syscalls | Topic | Ecosyste.ms: Repos

Topic: "syscalls"

linux-test-project/ltp

Linux Test Project (mailing list: https://lists.linux.it/listinfo/ltp)

Language: C - Size: 64.7 MB - Last synced at: 17 days ago - Pushed at: 19 days ago - Stars: 2,514 - Forks: 1,087

proot-me/proot

chroot, mount --bind, and binfmt_misc without privilege/setup for Linux

Language: C - Size: 3.71 MB - Last synced at: 7 months ago - Pushed at: over 1 year ago - Stars: 2,257 - Forks: 416

7etsuo/windows-api-function-cheatsheets Fork of PaddyCahil/windows-api-function-cheatsheets

A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.

Size: 27.2 MB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 1,364 - Forks: 152

joshfaust/Alaris

A protective and Low Level Shellcode Loader that defeats modern EDR systems.

Language: C - Size: 1.23 MB - Last synced at: 6 months ago - Pushed at: almost 2 years ago - Stars: 909 - Forks: 143

genuinetools/contained.af

A stupid game for learning about containers, capabilities, and syscalls.

Language: JavaScript - Size: 17.5 MB - Last synced at: about 2 months ago - Pushed at: over 2 years ago - Stars: 908 - Forks: 61

konatabrk/shellen

:cherry_blossom: Interactive shellcoding environment to easily craft shellcodes

Language: Python - Size: 712 KB - Last synced at: 6 days ago - Pushed at: almost 5 years ago - Stars: 904 - Forks: 95

VirtualAlllocEx/DEFCON-31-Syscalls-Workshop

Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".

Language: C - Size: 16.3 MB - Last synced at: 3 months ago - Pushed at: 8 months ago - Stars: 711 - Forks: 102

JustasMasiulis/inline_syscall

Inline syscalls made easy for windows on clang

Language: C++ - Size: 35.2 KB - Last synced at: 8 months ago - Pushed at: over 1 year ago - Stars: 706 - Forks: 86

pmem/syscall_intercept 📦

The system call intercepting library

Language: C - Size: 499 KB - Last synced at: 4 months ago - Pushed at: about 1 year ago - Stars: 649 - Forks: 128

zer0condition/ReverseKit

x64 Dynamic Reverse Engineering Toolkit

Language: C++ - Size: 3.78 MB - Last synced at: 9 months ago - Pushed at: over 2 years ago - Stars: 634 - Forks: 99

Maldev-Academy/HellHall

Performing Indirect Clean Syscalls

Language: C - Size: 29.3 KB - Last synced at: 9 months ago - Pushed at: over 2 years ago - Stars: 530 - Forks: 71

sysdiglabs/kubectl-dig

Deep kubernetes visibility from the kubectl

Language: Go - Size: 13.6 MB - Last synced at: 15 days ago - Pushed at: about 2 years ago - Stars: 388 - Forks: 15

f1zm0/hades

Go shellcode loader that combines multiple evasion techniques

Language: Go - Size: 2.12 MB - Last synced at: 8 months ago - Pushed at: over 2 years ago - Stars: 368 - Forks: 47

daem0nc0re/AtomicSyscall

Tools and PoCs for Windows syscall investigation.

Language: C# - Size: 1.55 MB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 367 - Forks: 46

FrenchYeti/interruptor

Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker

Language: TypeScript - Size: 1.05 MB - Last synced at: 4 months ago - Pushed at: over 2 years ago - Stars: 355 - Forks: 47

trailofbits/krf

A kernelspace syscall interceptor and randomized faulter

Language: C - Size: 336 KB - Last synced at: 7 months ago - Pushed at: about 1 year ago - Stars: 354 - Forks: 36

ergrelet/windiff

Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.

Language: Rust - Size: 1.13 MB - Last synced at: 17 days ago - Pushed at: 18 days ago - Stars: 353 - Forks: 18

google/kafel

A language and library for specifying syscall filtering policies.

