syscalls

There are 11 repositories under syscalls topic.

• linux-test-project / ltp

  Linux Test Project (mailing list: https://lists.linux.it/listinfo/ltp)

  clibclinuxlinux-kernellinux-testltpposixsyscallstest-automationunix
  Language:C 2491
• proot

  proot-me / proot

  chroot, mount --bind, and binfmt_misc without privilege/setup for Linux

  chroot-environmentuserland-execrootfschrootclinuxsyscallsptracehacktoberfest
  Language:C 2361
• windows-api-function-cheatsheets

  7etsuo / windows-api-function-cheatsheets

  A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.

  cheatsheetmalware-analysismalware-researchreverse-engineeringsyscallssystems-programmingwin32-apiwindowswindows-10windows-11windows-apiwindows-internals
  1363

• joshfaust / Alaris

  A protective and Low Level Shellcode Loader that defeats modern EDR systems.

  shellcode-loadersyscallsbypass-antivirus
  Language:C 916

• genuinetools / contained.af

  A stupid game for learning about containers, capabilities, and syscalls.

  linuxsyscallsgamecontainerssecurityapparmorseccompdockeropencontainers
  Language:JavaScript 907

• konatabrk / shellen

  :cherry_blossom: Interactive shellcoding environment to easily craft shellcodes

  keystonecapstoneshellcodeinteractiveassemblerdissassemblerpwnshellcodingassemblydisassemblysyscallsarchitecturedsmasmshellsyscall-tablecommon-shellcodesexploitationctfexploit
  Language:Python 903

• JustasMasiulis / inline_syscall

  Inline syscalls made easy for windows on clang

  syscallsyscallswindowsx64inlineobfuscationhooksstatic-analysislibrarycpp17header-onlyassembly
  Language:C++ 724
• DEFCON-31-Syscalls-Workshop

  VirtualAlllocEx / DEFCON-31-Syscalls-Workshop

  Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

  antivirus-bypassantivirus-evasionedr-bypassedr-evasionmalware-developmentwindows-internalsdirect-syscallsindirect-syscallsmalware-analysismalware-development-guideworkshopshellcode-loadersyscallsshellcode
  Language:C 718
• ReverseKit

  zer0condition / ReverseKit

  x64 Dynamic Reverse Engineering Toolkit

  bypasshookimguiimportsreverseengineeringsyscalls
  Language:C++ 707

• pmem / syscall_intercept

  The system call intercepting library

  intercepting-librarysyscalls
  Language:C 651

• Maldev-Academy / HellHall

  Performing Indirect Clean Syscalls

  syscallsedrs
  Language:C 578
• kubectl-dig

  sysdiglabs / kubectl-dig

  Deep kubernetes visibility from the kubectl

  kubectl-pluginskubernetescontainersmonitoringobservabilityo11ysyscalls
  Language:Go 388
• hades

  f1zm0 / hades

  Go shellcode loader that combines multiple evasion techniques

  av-evasionedr-evasiongolangpentestingred-teamingntapintdllsyscallsevasionadversary-emulationoffensive-security
  Language:Go 382

• daem0nc0re / AtomicSyscall

  Tools and PoCs for Windows syscall investigation.

  syscallswindowswindows-kernel
  Language:C# 364

• FrenchYeti / interruptor

  Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker

  arm64fridahookinginstrumentationstracesyscall-tracingsyscallssystem-call-tracingtracing
  Language:TypeScript 354

• trailofbits / krf

  A kernelspace syscall interceptor and randomized faulter

  linux-kernelfault-injectionsyscallsfreebsdhacktoberfest
  Language:C 354

• ergrelet / windiff

  Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.

  diffntoskrnlpdbportable-executablereverse-engineeringwebwin32windowsundocumentednextjsrustsyscallsinsiderpreview
  Language:Rust 351

