awesome-repositories.com
Blog
awesome-repositories.com

Descoperă cele mai bune repository-uri open source cu căutare AI.

ExploreazăCăutări recomandateAlternative open-sourceSoftware self-hostedBlogHartă site
ProiectDespreCum realizăm clasamentulPresăServer MCP
LegalConfidențialitateTermeni
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

22 repository-uri

Awesome GitHub RepositoriesSystem-Call Interception

Intercepting low-level operating system calls to validate or block operations based on security policies.

Distinct from Unprivileged System Call Interceptions: Candidates focus on specific types (unprivileged, keystore, gRPC) rather than general-purpose security policy enforcement via interception.

Explore 22 awesome GitHub repositories matching operating systems & systems programming · System-Call Interception. Refine with filters or upvote what's useful.

Awesome System-Call Interception GitHub Repositories

Găsește cele mai bune repo-uri cu AI.Vom căuta cele mai potrivite repository-uri folosind AI.
  • nodesource/distributionsAvatar nodesource

    nodesource/distributions

    13,834Vezi pe GitHub↗

    This project is a Node.js binary distribution repository and Linux package repository. It provides a hosted set of pre-compiled JavaScript runtime binaries for various Linux distributions to simplify installation and version management through native package managers. The project includes a Node.js observability toolset and security policy manager. These components enable the gathering of runtime telemetry to monitor application health and performance via diagnostic dashboards, while providing a resource restriction layer that intercepts system calls to prevent unauthorized modules from acces

    Intercepts low-level operating system calls to validate or block operations based on security policies.

    Shelljavascriptlinuxnode
    Vezi pe GitHub↗13,834
  • geniusvjr/learningnotesAvatar GeniusVJR

    GeniusVJR/LearningNotes

    13,145Vezi pe GitHub↗

    LearningNotes este o bază de cunoștințe tehnice și un ghid de studiu de inginerie axat pe internele framework-ului Android, arhitectura sistemului și optimizarea performanței mobile. Servește drept referință pentru analizarea secvenței de boot Android, bootstrapping-ul proceselor și inițializarea serviciilor de sistem. Proiectul oferă ghiduri detaliate despre performanța mobilă, inclusiv strategii pentru reducerea amprentei de memorie, identificarea scurgerilor de memorie și optimizarea decodării imaginilor. Acoperă, de asemenea, comunicarea inter-proces Android folosind AIDL și driverul de kernel Binder, precum și manuale de arhitectură software pentru decuplarea logicii de business de interfețele utilizator prin tipare precum MVVM și MVP. Dincolo de dezvoltarea mobilă, repository-ul include o bază de cunoștințe de informatică pentru pregătirea interviurilor tehnice, acoperind structuri de date, algoritmi și concepte de sistem de operare. De asemenea, dispune de o referință practică pentru controlul versiunilor Git, detaliind gestionarea repository-ului, sincronizarea și fluxurile de lucru de branching.

    Implements techniques to intercept system API calls using dynamic proxies to modify runtime behavior.

    Vezi pe GitHub↗13,145
  • tencent/libcoAvatar Tencent

    Tencent/libco

    8,684Vezi pe GitHub↗

    libco is a C++ coroutine library and user-space task orchestrator designed for cooperative multitasking and high-concurrency execution. It functions as a high-concurrency network framework and a synchronous-to-asynchronous wrapper that allows blocking system calls and socket functions to run asynchronously without modifying existing business logic. The project utilizes a specialized stack-copying context switching model to support millions of simultaneous TCP connections on a single machine. It includes a high-performance time wheel scheduler for managing asynchronous background jobs and dela

    Wraps blocking I/O and socket functions to yield execution back to the scheduler until resources become available.

    C++
    Vezi pe GitHub↗8,684
  • tonychen56/wechatrobotAvatar TonyChen56

    TonyChen56/WeChatRobot

    7,143Vezi pe GitHub↗

    WeChatRobot is a framework providing programmatic interfaces for automating messages and interactions within the WeChat ecosystem. It functions as a bot framework that enables the automation of sending and receiving messages by intercepting system processes. The project includes specialized tools for intercepting system calls and utilizing memory-based application hooking to automate workflows, including support for Enterprise WeChat. It further provides capabilities to decrypt local application databases to recover historical chat logs and user information. Additional functionality covers t

    Intercepts low-level operating system calls to programmatically trigger send and receive functions.

