system call hook for Linux
☆626Jan 6, 2025Updated last year
Alternatives and similar repositories for zpoline
Users that are interested in zpoline are comparing it to the libraries listed below
Sorting:
- iip: an integratable TCP/IP stack☆96Dec 14, 2025Updated 3 months ago
- System Call Hook for ARM64☆217Jan 19, 2026Updated 2 months ago
- ELISA: Exit-Less, Isolated, and Shared Access for Virtual Machines☆21Nov 1, 2025Updated 4 months ago
- Code injection on Android without ptrace☆283Mar 20, 2024Updated 2 years ago
- malloc for memory-mapped files☆14Jun 25, 2020Updated 5 years ago
- The system call intercepting library☆667Jan 6, 2025Updated last year
- bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.☆92Sep 21, 2025Updated 5 months ago
- linux kernel inline hook☆142Oct 26, 2022Updated 3 years ago
- A custom ELF linker/loader for installing ET_REL binary patches at runtime☆200Mar 5, 2026Updated 2 weeks ago
- hook or replace arbitary linux/FreeBSD kernel functions in runtime, supporting arm32, arm64, x86, x86_64, riscv☆220Mar 6, 2026Updated 2 weeks ago
- A tool to recover a fully analyzable .ELF from a raw kernel, through extracting the kernel symbol table (kallsyms)☆1,698Updated this week
- Modify Android linker to provide loading module and hook function☆465Oct 13, 2025Updated 5 months ago
- A thin-hypervisor that runs on aarch64 CPUs.☆103Feb 22, 2026Updated 3 weeks ago
- ☆15Apr 28, 2023Updated 2 years ago
- silent syscall hooking without modifying sys_call_table/handlers via patching exception handler☆153Apr 22, 2024Updated last year
- Linux kernel privilege escalation techniques☆153Aug 9, 2024Updated last year
- llvm with customised obfuscation optimisations☆15Sep 25, 2024Updated last year
- an obfuscator based on LLVM which can obfuscate the program execution trajectory☆107Mar 15, 2021Updated 5 years ago
- Userspace eBPF runtime for Observability, Network, GPU & General Extensions Framework☆1,421Mar 11, 2026Updated last week
- sloader is an ELF loader which aims to replace ld-linux.so of glibc.☆162Nov 5, 2023Updated 2 years ago
- A tool that traces system calls using eBPF☆269Oct 31, 2024Updated last year
- Remap a library to avoid detection☆132Feb 1, 2024Updated 2 years ago
- A Dynamic Binary Instrumentation framework based on LLVM.☆1,742Feb 20, 2026Updated last month
- LIEF - Library to Instrument Executable Formats (C++, Python, Rust)☆5,316Updated this week
- The standalone version of the libunwindstack from Android.☆29Oct 11, 2024Updated last year
- Android Memory Editor/Scanner (MemoryTools)☆239Jan 21, 2025Updated last year
- Simple syscall sandboxing for Linux☆144Oct 20, 2025Updated 4 months ago
- A simple ptrace-less shared library injector for x64 Linux☆283Jan 27, 2023Updated 3 years ago
- Frida-based tracer for easier reverse-engineering on Android, iOS, Linux, Windows and most related architectures.☆582Nov 5, 2025Updated 4 months ago
- High-performance QEMU memory and instruction tracing☆554Jul 26, 2024Updated last year
- A stealthy ELF loader - no files, no execve, no RWX☆174Dec 31, 2023Updated 2 years ago
- Linux kernel source tree☆888Feb 16, 2026Updated last month
- awesome llvm security [Welcome to PR]☆794Mar 13, 2026Updated last week
- A powerful static binary rewriting tool☆1,097Mar 3, 2026Updated 2 weeks ago
- eBPF-based lightweight debugger for Android☆761Dec 27, 2025Updated 2 months ago
- O-MVLL is a code obfuscation tool based on LLVM for native code (Android and iOS).☆936Mar 13, 2026Updated last week
- A packet oriented Linux kernel function call tracer☆410Apr 14, 2024Updated last year
- ELF Shared library injector using DT_NEEDED precedence infection. Acts as a permanent LD_PRELOAD☆112Apr 8, 2020Updated 5 years ago
- Inject remote process without using ptrace on linux based system☆19Apr 26, 2022Updated 3 years ago