system call hooking on arm64 linux via a variety of methods
☆49Apr 28, 2022Updated 3 years ago
Alternatives and similar repositories for linux_syscall_hook
Users that are interested in linux_syscall_hook are comparing it to the libraries listed below
Sorting:
- silent syscall hooking without modifying sys_call_table/handlers via patching exception handler☆153Apr 22, 2024Updated last year
- linux x86_64 and arm64 syscall hook☆22Dec 9, 2023Updated 2 years ago
- An approach to utilize auditd under Android 6+☆23Aug 24, 2018Updated 7 years ago
- A kernel module for tracing signal☆31Jan 17, 2023Updated 3 years ago
- Android-Syscall-Logger☆22Feb 28, 2021Updated 5 years ago
- 个人专用 ONEPLUS 5 内核,做了一些基础的反调试修改(从 maps 隐藏特定 lib,最完��整最正常的 tracerPid 修改措施)☆82Oct 7, 2021Updated 4 years ago
- monitor svc calls of android☆74Sep 6, 2018Updated 7 years ago
- A example hook syscall of ioctl☆25Jan 18, 2025Updated last year
- Process hider for Linux systems using a kernel agent☆22Dec 18, 2020Updated 5 years ago
- ☆122Mar 18, 2022Updated 4 years ago
- linux kernel inline hook☆142Oct 26, 2022Updated 3 years ago
- ☆15Jun 24, 2021Updated 4 years ago
- 转换Pxx的vmp文件(check.bin, mw.bin)到.class☆28Mar 15, 2023Updated 3 years ago
- 主要记入自己复现过的android cve☆53Feb 28, 2022Updated 4 years ago
- openssl tracer using eBPF☆16Jan 4, 2026Updated 2 months ago
- 研究内核改机策略☆70Mar 13, 2024Updated 2 years ago
- Android NDK Toolchains with llvm based obfuscator☆17May 14, 2021Updated 4 years ago
- Simple library to Read and Write Memory of a Linux Process through custom Kernel Module☆53Jun 6, 2020Updated 5 years ago
- This is an injection tool that can inject xposed module to debuggable app by jdwp.☆52Feb 22, 2022Updated 4 years ago
- Mirror of https://gitee.com/SmartSmallBoy/hardware-breakpoint☆62May 20, 2024Updated last year
- A Project for people to study android svc.☆25Aug 12, 2022Updated 3 years ago
- Anti-Debug and Anti-Memory Dump for Android☆282Feb 21, 2021Updated 5 years ago
- Remap a library to avoid detection☆132Feb 1, 2024Updated 2 years ago
- 网络抓包、网络检测☆40Nov 10, 2025Updated 4 months ago
- apatch kpm 模块通用内核读写内存 linux kernel read only support ARM64(based apatch)☆66Jan 13, 2026Updated 2 months ago
- hook or replace arbitary linux/FreeBSD kernel functions in runtime, supporting arm32, arm64, x86, x86_64, riscv☆220Mar 6, 2026Updated 2 weeks ago
- Single-step debugging of native code using frida, stalker, and semaphore☆87Oct 9, 2024Updated last year
- A kernel module for protecting android rooted device☆39Jun 6, 2023Updated 2 years ago
- Syscall table hook frame in Android kernel for arm and arm64☆82May 29, 2017Updated 8 years ago
- Kernel mode to user mode so injection☆94Nov 6, 2020Updated 5 years ago
- ☆34Dec 30, 2024Updated last year
- A Kernel module to break the kernel read-only to modify the syscall_table purpose (only in the Linux Arm64 6.6 Kernel test runs properly)…☆41Feb 2, 2025Updated last year
- 对于目前主流android逆向工具的检测☆110Sep 6, 2022Updated 3 years ago
- oneplus 7t 自定义内核(for 安卓逆向/外挂分析)☆242Feb 22, 2023Updated 3 years ago
- ☆37Jun 25, 2025Updated 8 months ago
- ☆61Apr 1, 2022Updated 3 years ago
- this is dump Il2Cpp CS Struct and IDA Script without global-metadta.dat in Runtime☆35Jul 29, 2022Updated 3 years ago
- An IDA plugin that allows you to use /proc/kallsyms output to import function and data labels into an extracted Android kernel image.☆72Nov 4, 2019Updated 6 years ago
- ☆86Dec 15, 2023Updated 2 years ago