    C++wechatwechatapiwechatrobot
    Vezi pe GitHub↗7,143
  • p-e-w/maybeAvatar p-e-w

    p-e-w/maybe

    6,314Vezi pe GitHub↗

    Maybe este un simulator de execuție a comenzilor și un auditor al operațiunilor pe sistemul de fișiere. Oferă un mediu de tip dry-run care înregistrează modificările intenționate ale fișierelor fără a efectua operațiuni reale de scriere pe disc și acționează ca un strat de securitate pentru a bloca modificările neautorizate. Instrumentul interceptează apelurile de sistem pentru a previzualiza și aproba modificările sistemului de fișiere înainte ca acestea să fie comise. Utilizează o buclă de execuție cu aprobarea utilizatorului care întrerupe execuția programului până când utilizatorul consimte la operațiunile de sistem în așteptare. Sistemul acoperă previzualizarea execuției comenzilor, auditarea operațiunilor pe sistemul de fișiere și filtrarea apelurilor de sistem. Include capabilități de restricționare a modificărilor sistemului prin liste de permisiuni configurabile și extinderea logicii de filtrare prin plugin-uri.

    Intercepts operating system calls to preview and approve filesystem modifications before they are committed.

    Python
    Vezi pe GitHub↗6,314
  • lxc/lxdAvatar lxc

    lxc/lxd

    5,554Vezi pe GitHub↗

    LXD is a unified platform for managing both system containers and virtual machines through a single REST API and command-line interface. It provides a programmatic HTTP interface for controlling the full lifecycle of instances, enabling automation and integration with external tools. The system runs unprivileged containers with per-instance UID/GID mappings, seccomp filters, and AppArmor profiles for kernel-level isolation, while supporting multiple storage backends including directory, Btrfs, LVM, ZFS, Ceph, LINSTOR, and TrueNAS through a unified driver interface. The platform distinguishes

    Redirects selected kernel calls inside containers to custom handlers for compatibility and resource control.

    Go
    Vezi pe GitHub↗5,554
  • ptitseb/box64Avatar ptitSeb

    ptitSeb/box64

    5,480Vezi pe GitHub↗

    Box64 este un runtime cross-architecture și un strat de emulare user-mode care permite software-ului Linux și Windows să ruleze pe hardware non-nativ. Funcționează ca un emulator de instrucțiuni x86-64 și traducător binar, executând binare pe 64 de biți pe diferite arhitecturi CPU prin traducerea codului mașină în instrucțiuni native. Proiectul utilizează recompilarea dinamică pentru a accelera execuția și mapează apelurile de sistem guest către bibliotecile gazdă native pentru a crește viteza și compatibilitatea hardware. Poate simula un mediu de execuție pe 32 de biți pentru a suporta software-ul legacy și se integrează cu kernel-ul sistemului de operare pentru a recunoaște și lansa automat executabile străine. Sistemul acoperă execuția programelor Linux pe 64 și 32 de biți, a binarilor Windows și a clienților de jocuri, incluzând suport pentru overlay-uri grafice Vulkan. Oferă mecanisme pentru bundling-ul bibliotecilor, încărcarea pachetelor AppImage și optimizarea țintită pe hardware specific. Software-ul suportă compilarea binară statică și oferă un toolchain de cross-compilation pentru deployment pe diferite arhitecturi CPU.

    Translates guest operating system requests into compatible host operations by wrapping library functions and system calls.

    C
    Vezi pe GitHub↗5,480
  • vita3k/vita3kAvatar Vita3K

    Vita3K/Vita3K

    5,415Vezi pe GitHub↗

    Vita3K is a console hardware emulator specifically designed to replicate the PlayStation Vita environment. It functions as a cross-platform game emulator that allows handheld software and homebrew to run on desktop and mobile devices. The project focuses on PlayStation Vita emulation to enable retro game preservation and cross-platform gaming on operating systems such as Windows, Linux, and Android. The emulator implements hardware emulation through a dynamic recompilation engine, firmware-based system call translation, and a GPU hardware abstraction layer. It further simulates the original

    Uses original console firmware to intercept and translate system calls into emulator functions.

    C++cppemulationemulator
    Vezi pe GitHub↗5,415
  • cglib/cglibAvatar cglib

    cglib/cglib

    4,896Vezi pe GitHub↗

    cglib is a suite of tools for JVM bytecode generation, class transformation, and dynamic proxying. It provides a high-level API for creating and transforming Java bytecode at runtime to modify class behavior and a framework for intercepting method calls and field access. The project implements dynamic proxy generation to support aspect oriented programming and custom data access patterns. It also includes a serialization manager to implement serialization contracts by adding specific methods and controlling object replacement within proxy classes. The library covers bytecode manipulation and

    Generates proxy objects to intercept method calls and field access for custom data access patterns.

