Projects in Awesome Lists tagged with syscalls
A curated list of projects in awesome lists tagged with syscalls .
https://github.com/linux-test-project/ltp
Linux Test Project (mailing list: https://lists.linux.it/listinfo/ltp)
c libc linux linux-kernel linux-test ltp posix syscalls test-automation unix
Last synced: 13 May 2025
https://github.com/proot-me/proot
chroot, mount --bind, and binfmt_misc without privilege/setup for Linux
c chroot chroot-environment hacktoberfest linux ptrace rootfs syscalls userland-exec
Last synced: 15 May 2025
https://github.com/genuinetools/contained.af
A stupid game for learning about containers, capabilities, and syscalls.
apparmor containers docker game linux opencontainers seccomp security syscalls
Last synced: 16 May 2025
https://github.com/joshfaust/Alaris
A protective and Low Level Shellcode Loader that defeats modern EDR systems.
bypass-antivirus shellcode-loader syscalls
Last synced: 11 Jul 2025
https://github.com/7etsuo/windows-api-function-cheatsheets
A reference of Windows API function calls, including functions for file operations, process management, memory management, thread management, dynamic-link library (DLL) management, synchronization, interprocess communication, Unicode string manipulation, error handling, Winsock networking operations, and registry operations.
cheatsheet malware-analysis malware-research reverse-engineering syscalls systems-programming win32-api windows windows-10 windows-11 windows-api windows-internals
Last synced: 02 Oct 2025
https://github.com/justasmasiulis/inline_syscall
Inline syscalls made easy for windows on clang
assembly cpp17 header-only hooks inline library obfuscation static-analysis syscall syscalls windows x64
Last synced: 13 Apr 2025
https://github.com/virtualalllocex/defcon-31-syscalls-workshop
Contains all the material from the DEF CON 31 workshop "(In)direct Syscalls: A Journey from High to Low".
antivirus-bypass antivirus-evasion direct-syscalls edr-bypass edr-evasion indirect-syscalls malware-analysis malware-development malware-development-guide shellcode shellcode-loader syscalls windows-internals workshop
Last synced: 04 Apr 2025
https://github.com/pmem/syscall_intercept
The system call intercepting library
Last synced: 17 Sep 2025
https://github.com/zer0condition/ReverseKit
x64 Dynamic Reverse Engineering Toolkit
bypass hook imgui imports reverseengineering syscalls
Last synced: 30 Mar 2025
https://github.com/Maldev-Academy/HellHall
Performing Indirect Clean Syscalls
Last synced: 12 Apr 2025
https://github.com/sysdiglabs/kubectl-dig
Deep kubernetes visibility from the kubectl
containers kubectl-plugins kubernetes monitoring o11y observability syscalls
Last synced: 05 Apr 2025
https://github.com/f1zm0/hades
Go shellcode loader that combines multiple evasion techniques
adversary-emulation av-evasion edr-evasion evasion golang ntapi ntdll offensive-security pentesting red-teaming syscalls
Last synced: 06 Apr 2025
https://github.com/daem0nc0re/atomicsyscall
Tools and PoCs for Windows syscall investigation.
syscalls windows windows-kernel
Last synced: 16 May 2025
https://github.com/trailofbits/krf
A kernelspace syscall interceptor and randomized faulter
fault-injection freebsd hacktoberfest linux-kernel syscalls
Last synced: 16 May 2025
https://github.com/daem0nc0re/AtomicSyscall
Tools and PoCs for Windows syscall investigation.
syscalls windows windows-kernel
Last synced: 11 Jul 2025
https://github.com/frenchyeti/interruptor
Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker
arm64 frida hooking instrumentation strace syscall-tracing syscalls system-call-tracing tracing
Last synced: 05 Apr 2025
https://github.com/ergrelet/windiff
Web-based tool that allows comparing symbol, type and syscall information of Microsoft Windows binaries across different versions of the OS.
