Index --------- Rootkit In Brief Rootkit based on LKM How to get sys_call_table Simple sys_call_table hook Inline hook Patching system_call Abuse Debug Registers Real Rootkit Rootkit based non-LKM Using /dev/kmem and kmalloc Us
"sysfs is a ram-based filesystem initially based on ramfs. It provides a means to export kernel data structures, their attributes, and the linkages between them to userspace.” --- documentation/filesystems/sysfs.txt 可以先把documentation/filesystems/sys
在Windows用户模式下访问USB设备的库。 支持Win2K/WinXP/Vista/Win7. Libusb-win32 is a library that allows userspace application to access USB devices on Windows operation systems (Win2k, WinXP, Vista, Win7). It is derived from and fully API compatible to libusb avail
pagemap is a new (as of 2.6.25) set of interfaces in the kernel that allow userspace programs to examine the page tables and related information by reading files in /proc.
kvm, or kernel-based virtual machine, is a device driver and userspace component for Linux that utilizes hardware virtualization extensions such as Intel's VT to create virtual machines running on a Linux host.
udev - Linux userspace device management Integrating udev in the system has complex dependencies and may differ from distribution to distribution. A system may not be able to boot up or work reliably without a properly installed udev version. The up