    Java
    Vezi pe GitHub↗4,896
  • hansonwang99/spring-boot-in-actionAvatar hansonwang99

    hansonwang99/Spring-Boot-In-Action

    4,678Vezi pe GitHub↗

    This project is a collection of reference implementations and practical guides for building enterprise Java applications using the Spring Boot framework. It serves as a backend project gallery and implementation guide, providing a set of architectures for common server patterns. The repository distinguishes itself through a focus on distributed system design, offering examples for global unique identifier generation, distributed caching, and full-text search. It also includes templates and examples for creating custom Spring Boot starters to encapsulate shared dependencies and configurations

    Uses dynamic proxies and interceptors to separate cross-cutting concerns from core business logic.

    Javajavajwtmybatis
    Vezi pe GitHub↗4,678
  • sylar-yin/sylarAvatar sylar-yin

    sylar-yin/sylar

    4,661Vezi pe GitHub↗

    Sylar is a high-performance C++ asynchronous server framework and event-driven network library. It functions as a coroutine scheduler and HTTP server implementation designed to build network services using non-blocking I/O. The project distinguishes itself through a system call interceptor that hooks blocking socket and sleep APIs, transforming synchronous operations into non-blocking asynchronous events. It employs a user-space threading system to distribute lightweight tasks across a worker thread pool to maximize CPU utilization. The framework covers a broad range of networking and system

    Intercepts blocking socket and sleep APIs to transform synchronous calls into non-blocking asynchronous operations.

    C++
    Vezi pe GitHub↗4,661
  • mantvydasb/redteaming-tactics-and-techniquesAvatar mantvydasb

    mantvydasb/RedTeaming-Tactics-and-Techniques

    4,620Vezi pe GitHub↗

    This project is a red teaming knowledge base and offensive security playbook designed to simulate adversary behavior. It serves as a comprehensive collection of technical guides and tactics for executing red team operations. The repository provides detailed instructions for Active Directory exploitation, including Kerberos abuse and domain privilege escalation. It covers defense evasion through API unhooking and payload obfuscation, as well as Windows internals research involving the manipulation of kernel objects and system memory. The capability surface extends to network penetration testi

    Implements IAT hooking to monitor and redirect system function calls for behavioral alteration.

    PowerShelloffensive-securityoscppentesting
    Vezi pe GitHub↗4,620
  • tiann/epicAvatar tiann

    tiann/epic

    4,547Vezi pe GitHub↗

    Epic este un toolkit pentru instrumentarea runtime-ului Android, interceptarea metodelor și auditarea posturii de securitate. Funcționează ca un framework de programare orientată pe aspecte și un interceptor de metode dinamic conceput pentru a monitoriza și altera comportamentul metodelor Java în cadrul Android Runtime. Proiectul oferă capabilități pentru interceptarea și modificarea atât a componentelor framework-ului Android de bază, cât și a logicii specifice aplicației. Acest lucru permite injectarea de comportament Java personalizat și redirecționarea execuției metodelor fără a altera codul sursă original. Framework-ul include instrumente pentru auditarea securității aplicațiilor, care implică scanarea pentru shell-uri încorporate și monitorizarea utilizării API-urilor de sistem sensibile. Aceste funcții de observabilitate permit analiza fluxului de date și verificarea posturilor de securitate în timpul execuției la runtime.

    Intercepts application-level method calls at runtime to monitor and alter behavior.

    Javaandroidaopart
    Vezi pe GitHub↗4,547
  • mywalkb/lsposed_modAvatar mywalkb

    mywalkb/LSPosed_mod

    4,325Vezi pe GitHub↗

    LSPosed_mod is a system for Android system hooking and module management. It enables the installation and configuration of system-level modifications to change device behavior without altering the original system image or source files. The project utilizes zygote-based process injection and runtime method hooking to intercept execution flows in memory. It includes a version-agnostic execution layer to maintain a consistent interface across different Android operating system versions and environments, as well as dynamic proxy interception to modify method arguments and return values. Manageme

    Implements dynamic proxy layers to intercept and modify method arguments and return values at runtime.

    Java
    Vezi pe GitHub↗4,325
  • x64dbg/scyllahideAvatar x64dbg

    x64dbg/ScyllaHide

    4,167Vezi pe GitHub↗

    ScyllaHide este un plugin de bypass pentru anti-debugger și un instrument de reverse engineering conceput pentru a ascunde un debugger de o aplicație țintă. Funcționează ca o bibliotecă de hooking API în user-mode și un framework de injectare DLL care previne detectarea și închiderea programelor în timpul analizei. Proiectul permite analiza malware-ului și studiul software-ului protejat prin neutralizarea apărărilor de securitate. Acest lucru este realizat prin interceptarea și modificarea răspunsurilor bibliotecilor de sistem pentru a induce în eroare aplicațiile cu privire la mediul lor de execuție. Utilitarul folosește mai multe metode tehnice pentru a menține stealth-ul, inclusiv inline API hooking, proxying pentru apeluri de sistem și patching pentru process environment block (PEB). De asemenea, gestionează trap-urile în user-mode și utilizează redirecționarea bibliotecilor dinamice pentru a filtra răspunsurile API sensibile.

