ftrace-hook Linux kernel module demonstrating usage of ftrace framework for function hooking: as in executing arbitrary code around the hooked function. The code is licensed under GPLv2. How to build Please consider using a virtual machine (VirtulBox, VMWare, QEMU, etc.) for experiments. The (...
Development version of the Upstream MultiPath TCP Linux kernel 🐧 - mptcp_net-next/include/linux/ftrace.h at 5f7fb89a115d53b4a10bf7ba2733e78df281e98d · multipath-tcp/mptcp_net-next
$ cd ftrace-hook $ make make -C /lib/modules/4.9.0-5-amd64/build M=/home/ilammy/dev/ftrace-hook modules make[1]: Entering directory '/usr/src/linux-headers-4.9.0-5-amd64' CC [M] /home/ilammy/dev/ftrace-hook/ftrace_hook.o Building modules, stage 2. MODPOST 1 modules CC /hom...
【linux内核调试】使用Ftrace来Hook linux内核函数 【linux内核调试】ftrace/kprobes/SystemTap内核调试方法对比 【KVM】KVM学习—实现自己的内核 Reference: linux-security-papers linux-kernel-exploitation GoSSIP_Software Security Group 为什么是最好的 GitHub 项目? 技术的发展速度比以往任何时候都快,技术正在...
Development version of the Upstream MultiPath TCP Linux kernel 🐧 - mptcp_net-next/include/linux/ftrace.h at 807404d66fcf898d4bcc6a3e3edb07ffd5b88400 · multipath-tcp/mptcp_net-next
It was heavily inspired by the ftrace framework of the Linux kernel and the name uftrace stems from the combination of user and ftrace. It can record data from: User space C/C++/Rust functions, by either dynamically patching functions using -P., or else selective NOP patching using code com...
linux hook detect kernel rootkit sysfs forensics cheat remove procfs lkm syscall sheet ftrace tracefs Updated Dec 16, 2024 MatheuZSecurity / Imperius Star 47 Code Issues Pull requests Make an Linux Kernel rootkit visible again. linux kernel rootkit reveal lkm Updated Feb 27, 2025 C rgolu...
使用ftrace: //在头文件中写上hook数组structftrace_hookhooks[]={HOOK("__x64_sys_mkdir",hook_mkdir,&orig_mkdir),HOOK("__x64_sys_getdents",hook_getdents,&orig_getdents)};//在模块初始化时执行hook安装fh_install_hooks(hooks,ARRAY_SIZE(hooks));//在模块卸载化时执行hook卸载fh_remove_hooks(...
很多人在回答进程的概念的时候,往往只会说它是一个运行的实体,而会忽略掉进程所占据的资源。比如说,同样一个程序,同一时刻被两次运行了,那么他们就是两个独立的进程。linux下查看系统进程的命令是ps。 1、Linux内核进程、线程、调度(一) 2、Linux内核进程、线程、调度(二)...
Search or jump to... Search code, repositories, users, issues, pull requests... Provide feedback We read every piece of feedback, and take your input very seriously. Include my email address so I can be contacted Cancel Submit feedback Saved searches Use saved searches to filter your...