Linux Test Project (mailing list: https://lists.linux.it/listinfo/ltp)

chroot, mount --bind, and binfmt_misc without privilege/setup for Linux

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

The system call intercepting library

🌸 Interactive shellcoding environment to easily craft shellcodes

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

x64 Dynamic Reverse Engineering Toolkit

Inline syscalls made easy for windows on clang

A stupid game for learning about containers, capabilities, and syscalls.

Performing Indirect Clean Syscalls

KVM-based Virtual Machine Introspection

A language and library for specifying syscall filtering policies.

Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

Tools and PoCs for Windows syscall investigation.

Go shellcode loader that combines multiple evasion techniques

Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker

A kernelspace syscall interceptor and randomized faulter

Library for creating a new process detached from the controling terminal (daemon) using the fork and setsid syscalls.

OCI hook to trace syscalls and generate a seccomp profile

FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!