-
The [pre-commit](https://pre-commit.com/) integration fails when more than one GH actions file is changed within a single commit.
The pre-commit check fails with
```
- hook id: action-validator
- …
-
On 64-bit (amd64/x86_64) Redhat / CentOS 6.x (kernel 2.6.32), vanilla, I have experienced an issue with the execve stub. While indeed we can hook stub_execve, record the arguments e.g. the program bei…
-
we can fake a task scheduler using goroutines. thread safety becomes a problem but it will come up anyway.
-
i build hook for the execve system call and
I tried to copy the dp register (i saw it on assembly user space program)from the struct and then copy from the first address but it always empty
this …
-
/system/bin/su: No such file or directory
-
Currently when a new process is executed, the layer creates a connection to the internal proxy, which creates a new connection to the agent, which creates new resources (threads?) for the new client. …
-
It's impossible to hook several system calls by just replacing correspinding `sys_call_table` values. So, we need to blacklist that numbers which can be found by the command:
```
cat /proc/kallsyms |…
-
HI:
kernel(Sandbox)[0] : Sandbox: hook..execve() killing jetslammed_daemon[pid=11520, uid=0]: outside of container && !i_can_has_debugger
kernel(AppleMobileFileIntegrity)[0] : Library Validat…
-
1.this rootkit cannot make success on my centos7(3.10.0-862.el7.x86_64)
2.I recently tried to create HIDS,i consult some infomation(actually i am a rootkit rookie),I noticed that Linux audit is ver…
-
When tracing batch jobs (like `make(1)`) it's immesurably useful to get also user/kernel CPU time for each process/thread beside overall clock time for whole process (which we can obtain as difference…