Use kprobe capture common kernel event and can also use for hids agent(kernel module)
Geek Repo:Geek Repo
Github PK Tool:Github PK Tool