Language: C - Size: 289 KB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 340 - Forks: 54

containers/oci-seccomp-bpf-hook

OCI hook to trace syscalls and generate a seccomp profile

Language: Go - Size: 5.04 MB - Last synced at: 21 days ago - Pushed at: 24 days ago - Stars: 338 - Forks: 38

AdvDebug/AntiCrack-DotNet

.NET Project containing plenty of advanced techniques to detect various types of malicious actions on your software, with syscall support.

Language: C# - Size: 215 KB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 319 - Forks: 73

KVM-VMI/kvm-vmi

KVM-based Virtual Machine Introspection

Language: Jinja - Size: 9.42 MB - Last synced at: about 1 year ago - Pushed at: about 1 year ago - Stars: 310 - Forks: 60

liamg/grace

:screwdriver: It's strace, with colours.

Language: Go - Size: 5.16 MB - Last synced at: 9 months ago - Pushed at: about 3 years ago - Stars: 275 - Forks: 8

crummie5/FreshyCalls

FreshyCalls tries to make the use of syscalls comfortable and simple, without generating too much boilerplate and in modern C++17!

Language: C++ - Size: 14.6 KB - Last synced at: about 2 years ago - Pushed at: over 3 years ago - Stars: 258 - Forks: 32

mebeim/systrack

📡🐧 Linux kernel syscall implementation tracker

Language: Python - Size: 2.76 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 223 - Forks: 13

life4/gweb

🌐 Interact with browser from Go. Manually crafted WebAPI interoperation library.

Language: Go - Size: 6.14 MB - Last synced at: 5 months ago - Pushed at: almost 2 years ago - Stars: 221 - Forks: 17

matheusmoreira/liblinux 📦

Linux system calls.

Language: Makefile - Size: 284 KB - Last synced at: 12 months ago - Pushed at: about 6 years ago - Stars: 211 - Forks: 10

0xcpu/WinAltSyscallHandler

Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999

Language: C - Size: 1.6 MB - Last synced at: 9 months ago - Pushed at: about 6 years ago - Stars: 209 - Forks: 50

mebeim/linux-syscalls

🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)

Language: JavaScript - Size: 89.6 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 199 - Forks: 13

liamg/siphon

:alembic: Intercept stdin/stdout/stderr for any process

Language: Go - Size: 108 KB - Last synced at: 9 months ago - Pushed at: about 3 years ago - Stars: 197 - Forks: 8

annihilatorq/shadow_syscall

windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around KUSER_SHARED_DATA. supported compilers: clang, gcc and msvc

Language: C++ - Size: 350 KB - Last synced at: 2 months ago - Pushed at: 2 months ago - Stars: 196 - Forks: 23

fortra/hw-call-stack

Use hardware breakpoints to spoof the call stack for both syscalls and API calls

Language: C - Size: 277 KB - Last synced at: 8 months ago - Pushed at: over 1 year ago - Stars: 195 - Forks: 28

0xflux/Hells-Hollow

Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls

Language: Rust - Size: 107 KB - Last synced at: 2 months ago - Pushed at: 4 months ago - Stars: 189 - Forks: 25

nbs32k/inline-syscall

Inline syscalls made for MSVC supporting x64 and WOW64

Language: C++ - Size: 40 KB - Last synced at: 7 months ago - Pushed at: over 2 years ago - Stars: 181 - Forks: 30

ProcessusT/Venoma

Yet another C++ Cobalt Strike beacon dropper with Compile-Time API hashing and custom indirect syscalls execution

Language: C++ - Size: 76.2 MB - Last synced at: 7 months ago - Pushed at: 7 months ago - Stars: 180 - Forks: 36

AkihiroSuda/lsf

Linux Subsystem for FreeBSD (😈 on 🐧)

Language: Go - Size: 64.5 KB - Last synced at: 6 months ago - Pushed at: over 3 years ago - Stars: 178 - Forks: 5

Sh0ckFR/InlineWhispers2

Tool for working with Direct System Calls in Cobalt Strike's Beacon Object Files (BOF) via Syswhispers2

Language: Assembly - Size: 131 KB - Last synced at: over 1 year ago - Pushed at: over 3 years ago - Stars: 172 - Forks: 30

alegrey91/harpoon

🔍 Seccomp profiling and function-level tracing tool.