• KVM-VMI / kvm-vmi

  KVM-based Virtual Machine Introspection

  hypervisorintrospectionkvmmonitornitrosyscallstrapvirtual-machinevirtual-machine-introspection
  Language:Jinja 351

• crummie5 / FreshyCalls

  FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!

  syscallswindows
  Language:C++ 344

• google / kafel

  A language and library for specifying syscall filtering policies.

  linuxseccomp-filtersecuritysyscalls
  Language:C 336

• containers / oci-seccomp-bpf-hook

  OCI hook to trace syscalls and generate a seccomp profile

  bcccontainersociseccomp-profilesyscalls
  Language:Go 333
• AntiCrack-DotNet

  AdvDebug / AntiCrack-DotNet

  .NET Project containing plenty of advanced techniques to detect various types of malicious actions on your software, with syscall support.

  dll-injectionsandboxieanti-debugvirtualizationcrackingprotectionanti-debuggingantidebugreverse-engineeringanti-detectiondebuggerdebuggingvm-evasioncsharpanti-sandboxanti-vmanticheatanti-tampersyscallscheat
  Language:C# 330
• grace

  liamg / grace

  :screwdriver: It's strace, with colours.

  clicolorscoloursdebuggogolangptracestracesyscallstool
  Language:Go 277

• 0xcpu / WinAltSyscallHandler

  Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

  windows-10proof-of-conceptsyscallskernel
  Language:C 232

• janoglezcampos / rust_syscalls

  Single stub direct and indirect syscalling with runtime SSN resolving for windows.

  rustrust-langsecurity-toolssyscalls
  Language:Rust 227
• systrack

  mebeim / systrack

  📡🐧 Linux kernel syscall implementation tracker

  linuxlinux-kernelsecurity-researchsyscallsyscall-tablesyscallsabiautomationbinary-analysiselfkconfig
  Language:Python 224

• life4 / gweb

  🌐 Interact with browser from Go. Manually crafted WebAPI interoperation library.

  frontendgogolangjqueryjsreactsyscallsvuewasmwebweb-assemblywebapi
  Language:Go 222

• matheusmoreira / liblinux

  Linux system calls.

  linuxlinux-kernelsyscallssystem-callssystems-programming
  Language:Makefile 215
• linux-syscalls

  mebeim / linux-syscalls

  🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)

  linuxlinux-kernelsecurity-researchsecurity-toolssyscall-tablesyscalls
  Language:JavaScript 203

• annihilatorq / shadow_syscall

  windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around KUSER_SHARED_DATA. supported compilers: clang, gcc and msvc

  analysiscppdirect-syscallsexportgetmodulehandlegetprocaddresshashingheader-onlymasmobfuscationreverse-engineeringshadow-syscallsshellcodesyscallsyscallswin-internals
  Language:C++ 201

• liamg / siphon

  :alembic: Intercept stdin/stdout/stderr for any process

  input-outputinterceptptracespysyscallshacktoberfest
  Language:Go 199

• fortra / hw-call-stack

  Use hardware breakpoints to spoof the call stack for both syscalls and API calls

  edr-bypassstack-spoofingsyscalls
  Language:C 197

• ProcessusT / Venoma

  Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution

  antivirusbypassc2cobaltdropperedrmalwarepayloadpentestredstriketeamindirectsyscalls
  Language:C++ 197

• Sh0ckFR / InlineWhispers2

  Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

  redteamred-teamred-teamingred-team-engagementred-team-toolssyscallsyscallswindows
  Language:Assembly 189
• inline-syscall

  nbs32k / inline-syscall

  Inline syscalls made for MSVC supporting x64 and WOW64

  microsoftntdllntdll-unhookingssdtssdt-hooksyscall-fuzzersyscall-hooksyscall-hookingsyscall-tablesyscallswin32uwindows
  Language:C++ 187

• eversinc33 / BouncyGate

  Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL (as in RecycledGate).

  nimsyscallshellsgaterecycledgate
  Language:Nim 185