diff insider nextjs ntoskrnl pdb portable-executable preview reverse-engineering rust syscalls undocumented web win32 windows
Last synced: 16 May 2025
https://github.com/FrenchYeti/interruptor
Human-friendly cross-platform system call tracing and hooking library based on Frida's Stalker
arm64 frida hooking instrumentation strace syscall-tracing syscalls system-call-tracing tracing
Last synced: 12 Jul 2025
https://github.com/containers/oci-seccomp-bpf-hook
OCI hook to trace syscalls and generate a seccomp profile
bcc containers oci seccomp-profile syscalls
Last synced: 16 May 2025
https://github.com/google/kafel
A language and library for specifying syscall filtering policies.
linux seccomp-filter security syscalls
Last synced: 04 Apr 2025
https://github.com/mebeim/systrack
📡🐧 Linux kernel syscall implementation tracker
abi automation binary-analysis elf kconfig linux linux-kernel security-research syscall syscall-table syscalls
Last synced: 16 May 2025
https://github.com/matheusmoreira/liblinux
Linux system calls.
linux linux-kernel syscalls system-calls systems-programming
Last synced: 03 Oct 2025
https://github.com/0xcpu/WinAltSyscallHandler
Some research on AltSystemCallHandlers functionality in Windows 10 20H1 18999
kernel proof-of-concept syscalls windows-10
Last synced: 04 Apr 2025
https://github.com/liamg/siphon
:alembic: Intercept stdin/stdout/stderr for any process
hacktoberfest input-output intercept ptrace spy syscalls
Last synced: 16 Jul 2025
https://github.com/fortra/hw-call-stack
Use hardware breakpoints to spoof the call stack for both syscalls and API calls
edr-bypass stack-spoofing syscalls
Last synced: 07 May 2025
https://github.com/annihilatorq/shadow_syscall
windows syscalls with a single line and a high level of abstraction. has modern cpp20 wrappers and utilities, range-based DLL and export enumeration, wrapper around KUSER_SHARED_DATA. supported compilers: clang, gcc and msvc
analysis cpp direct-syscalls export getmodulehandle getprocaddress hashing header-only masm obfuscation reverse-engineering shadow-syscalls shellcode syscall syscalls win-internals
Last synced: 04 Apr 2025
https://github.com/mebeim/linux-syscalls
🌐🐧 Browsable Linux kernel syscall tables built with Systrack (https://github.com/mebeim/systrack)
linux linux-kernel security-research security-tools syscall-table syscalls
Last synced: 05 Apr 2025
https://github.com/bw3ll/shellwasp
ShellWasp is a tool to help build shellcode that utilizes Windows syscalls, while overcoming the portability problem associated with Windows syscalls. ShellWasp is built for 32-bit, WoW64. ShellWasp 2.0 includes novel ways to invoke the syscall in WoW64.
shellcode syscalls windows-syscalls
Last synced: 21 Aug 2025
https://github.com/davidbuchanan314/tardis
Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.
Last synced: 20 Aug 2025
https://github.com/DavidBuchanan314/TARDIS
Trace And Rewrite Delays In Syscalls: Hooking time-related Linux syscalls to warp a process's perspective of time, using ptrace.
Last synced: 10 May 2025
https://github.com/pinterest/ptracer
A library for ptrace-based tracing of Python programs
Last synced: 29 Mar 2025
https://github.com/alegrey91/harpoon
🔍 Seccomp profiling and function-level tracing tool.
devops devsecops devsecops-pipeline ebpf ebpf-programs golang hacktoberfest hardening seccomp security-audit security-tools syscalls system-calls
Last synced: 05 Apr 2025
https://github.com/janoglezcampos/rust_syscalls
Single stub direct and indirect syscalling with runtime SSN resolving for windows.
