For anyone payig attention, the source code layout has been completely changed, and a new build process has been added.
The APIs for the kernel module and libduderino have been tightened up a little, and the namespace is a little more clean.
Currently I am working on adding system call hooking, beginning with sys_execve() -- in order to add a BREAK_ON_EXEC breakpoint which will start a process off with TF [int1] enabled upon return from the execve() syscall.
Work is starting on this pproject once again, after an almost 2-year break. Interested parties, feel free to contact via email or forum.
_m
If you would like to refer to this comment somewhere else in this project, copy and paste the following link:
For anyone payig attention, the source code layout has been completely changed, and a new build process has been added.
The APIs for the kernel module and libduderino have been tightened up a little, and the namespace is a little more clean.
Currently I am working on adding system call hooking, beginning with sys_execve() -- in order to add a BREAK_ON_EXEC breakpoint which will start a process off with TF [int1] enabled upon return from the execve() syscall.
Work is starting on this pproject once again, after an almost 2-year break. Interested parties, feel free to contact via email or forum.
_m