/setup for Linux

Mamba is a payload for PS3 apps that adds support for ISO, netiso, plugins, PS3MAPI, etc. It's derived from Cobra.