Alternatives and similar repositories for linux_syscall_hook

Users that are interested in linux_syscall_hook are comparing it to the libraries listed below

• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆146Updated last year
• maskelihileci / IDA_Ollvm-unflattener
  Control Flow Flattening Deobfuscator for Obfuscator-LLVM as a plugin for IDA Pro.
  ☆87Updated 6 months ago
• junknet / kernel-debugger
  内核硬件调试器模块，rootkit操作 dump
  ☆34Updated 3 years ago
• Rhydon1337 / linux-kernel-so-injector
  Kernel mode to user mode so injection
  ☆91Updated 4 years ago
• zhuzhu-Top / deobf
  tprt ollvm 反混淆 修改 binja il
  ☆47Updated last year
• za233 / IDADeflat
  deflat plugins for ida pro
  ☆41Updated 2 years ago
• lockedbyte / so_loader
  In-memory ELF shared library loading
  ☆43Updated 2 years ago
• gmh5225 / android-kernel-driver-template
  A GKI Android kernel driver(ARMv8.3) template compiled by llvm-msvc
  ☆39Updated last year
• Mrack / tracer-rs
  使用 frida stalker 实现的 trace
  ☆29Updated 2 years ago
• bluesadi / debogus
  Deobfuscate OLLVM Bogus Control Flow via angr
  ☆66Updated 3 years ago
• nzcv / arm64-mmu
  详细说明及演示MMU相关原理及过程(用于理解Linux内核Root Kernelpatch)
  ☆22Updated last year
• 0xjacklove / xflower
  deobfuscation BR
  ☆52Updated last year
• EEEEhex / detx
  deobf tx libtprt's obfuscation
  ☆50Updated last year
• cs1ime / AndroidSuperInject
  Injecting into SELinux-protected system service processes under root on Android.
  ☆46Updated last year
• Ylarod / Buer-Obfuscator
  A WIP Obfuscator based on llvm14
  ☆32Updated 2 years ago
• cbwang505 / unicorn-whpx
  跨平台模拟执行unicorn框架基于Qemu的TCG模式(Tiny Code Generator),以无硬件虚拟化支持方式实现全系统的虚拟化,支持跨平台和架构的CPU指令模拟,本文讨论是一款笔者的实验性项目采用Windows Hypervisor Platform虚拟机模式…
  ☆76Updated last year
• KpwnZ / sllvm-obfuscator
  Implementation of sllvm obfuscator
  ☆65Updated 2 years ago
• pgarba / Squanchy
  ☆41Updated 4 months ago
• Ylarod / SignalTracer
  A kernel module for tracing signal
  ☆30Updated 2 years ago
• veritas501 / ToyObfuscator
  Toy LLVM obfuscator pass
  ☆73Updated 4 years ago
• SsageParuders / Android_Kernel_hwBreakPoint
  ☆59Updated 3 years ago
• CDuPlooy / arm64tracer
  ☆15Updated 4 years ago
• abcz316 / replaceOllvmElfSymCom
  本工具用于解决ollvm编译出来的Linux驱动文件，加载进内核会报错“please compile with -fno-common”的问题
  ☆37Updated 4 years ago
• Ch0pin / JNIInvocation
  ☆56Updated 2 years ago
• revercc / ELFinjection
  A simple android utility for inject so （suport arm, aarch64)
  ☆27Updated 2 years ago
• ShinoLeah / eHook
  A Simple uprobe Hook Framework
  ☆60Updated 7 months ago
• Rhydon1337 / linux-kernel-process-hider
  Process hider for Linux systems using a kernel agent
  ☆22Updated 4 years ago
• gmh5225 / AndroidDriveSignity
  AndroidDriveSignity is a Python utility designed to bypass driver signature verification in Android kernel(ARMv8.3), facilitating the loa…
  ☆63Updated last year
• wszxl516 / syscall_hook
  linux x86_64 and arm64 syscall hook
  ☆21Updated last year
• zzzcccyyyggg / Kotoamatsukami
  Kotoamatsukami is an obfuscator based on LLVM-17, utilizing LLVM's new pass to implement plug-in features, for obfuscating multiple langu…
  ☆54Updated 7 months ago