|
You are here |
johnnysswlab.com | ||
| | | | |
www.goncharov.xyz
|
|
| | | | | [AI summary] A technical post explains the methodology for intercepting system calls in the Linux x86_64 kernel using kernel modules, including details on MSR registers and memory protection flags. | |
| | | | |
modexp.wordpress.com
|
|
| | | | | Introduction Quick post about Windows System calls that I forgot about working on after the release of Dumpert by Cn33liz last year, which is described in this post. Typically, EDR and AV set hooks on Win32 API or NT wrapper functions to detect and mitigate against malicious activity. Dumpert attempts to bypass any user-level hooks... | |
| | | | |
binarydebt.wordpress.com
|
|
| | | | | System call table is an array of function pointers. It is defined in kernel space as variable sys_call_table and it contains pointers to functions which implement system calls. Index of each function pointer in the array is the system call number for that syscall. These are denoted by NR_* macros in header files, such as... | |
| | | | |
synacktiv.com
|
|
| | | Exploiting a No-Name FreeBSD Kernel Vulnerability | ||