rust rust-lang security-tools syscalls
Last synced: 08 Apr 2025
https://github.com/polaris64/syswall
Work in progress firewall for Linux syscalls, written in Rust
linux rust security security-tools syscall syscalls
Last synced: 16 May 2025
https://github.com/x42en/sysplant
Your syscall factory
code-generation edr-evasion hacking-tool offensive-security syscall-hooking syscalls windows
Last synced: 04 Apr 2025
https://github.com/idouble/nasm-assembly-linux-notes
🐧 Assembly with Linux (Notes, Syscalls, Protection Rings) 🐧
assembly kernel-mode kernel-module linux linux-kernel nasm nasm-assembly privilege-levels privileged-instruction protection-ring read ring-0 ring-3 ring0 ring3 syscalls systemcall systemcalls usermode write
Last synced: 16 Apr 2025
https://github.com/javierhonduco/write-a-strace-and-gdb
Tiny system call tracer and debugger
computers debugger learning linux ptrace strace syscalls toy-strace
Last synced: 22 Jun 2025
https://github.com/oldboy21/syscallmemaybe
Implementation of Indirect Syscall technique to pop a calc.exe
cplusplus edr-evasion security-tools syscalls
Last synced: 13 Oct 2025
https://github.com/pmem/vltrace
Tool tracing syscalls in a fast way using eBPF linux kernel feature
bcc ebpf ebpf-programs kprobes syscall syscalls tracepoints
Last synced: 09 Jul 2025
https://github.com/kfiros/execmon
Advanced process execution monitoring utility for linux (procmon like)
c execve hooks kernel kernel-module linux linux-kernel linux-process-monitor linux-procmon process-monitor procmon syscall-hook syscall-table syscalls
Last synced: 30 Mar 2025
https://github.com/justincormack/go-memfd
Golang Linux memfd library
capnproto golang linux linux-memfd memfd syscalls
Last synced: 31 Mar 2025
https://github.com/nbaertsch/nimvoke
Indirect syscalls + DInvoke made simple.
Last synced: 09 Apr 2025
https://github.com/agis/gtrace
Experimental system call tracer for Linux x86-64, written in Go
golang strace syscalls systemcalls tracer
Last synced: 19 Apr 2025
https://github.com/rabbitstack/cubostratus
Blazingly fast Linux syscall collector
cgroups containers instrumentation linux-kernel rust syscalls
Last synced: 22 Mar 2025
https://github.com/0xflux/hells-hollow
Hells Hollow Windows 11 Rootkit technique to Hook the SSDT via Alt Syscalls
alt-syscalls alternative-syscalls exploit kernel kernel-exploit malware rootkit ssdt ssdt-hook ssdt-hooking ssdt-plug syscalls windows-11 windows11
Last synced: 16 Oct 2025
https://github.com/grantseltzer/go-disass
A suite of tools for disassembly, ROP, and binary analysis written in Go
binary-analysis disassembler disassembly go golang rop static-analysis syscalls
Last synced: 10 Apr 2025
https://github.com/andrestc/linux-prog
Some C code i write to study systems programming (while reading The Linux Programming Interface)
Last synced: 21 Mar 2025
https://github.com/meefik/PRoot
chroot, mount --bind, and binfmt_misc without privilege/setup for Linux
c chroot chroot-environment linux ptrace rootfs syscalls userland-exec
Last synced: 03 Apr 2025
https://github.com/antitree/keyctl-unmask
Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.
breakout containers docker keyctl kubernetes namespacing seccomp security-tools syscalls
Last synced: 24 Oct 2025
https://github.com/aldostools/mamba
Mamba is a payload for PS3 apps that adds support for ISO, netiso, plugins, PS3MAPI, etc. It's derived from Cobra.
cobra iris-manager iso mamba-payload netiso ps3 ps3mapi syscalls vsh-plugins vsh-process
Last synced: 14 Apr 2025
https://github.com/saturnsvoid/record-audio-on-windows
A Go program that uses winmm.dll to record audio to a WAV file.
api audio dll go golang mcisendstring microphone record syscalls wav windows winmm
Last synced: 13 Apr 2025
https://github.com/souhardya/catharsis
Raw syscall implementations with Powershell
powershell-script redteaming syscalls
Last synced: 22 Apr 2025
https://github.com/martinclauss/syscall_number
This tool gives you the Linux system call number (32bit and 64bit x86) for a system call name (e.g., read, write, ...).