Language: C - Size: 1.2 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 170 - Forks: 11

eversinc33/BouncyGate

Indirect Syscalls: HellsGate in Nim, but making sure that all syscalls go through NTDLL.DLL (as in RecycledGate).

Language: Nim - Size: 32.2 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 170 - Forks: 12

Bw3ll/ShellWasp

ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWasp 2.0 includes novel ways to invoke the syscall in WoW64.

Language: Python - Size: 24.2 MB - Last synced at: 5 months ago - Pushed at: over 2 years ago - Stars: 169 - Forks: 25

DavidBuchanan314/TARDIS

Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.

Language: C - Size: 13.7 KB - Last synced at: 3 months ago - Pushed at: over 1 year ago - Stars: 160 - Forks: 13

pinterest/ptracer

A library for ptrace-based tracing of Python programs

Language: Python - Size: 67.4 KB - Last synced at: 7 months ago - Pushed at: over 1 year ago - Stars: 155 - Forks: 16

janoglezcampos/rust_syscalls

Single stub direct and indirect syscalling with runtime SSN resolving for windows.

Language: Rust - Size: 11.7 KB - Last synced at: about 2 years ago - Pushed at: almost 3 years ago - Stars: 149 - Forks: 18

froz42/funcheck

A tool for checking functions calls return protections

Language: C - Size: 512 KB - Last synced at: 11 months ago - Pushed at: 11 months ago - Stars: 143 - Forks: 8

IDouble/NASM-Assembly-Linux-Notes

🐧 Assembly with Linux (Notes, Syscalls, Protection Rings) 🐧

Language: Assembly - Size: 2.24 MB - Last synced at: 17 days ago - Pushed at: almost 2 years ago - Stars: 133 - Forks: 13

jasonwhite/syscalls

Raw Linux system calls for Rust.

Language: Rust - Size: 327 KB - Last synced at: 25 days ago - Pushed at: 3 months ago - Stars: 132 - Forks: 19

x42en/sysplant

Your syscall factory

Language: Nim - Size: 2.75 MB - Last synced at: 16 days ago - Pushed at: 18 days ago - Stars: 126 - Forks: 12

polaris64/syswall

Work in progress firewall for Linux syscalls, written in Rust

Language: Rust - Size: 203 KB - Last synced at: 2 months ago - Pushed at: about 2 years ago - Stars: 126 - Forks: 6

javierhonduco/write-a-strace-and-gdb

Tiny system call tracer and debugger

Language: C - Size: 22.5 KB - Last synced at: 7 months ago - Pushed at: over 7 years ago - Stars: 110 - Forks: 15

oldboy21/SyscallMeMaybe

Implementation of Indirect Syscall technique to pop a calc.exe

Language: C++ - Size: 15.6 KB - Last synced at: 3 months ago - Pushed at: almost 2 years ago - Stars: 106 - Forks: 15

japaric/syscall.rs Fork of ebfe/syscall.rs

Raw system calls for Rust

Language: Rust - Size: 189 KB - Last synced at: 25 days ago - Pushed at: over 2 years ago - Stars: 101 - Forks: 30

pmem/vltrace 📦

Tool tracing syscalls in a fast way using eBPF linux kernel feature

Language: C - Size: 1.14 MB - Last synced at: 6 months ago - Pushed at: almost 3 years ago - Stars: 98 - Forks: 20

tdeerenberg/InlineWhispers3

Tool for working with Indirect System Calls in Cobalt Strike's Beacon Object Files (BOF) using SysWhispers3 for EDR evasion

Language: C - Size: 206 KB - Last synced at: 3 months ago - Pushed at: 6 months ago - Stars: 92 - Forks: 13

nbaertsch/nimvoke

Indirect syscalls + DInvoke made simple.

