Linux System Call Monitoring
ATT&CK techniques detected
T1106Native API
40%
“linux system call monitoring linux system call monitoring moth / / i ’ ve been diving deep into linux lately, with my latest kick being exploring the linux kernel. i ’ ve found “ the linux programming interface ” ( tlpi ) by michael kerrisk, among others, to be a fantastic refere…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
T1547.006Kernel Modules and Extensions
38%
“##able kernel module ( lkm ) that would listen for a given syscall and, at the very least, log that the syscall was observed. ideally, the module would also print some detailed information about the call ’ s arguments. what i ’ ve ended up with is a piece of code that i can exten…”
Which technique(s) should be tagged here? Pick zero or more — leaving blank just records that the original was wrong.
No matches for .
Loading techniques…
Summary
moth // I’ve been diving deep into Linux lately, with my latest kick being exploring the Linux kernel. I’ve found “The Linux Programming Interface” (TLPI) by Michael Kerrisk, among others, […]
The post Linux System Call Monitoring appeared first on Black Hills Information Security, Inc..