asm assembly cli ctf exploit-development linux pwn python rop shellcode-development syscalls x86-32 x86-64
Last synced: 05 Jul 2025
https://github.com/lilydjwg/openredir
redirect file open operations via LD_PRELOAD
ld-preload lua-script redirect syscalls
Last synced: 05 Apr 2025
https://github.com/vi/syscall_limiter
Start Linux programs with only selected syscalls enabled (libseccomp-based)
libseccomp linux seccomp security syscalls
Last synced: 15 Apr 2025
https://github.com/kara-4search/hellgateloader_csharp
Load shellcode via HELLGATE, Rewrite hellgate with .net framework for learning purpose.
bypass bypass-antivirus bypass-edr bypass-linehook csharp hellgate pentest redteam shellcode shellcode-loader syscalls
Last synced: 15 Apr 2025
https://github.com/slavaim/riscv-magenta
Magenta kernel port to RISC-V
fuchsia-os kernel magenta magenta-kernel musl porting qemu risc-v syscalls
Last synced: 26 Mar 2025
https://github.com/blaind/hstrace
Syscall tracing CLI & library made in Rust
cli command-line command-line-tool rust rust-crate strace syscall syscalls tracing
Last synced: 05 May 2025
https://github.com/paulfloyd/freebsd_valgrind
Git repo used to Upstream the FreeBSD Port of Valgrind
amd64 clang freebsd gcc jit-compiler profiling syscalls thread-safety valgrind x86
Last synced: 26 Mar 2025
https://github.com/aeverj/nimsyscalls
Direct system calls by nim
bypass-antivirus nim offensive syscalls
Last synced: 03 Aug 2025
https://github.com/grz0zrg/twigs
Twigs – 512 bytes procedural graphics in C code (IFS Fractal, Linux, fbdev)
512-bytes bytes chaos-game demoscene fbdev fractal framebuffer gcc-complier generative-art graphics-programming ifs iterated-function-system linux procedural-algorithms procedural-art syscalls tinycode
Last synced: 25 Jul 2025
https://github.com/hartwork/antijack
:ninja: seccomp-based anti-TTY-hijacking proof-of-concept (prevents TIOCSTI and TIOCLINUX)
c99 command-injection doas ioctl libseccomp linux seccomp seccomp-filter seccomp-filtering seccomp-tools security sudo syscall-filter syscalls tioclinux tiocsti tty
Last synced: 18 Sep 2025
https://github.com/wendymunyasi/alx-low_level_programming
Learning C
algorithms c data-structures debugging memory-allocation recursion shell shell-script syscalls
Last synced: 13 Apr 2025
https://github.com/hirenchauhan2/wallpaper
Utility to set desktop wallpaper for Windows, [Mac & Linux WIP!]
golang syscalls wallpaper wallpaper-changer
Last synced: 29 Apr 2025
https://github.com/proot-me/proot-me.github.io
chroot, mount --bind, and binfmt_misc without privilege/setup for Linux
c chroot chroot-environment linux ptrace rootfs syscalls userland-exec website
Last synced: 06 May 2025
https://github.com/kdrag0n/callbench
A program to measure the speed of simple time syscalls and vDSO calls, as well as basic in-memory file I/O using the mmap(2) and read(2) syscalls.
linux microbenchmarks syscalls unix
Last synced: 23 Apr 2025
https://github.com/lbirchler/strace-perfetto
strace-perfetto runs strace and converts the raw output to a Trace Event JSON file. The JSON file can then be analyzed using Google's Perfetto UI
perfetto race-conditions strace syscalls
Last synced: 09 Jul 2025
https://github.com/renatoaguimaraes/golang-job-scheduler
Job worker service that provides an API to run arbitrary Linux processes.
concurrency golang grpc linux stream syscalls x509-auth
Last synced: 15 Dec 2025
https://github.com/avilum/syscalls
Merged to firejail; Find syscalls of executables for seccomp-bpf sandbox policies.
firejail jail sandbox seccomp seccomp-bpf-policies seccomp-profile security-hardening syscalls
Last synced: 27 Oct 2025
https://github.com/mauri870/assembly-fun
Some fun in assembly Linux x64
assembly linux nasm problem-solving syscalls x64 yasm
Last synced: 13 Apr 2025
https://github.com/healeycodes/unrandom
🎲 Intercept and modify getrandom syscalls from a process (x86-64 Linux).
