-
Hi,
I'm currently attempting to use appimagetool to package a binary which is using qt. Redirection is working fairly well, except for the fact the app in question ([Albert](https://albertlauncher.…
-
Currently we can't detect if [KHOOK](https://github.com/milabs/khook) has been used to hook kernel functions. This is because it doesn't mess with the pointer, but the function itself by inserting ass…
-
In the syscall chapter, syscall hooking is introduced, so I think it may be a good opportunity to go a step deeper to talk about Ftrace and hooking, and maybe kernel live patching.
I can provide so…
-
Are you going to provide advice on stopping anti cheats using this? 5e are using it which seems a disgrace to me. Thx
-
* Use UBSAN and ASAN when it is possible.
The way UBSAN, ASAN do code instrumentation seems to be conflicting with syscall_intercept's syscall hooking. They insert syscall instructions to places oth…
-
Quando terá hooking de syscalls no seu rootkit? Por ex hookar a getdents pra esconder diretórios, tcp4_seq_show e tcp6_seq_show pra esconder conexões e etc... Isso ai não está nem perto de ser um root…
-
Hello,
I'm glad to see that there is finally a concrete implementation of syscall hooking using eBPF. What do you think about adding static configurations to your solution in order to replace syste…
-
So I mentioned this already in private but when you try hooking for example ZwQueryVirtualMemory which has more than 4 parameters (after RCX, RDX, R8, R9) aka some on the stack like the 5th and 6th fo…
-
- [x] `esil.os` config-var
- [ ] there must be hooks in esilcallbacks reserved for tracing and hooks reserved for platform voodo custom
- [ ] explicit regprofiles in analplugins (don't expect the on…
-
_From [derek.br...@gmail.com](https://code.google.com/u/117968039472581148324/) on November 25, 2009 15:18:06_
this was PR 204587 issue #157 enables injecting at the very start of the init APC. we j…