Language: Nim - Size: 43.9 KB - Last synced at: 8 months ago - Pushed at: about 1 year ago - Stars: 90 - Forks: 10

justincormack/go-memfd

Golang Linux memfd library

Language: Go - Size: 62.5 KB - Last synced at: 3 months ago - Pushed at: almost 9 years ago - Stars: 84 - Forks: 15

kfiros/execmon

Advanced process execution monitoring utility for linux (procmon like)

Language: C - Size: 483 KB - Last synced at: 9 months ago - Pushed at: almost 10 years ago - Stars: 84 - Forks: 31

agis/gtrace

Experimental system call tracer for Linux x86-64, written in Go

Language: C - Size: 18.6 KB - Last synced at: 9 months ago - Pushed at: about 5 years ago - Stars: 74 - Forks: 1

rabbitstack/cubostratus

Blazingly fast Linux syscall collector

Language: Rust - Size: 42 KB - Last synced at: 9 months ago - Pushed at: almost 8 years ago - Stars: 74 - Forks: 1

immortal/fork

Library for creating a new process detached from the controling terminal (daemon) using the fork and setsid syscalls.

Language: Rust - Size: 205 KB - Last synced at: about 1 month ago - Pushed at: about 1 month ago - Stars: 72 - Forks: 43

XuShaohua/nc

Run *nix system calls directly in Rust

Language: Rust - Size: 5.58 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 62 - Forks: 15

itaymigdal/PichichiH0ll0wer

Nim process hollowing loader

Language: Nim - Size: 2.86 MB - Last synced at: 6 months ago - Pushed at: 6 months ago - Stars: 57 - Forks: 13

micREsoft/SysCaller

SysCaller: SDK for WindowsAPI via syscalls. Dynamic Resolution, Obfuscation, Multi-Language Bindings, & more!

Language: C++ - Size: 1.53 MB - Last synced at: about 2 months ago - Pushed at: about 2 months ago - Stars: 50 - Forks: 6

grantseltzer/go-disass

A suite of tools for disassembly, ROP, and binary analysis written in Go

Language: Go - Size: 3.33 MB - Last synced at: 7 months ago - Pushed at: almost 3 years ago - Stars: 47 - Forks: 7

meefik/PRoot Fork of proot-me/proot

chroot, mount --bind, and binfmt_misc without privilege/setup for Linux

Language: C - Size: 3.63 MB - Last synced at: 9 months ago - Pushed at: over 6 years ago - Stars: 46 - Forks: 9

KVM-VMI/nitro

Language: Python - Size: 31.6 MB - Last synced at: over 1 year ago - Pushed at: over 7 years ago - Stars: 45 - Forks: 11

andrestc/linux-prog

Some C code i write to study systems programming (while reading The Linux Programming Interface)

Language: C - Size: 133 KB - Last synced at: 9 months ago - Pushed at: over 8 years ago - Stars: 45 - Forks: 19

antitree/keyctl-unmask

Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.

Language: Go - Size: 9.91 MB - Last synced at: 3 months ago - Pushed at: 3 months ago - Stars: 44 - Forks: 4

dannykopping/b3

strace to json parser

Language: JavaScript - Size: 127 KB - Last synced at: 4 months ago - Pushed at: almost 7 years ago - Stars: 38 - Forks: 3

aldostools/Mamba

Mamba is a payload for PS3 apps that adds support for ISO, netiso, plugins, PS3MAPI, etc. It's derived from Cobra.

Language: C - Size: 55.7 MB - Last synced at: 9 months ago - Pushed at: over 2 years ago - Stars: 37 - Forks: 9

SaturnsVoid/Record-Audio-on-Windows

A Go program that uses winmm.dll to record audio to a WAV file.

Language: Go - Size: 1.95 KB - Last synced at: 7 months ago - Pushed at: over 8 years ago - Stars: 36 - Forks: 7

0x00pf/programming4wannabes 📦

Programming course for Wannabes

Language: C - Size: 297 KB - Last synced at: 12 months ago - Pushed at: 12 months ago - Stars: 35 - Forks: 9

philchia/dock

dock try to re-implement docker 🐳

Language: Go - Size: 22.5 KB - Last synced at: almost 3 years ago - Pushed at: about 7 years ago - Stars: 32 - Forks: 1

pjbgf-archives/gosystract 📦

A lightweight CLI tool that finds system calls being called inside golang applications.