Last synced: 12 May 2025
https://github.com/djmgit/cupcake
A tiny, simple webserver in x86 (32 bit) assembly language from scratch for fun
assembly-x86 educational linux nasm recreational syscalls systems
Last synced: 12 Apr 2025
https://github.com/gandi/nfs-ganesha-kmod
freebsd nfs nfs-ganesha nfs-server syscalls
Last synced: 23 Sep 2025
https://github.com/basemax/c-nostdlib-assembly
We define own _start point without using GLIBC runtime library using Assembly. (x86_64 and i386)
assembly assembly-8086 assembly-x64 assembly-x86 c syscall syscalls
Last synced: 25 Aug 2025
https://github.com/thebigcicca/HiddenGhost
HiddenGhost is an new solution for find system call table with support for 5.7x kernels +
linux-kernel-hacking linux-kernel-module linux-rootkit lkm lkm-rootkit rootkit syscall syscall-hook syscalls
Last synced: 08 May 2025
https://github.com/yeaseen/nachos-os_build
This is an extension of Nachos to support multiprogramming using system calls such as Exec, Exit, Read and Write to have processes request services from the kernel. Then it is further extended by a Virtual Memory Manager supported by Demand Paging and Page Replacement procedures.
demand-paging nachos-os operating-system page-replacement syscalls threading virtual-memory-manager
Last synced: 24 Jun 2025
https://github.com/thebigcicca/hiddenghost
HiddenGhost is an new solution for find system call table with support for 5.7x kernels +
linux-kernel-hacking linux-kernel-module linux-rootkit lkm lkm-rootkit rootkit syscall syscall-hook syscalls
Last synced: 23 Aug 2025
https://github.com/rinhizakura/ebpf-strace
A demonstration to show how to trace syscalls by eBPF
Last synced: 24 Aug 2025
https://github.com/ldorau/strace.ebpf
Tool tracing syscalls in a fast way using eBPF linux kernel feature
bcc ebpf ebpf-programs kprobes syscall syscalls tracepoints
Last synced: 12 Apr 2025
https://github.com/wjsjtu/socket-control
This project is aimed to control the socket connection by hijacking the syscall table, configure file is in JSON format and transferred into kernel by netlink.
c kernel netlink socket socket-control syscall-table syscalls
Last synced: 18 Oct 2025
https://github.com/taoky/greenhook
A seccomp-unotify-based syscall hook library for Linux
Last synced: 05 May 2025
https://github.com/aflah02/os_assignments
Assignments for Operating Systems Course at IIITD
artix-linux c kernel linux operating-systems syscalls
Last synced: 09 Jul 2025
https://github.com/joemiller/go-jail
[experiment] simple wrapper for executing sandboxed processes using Seccomp and capabilities filters
Last synced: 09 Nov 2025
https://github.com/walderlansena/studyingassembly
:mortar_board: :computer: Repositório com código de estudo da linguagem de programação Assembly
0x86 32bits asm assembly baixo-nivel code estudo linguagem-assembly linux nasm nasm-assembly programacao programacion sistema syscalls
Last synced: 09 Jul 2025
https://github.com/cristianzsh/system-programs
Implementation of various Unix system programs
c kernel linux operating-systems posix programs syscalls system-calls
Last synced: 25 Dec 2025
https://github.com/stackoverflowexcept1on/hello-world-64
The real programmers can write hello world in 64 bytes of machine code!
assembly hello-world low-level syscalls windows x86-64
Last synced: 28 Feb 2025
https://github.com/hightemp/getdents_ls
List large directories recursive
a-lot-of-files cli list-app list-files syscalls
Last synced: 12 Apr 2025
https://github.com/engineering87/ksb-kernelsynchbarrier
Synch Barrier syscall
barrier linux linux-kernel synchronization syscalls
Last synced: 14 Sep 2025
