BestHub
Sign in
Tagged articles
8 articles
Page 1 of 1
Black & White Path
Black & White Path
May 8, 2026 · Information Security

How Ukrainian Cyber Warriors Use Zapper to Hide Malicious Linux Processes

Zapper, a Linux process‑hiding tool created by Hacker’s Choice, runs without root, manipulates the ELF auxiliary vector via ptrace, hides command‑line arguments, environment variables and child processes with negligible overhead, and has been observed in real Ukrainian cyber‑war operations, prompting specific defensive recommendations.

ELF auxiliary vectorLinux securityZapper
0 likes · 10 min read
How Ukrainian Cyber Warriors Use Zapper to Hide Malicious Linux Processes
BirdNest Tech Talk
BirdNest Tech Talk
Mar 7, 2025 · Operations

Master Linux Debugging: How to Use Strace for Deep System Call Insight

This guide explains what strace is, how it leverages ptrace to intercept system calls, shows installation steps, demonstrates basic and advanced usage patterns, discusses real‑world scenarios, interprets output formats, highlights performance trade‑offs, and compares alternative tracing tools.

linux debuggingperformance analysisptrace
0 likes · 9 min read
Master Linux Debugging: How to Use Strace for Deep System Call Insight
Liangxu Linux
Liangxu Linux
Jan 21, 2025 · Fundamentals

How Does strace Peek Inside Other Processes? A Deep Dive into ptrace

This article explains the inner workings of the classic strace command by walking through a hand‑crafted C program that uses ptrace to attach to a target process, set syscall tracing, wait for signals, read the ORIG_RAX register, and translate syscall numbers into readable names, while also discussing the performance impact of such tracing.

Linuxptracestrace
0 likes · 16 min read
How Does strace Peek Inside Other Processes? A Deep Dive into ptrace
Deepin Linux
Deepin Linux
Dec 14, 2024 · Fundamentals

Understanding Linux ptrace: Implementation, Usage, and Debugging Techniques

This article provides a comprehensive overview of the Linux ptrace system call, explaining its role in process debugging, detailing request parameters, demonstrating practical C examples for tracing system calls, single‑stepping, setting breakpoints, and exploring how DWARF debugging information links source code to executable addresses.

AssemblyCDWARF
0 likes · 62 min read
Understanding Linux ptrace: Implementation, Usage, and Debugging Techniques
NetEase Game Operations Platform
NetEase Game Operations Platform
Feb 29, 2020 · Fundamentals

Implementing Breakpoints with GDB and Ptrace on Linux

This article explains how to create a simple breakpoint mechanism by using GDB for illustration and then reproducing the same behavior with the Linux ptrace system call, covering required knowledge about the RIP register, ELF symbols, and step‑by‑step implementation details.

DebuggingLinuxbreakpoint
0 likes · 10 min read
Implementing Breakpoints with GDB and Ptrace on Linux
UCloud Tech
UCloud Tech
Feb 1, 2018 · Operations

How to Apply Live Hot Patches to Running Applications Without Restart

This article explains the principles and step‑by‑step implementation of application hot‑patching on Linux, showing how to compile a patch library, use a loader with ptrace and dlopen to inject it into a running process, and verify the change without restarting the service.

Linuxdlopenhot patching
0 likes · 8 min read
How to Apply Live Hot Patches to Running Applications Without Restart