Here are
102 public repositories
matching this topic...
Inline syscalls made easy for windows on clang
Another version of EVA using anti-debugging techs && using Syscalls
linux elf injector for x86 x86_64 arm arm64
Process & Memory Hacking Library (Windows/Linux/BSD/Android) (C/C++/Python) (x86/x64, ARM/ARM64) (Internal/External)
C2 framework that uses Background Intelligent Transfer Service (BITS) as communication protocol and Direct Syscalls + Dinvoke for EDR user-mode hooking evasion.
The home for Interruptor, a human-friendly interrupts hook library based on Frida's Stalker
Updated
Apr 10, 2022
TypeScript
Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2
Updated
Feb 22, 2022
Python
Work in progress firewall for Linux syscalls, written in Rust
Updated
Oct 20, 2019
Rust
A manual system call library that supports functions from both ntdll.dll and win32u.dll
Tool tracing syscalls in a fast way using eBPF linux kernel feature
An example rootkit that gives a userland process root permissions
For effective cheating detection in security competitions. Uses Linux Kernel Module (LKM) for generating flags.
A simple x86_64 AMD-v hypervisor type-2 Programmed with C++, with soon to be added syscall hooks. [W.I.P]
Extracting Syscall Stub, Modernized
Dump system call codes, names, and offsets from Ntdll.dll
Updated
May 11, 2022
Rust
Load shellcode via syscall
This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes
Updated
Mar 11, 2021
Python
A solution of mocking glibc function with Google Test.
A Golang implant that uses Discord as a C2 team server
attach to a process and close a file descriptor
Faster alternative to `syscall/js`. Up to 2x faster than native syscall/js.
This repository contains a tool which traces syscalls in a fast way using eBPF linux kernel feature
This library contains serveral modules that could help you write CKB contract with Rust.
Updated
Jan 18, 2022
Rust
Patch AMSI and ETW in remote process via direct syscall
Simple kernel module that hooks the `execve` syscall and waits for `date` to be executed with the `backd00r` argument followed by a PID number, elevating it to root credentials.
Improve this page
Add a description, image, and links to the
syscall
topic page so that developers can more easily learn about it.
Curate this topic
Add this topic to your repo
To associate your repository with the
syscall
topic, visit your repo's landing page and select "manage topics."
Learn more
You can’t perform that action at this time.
You signed in with another tab or window. Reload to refresh your session.
You signed out in another tab or window. Reload to refresh your session.
at the moment only ntw::system namespace and ntw::memory components are tested.
It would be great to have a test suite that covers most of the library.