Patching and hooking the Linux kernel with only a stripped Linux kernel image.
Inline syscalls made for MSVC supporting x64 and WOW64
#安卓#System Call Hook for ARM64
Advanced process execution monitoring utility for linux (procmon like)
An example rootkit that gives a userland process root permissions
A system call interception tool
A Kernel module to break the kernel read-only to modify the syscall_table purpose (only in the Linux Arm64 6.6 Kernel test runs properly).
System call interception in linux-kernel module (kernel 2.6.34.7-61.fc13.x86_64)
HiddenGhost is an new solution for find system call table with support for 5.7x kernels +
Enumerate which window API calls are hooked by an EDR using inline patching technique
Some custom Linux kernel modules written for own purposes or just as exercises
#安卓#Kernel space drivers(LKM) to intecept, monitor and manipulate system calls in android systems