    Intercepts low-level operating system calls to return forged data that masks debugger presence.

    C++
    Vezi pe GitHub↗4,167
  • hyperdbg/hyperdbgAvatar HyperDbg

    HyperDbg/HyperDbg

    3,885Vezi pe GitHub↗

    HyperDbg is a hardware-assisted kernel-mode debugging platform that leverages virtualization to monitor and control system execution. By utilizing hypervisor-level primitives, it enables deep system analysis and instrumentation without relying on standard operating system debugging interfaces. The framework provides a comprehensive environment for inspecting both kernel and user-mode processes, allowing for granular control over execution flow and system state. The project distinguishes itself through a transparent debugging layer designed to remain invisible to the target environment. It emp

    Monitors system call execution with process-specific filtering and conditional triggering to modify system behavior.

    Cbinary-analysisdebugdebugger
    Vezi pe GitHub↗3,885
  • trailofbits/manticoreAvatar trailofbits

    trailofbits/manticore

    3,855Vezi pe GitHub↗

    Manticore is a symbolic execution engine designed for the analysis of binary executables and smart contracts. It functions as an automated vulnerability scanner and verification platform that systematically traverses program execution paths to identify security flaws, validate business invariants, and ensure software properties hold true under all possible input conditions. The engine distinguishes itself through a unified instruction set abstraction that enables consistent analysis across diverse architectures and contract formats. It provides a programmatic interface for deep customization,

    Simulates operating system interactions by intercepting requests and updating the symbolic CPU state to model environmental dependencies during analysis.

    Python
    Vezi pe GitHub↗3,855
  • kernelsu-next/kernelsu-nextAvatar KernelSU-Next

    KernelSU-Next/KernelSU-Next

    3,803Vezi pe GitHub↗

    KernelSU-Next is a kernel-level framework designed to provide administrative privileges and granular access control on the Android operating system. By integrating directly into the kernel during the build process, the project enables superuser management and system-wide modifications through kernel-level patching and system call interception. The framework distinguishes itself by utilizing non-persistent file system overlays, which allow for system partition modifications and module injection without altering underlying read-only storage blocks. This approach facilitates dynamic functionalit

    Monitors and filters requests from user-space applications to the kernel to enforce security boundaries.

    Kotlinandroidkernelkernelsu
    Vezi pe GitHub↗3,803
  • fastos/fastsocketAvatar fastos

    fastos/fastsocket

    3,742Vezi pe GitHub↗

    Fastsocket is a high-performance Linux socket implementation designed for linear scalability on multicore systems. It functions as a TCP throughput optimizer and a multicore packet steering engine that reduces system call overhead and lock contention to increase total network processing capacity. The project distinguishes itself through a network system call interceptor that uses a shared library to redirect standard socket calls to optimized interfaces without requiring changes to application binaries. It employs active connection steering by encoding CPU core IDs into source ports and utili

    Redirects standard socket calls via a shared library to replace kernel behavior without modifying application binaries.

    C
    Vezi pe GitHub↗3,742
  • anthropic-experimental/sandbox-runtimeAvatar anthropic-experimental

    anthropic-experimental/sandbox-runtime

    3,099Vezi pe GitHub↗

    This project is an OS-level process sandbox and cross-platform security wrapper for Linux and macOS. It is designed to isolate arbitrary processes from the host machine by restricting filesystem and network access without the use of full containerization. The system functions as a system-call interceptor and access controller, blocking unauthorized operating system calls based on predefined security policies. It employs allowlists and denylists to manage resource requests and monitors for security violations in real time. Capability areas include filesystem access management using glob-patte

    Intercepts system calls to block unauthorized filesystem or network operations.

    TypeScript
    Vezi pe GitHub↗3,099
Înapoi12Înainte
  1. Home
  2. Operating Systems & Systems Programming
  3. System-Call Interception

Explorează sub-etichetele

  • Dynamic Proxy Interceptions1 sub-tagUsing dynamic proxies to intercept and modify method parameters or return values at runtime. **Distinct from System-Call Interception:** Distinct from System-Call Interception: targets high-level API method calls via proxies rather than low-level OS kernel system calls.
  • Firmware System Call TranslationTranslation of guest operating system kernel calls to emulator functions using original system firmware. **Distinct from System-Call Interception:** Distinct from System-Call Interception: focuses on translating calls between different operating systems using firmware, not security-based blocking.
  • Hypercall InterceptorsHooks that intercept and manage hypercalls between a guest operating system and the hypervisor. **Distinct from System-Call Interception:** Distinct from System-Call Interception: specifically targets hypervisor-level hypercalls rather than OS-level system calls.