Language: Shell - Size: 4.51 MB - Last synced at: 5 months ago - Pushed at: about 4 years ago - Stars: 31 - Forks: 3

vitaminac/minios

mini x86 Operating System <= 256KB

Language: C - Size: 283 KB - Last synced at: 23 days ago - Pushed at: 25 days ago - Stars: 29 - Forks: 5

Souhardya/Catharsis

Raw syscall implementations with Powershell

Language: PowerShell - Size: 865 KB - Last synced at: 9 months ago - Pushed at: over 6 years ago - Stars: 29 - Forks: 9

edigaryev/awesome-system-calls

A categorized list of system calls used by popular Unix-like operating systems

Language: Rust - Size: 108 KB - Last synced at: 4 days ago - Pushed at: about 1 month ago - Stars: 27 - Forks: 1

martinclauss/syscall_number

This tool gives you the Linux system call number (32bit and 64bit x86) for a system call name (e.g., read, write, ...).

Language: Python - Size: 21.5 KB - Last synced at: 6 months ago - Pushed at: about 2 years ago - Stars: 25 - Forks: 4

lilydjwg/openredir

redirect file open operations via LD_PRELOAD

Language: C - Size: 15.6 KB - Last synced at: 9 months ago - Pushed at: almost 3 years ago - Stars: 24 - Forks: 1

vi/syscall_limiter

Start Linux programs with only selected syscalls enabled (libseccomp-based)

Language: C - Size: 30.3 KB - Last synced at: 9 months ago - Pushed at: almost 9 years ago - Stars: 23 - Forks: 2

guidedhacking/GH_Syscall

Small class to help perform syscalls.

Language: C - Size: 25.4 KB - Last synced at: 3 months ago - Pushed at: 8 months ago - Stars: 21 - Forks: 19

aldostools/COBRA Fork of Joonie86/COBRA-7.3

Cobra is a middleware for PS3 that adds support for ISO, netiso, plugins, PS3MAPI, etc.

Language: C - Size: 193 MB - Last synced at: over 1 year ago - Pushed at: almost 3 years ago - Stars: 21 - Forks: 5

28Zaaky/Shellcode-Ldr

Advanced shellcode loader with AES-256, EDR/AMSI/ETW bypass, indirect syscalls.

Language: C - Size: 137 KB - Last synced at: 20 days ago - Pushed at: 24 days ago - Stars: 18 - Forks: 6

reverseame/winapi-categories

Windows API (WinAPI) functions and system calls with categories in JSON format, including arguments (SAL notation) and more.

Language: Python - Size: 13.7 MB - Last synced at: 4 months ago - Pushed at: 7 months ago - Stars: 18 - Forks: 2

Truvis/SyscallExtractorAnalyzer

This script will pull and analyze syscalls in given application(s) allowing for easier security research purposes

Language: Python - Size: 27.3 KB - Last synced at: over 2 years ago - Pushed at: almost 5 years ago - Stars: 18 - Forks: 2

paulfloyd/freebsd_valgrind

Git repo used to Upstream the FreeBSD Port of Valgrind

Language: C - Size: 81.5 MB - Last synced at: 14 days ago - Pushed at: 16 days ago - Stars: 17 - Forks: 4

zimnyaa/nim-noload-dll-hollowing

Unused DLL hollowing PoC in Nim

Language: Nim - Size: 14.6 KB - Last synced at: about 2 months ago - Pushed at: almost 4 years ago - Stars: 17 - Forks: 3

Kara-4search/HellgateLoader_CSharp

Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.

Language: C# - Size: 176 KB - Last synced at: 9 months ago - Pushed at: almost 4 years ago - Stars: 16 - Forks: 1

TwoUnderscorez/DuckOS

Such OS; Very Duck!

Language: C - Size: 4.79 MB - Last synced at: almost 3 years ago - Pushed at: almost 5 years ago - Stars: 16 - Forks: 1

maandree/sctrace 📦

A simple syscall tracer

Language: C - Size: 161 KB - Last synced at: almost 3 years ago - Pushed at: over 5 years ago - Stars: 16 - Forks: 0