ptrace

0001-01-01

ptrace (process trace) is a system call found in Unix and Unix-like operating systems such as Linux. ptrace provides the means for a program to patch running programs, avoid unfixed bugs, and as a debugger.

https://man7.org/linux/man-pages/man2/ptrace.2.html

Links to this note

proc_connector
io_uringblindspotrootkits-toulas2025
armouringtheelf-grugq_scut2001
Linux Persistence: Processes
TracerPid
Linux Persistence: SSH
selinuxsystemadministration_vermeulen2020
learninglinuxbinaryanalysis-oneill2016
runtimeprocessinfection-anonymous2002
baines2016
cesare1999
3snake
ltrace
ptrace request
PTRACE_SYSCALL
strace
Yama

ptrace

0001-01-01

Links to this note

Recent Posts

Linux Persistence: Modular Software

2025-04-17 DFIR CTF persistence linux persistence apache asterisk

Linux Persistence: Web Shells

2025-04-16 DFIR persistence webshell linux persistence webshell apache nginx PHP

Linux Persistence: Rootkits

2025-04-15 DFIR persistence rootkit LKM linux persistence LKM rootkit LD_PRELOAD kprobe ftrace ld.so hooking

Linux Persistence: Processes

2025-04-11 DFIR persistence processes linux persistence processes

Defanging Linux LKM Rootkits With cleanup_module()

2025-04-05 Linux LKM rootkits EDR hooks incident response Linux LKM rootkit