Alternatives and similar repositories for kernel-inline-hook-framework:

Users that are interested in kernel-inline-hook-framework are comparing it to the libraries listed below

• stdhu / kernel-inline-hook
  linux kernel inline hook
  ☆122Updated 2 years ago
• yanivagman / BPFroid
  Trace Android framework API, native libraries, system calls and other events using eBPF
  ☆88Updated 7 months ago
• yaxinsn / vermagic
  Change vermagic and CRCs of a Linux Kernel Module
  ☆52Updated 6 years ago
• baikaishiuc / fastvm
  deobfuse compiler
  ☆214Updated 4 years ago
• julius-b / android-lkm
  Loadable Kernel Module for Android
  ☆71Updated 5 years ago
• ri-char / pwatch
  A cli tool to install a hardware breakpoint/watchpoint on a process in linux.
  ☆200Updated 7 months ago
• yanivagman / tracee
  Container and system event tracing using eBPF
  ☆33Updated last month
• LeadroyaL / llvm-pass-tutorial
  A step-by-step tutorial for building an LLVM sample pass
  ☆193Updated 2 years ago
• erfur / linjector-rs
  Code injection on Android without ptrace
  ☆227Updated 11 months ago
• androidoffsec / libdevbinder
  ☆59Updated 5 months ago
• pcy190 / deobfuscator
  break ollvm.
  ☆99Updated 4 years ago
• ri-char / eStrace
  A tool that traces system calls using eBPF
  ☆234Updated 4 months ago
• 3intermute / arm64_silent_syscall_hook
  silent syscall hooking without modifying sys_call_table/handlers via patching exception handler
  ☆127Updated 10 months ago
• shunix / TinyInjector
  Shared Library Injector on Android
  ☆146Updated 4 years ago
• SeeFlowerX / unwinddaemon
  ☆34Updated 11 months ago
• LeadroyaL / IDA_ARM_Unwind
  IDA plugin, unwind stack trace when debugging arm.
  ☆137Updated 4 years ago
• 3intermute / linux_syscall_hook
  system call hooking on arm64 linux via a variety of methods
  ☆47Updated 2 years ago
• iofomo / abyss
  Android system call hook
  ☆173Updated last month
• null-luo / btrace
  btrace：binder_transaction+eBPF+Golang实现通用的Android APP动态行为追踪工具
  ☆157Updated 8 months ago
• ouadev / proc_maps_parser
  a lightweight library to parse Linux's /proc/[pid]/maps file, which contains the memory map of a process
  ☆125Updated 5 months ago
• VPBox / Dev
  ☆79Updated 3 years ago
• ISRC-CAS / flounder
  PLCT实验室维护的ollvm分支。原始代码来自于 https://github.com/obfuscator-llvm/obfuscator 移植到了最新的 LLVM 上。
  ☆167Updated 2 years ago
• sanfengAndroid / AntiOllvm
  Automatically de-obfuscate ollvm and generate binaries
  ☆106Updated 3 years ago
• SeeFlowerX / BTFHubForAndroid
  BTFHub, but for Android
  ☆36Updated last year
• onesss19 / Syscall_intercept_arm64
  ☆113Updated 2 years ago
• CenturionInfoSec / ebpf-examples
  ☆58Updated 7 months ago
• SsageParuders / SsagePass
  LLVM PASS by SsageParuders.Port to llvm_14.06 with New PM.Support for Android-ndk-r25(LTS).
  ☆159Updated last year
• ne2der / ASyScallHookFrame
  Syscall table hook frame in Android kernel for arm and arm64
  ☆81Updated 7 years ago
• bet4it / udbserver
  Unicorn Emulator Debug Server - Written in Rust, with bindings for C, Go, Java and Python
  ☆360Updated last month
• jmpews / evilELF
  Malicious use of ELF such as .so inject, func hook and so on.
  ☆74Updated 7 years ago