System calls are kernel routines able to be called from userland
Links to this note
- Adrishya
- diamorpinecryptominer-anyrun2025
- linuxmalwareevadingsyscall-thomson2025
- io_uringblindspotrootkits-toulas2025
- seccomp
- direct system call
- runtimekmempatching-cesare1998
- designandimplementationofuserlandexec-grugq2004
- kernelinstrumentationusingkprobes-elfmaster2010
- trap
- abuseofthelinuxkernel-phrack50_5-halflife
- ioctl
- prctl
- sys_call_table
- artoflinuxkernelrootkit-tmpout4-matheuzsec_humzak711
- Linux Persistence: Processes
- auditinglinuxprocessesdeepdive-boelen2025
- fork
- anatomyofreallinuxintrusion_mitmhoneypot-alonso2016
- bvp47-pangulab2022
- selinuxsystemadministration_vermeulen2020
- skuld-taniumcti2023
- stealthshell-petrich2024
- /proc/PID/syscall
- ausyscall
- bind
- execve
- Hell's Gate
- Linux Audit Framework
- PTRACE_SYSCALL
- signature (anti-virus)
- strace
- syscall id