Skip to content
/ syscalls Public
forked from avilum/syscalls

Find syscalls of executables for seccomp-bpf sandbox policies.

License

Apache-2.0 license
0 stars 2 forks Branches Tags Activity
Star
Notifications You must be signed in to change notification settings

zebh/syscalls

BranchesTags
 
 

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

11 Commits
LICENSE
LICENSE
 
 
README.md
README.md
 
 
syscalls
syscalls
 
 

Repository files navigation

syscalls

Discover executable's syscalls.
A simple script that discovers the necessary behaviour of programs, using strace and grep.
I Created this in order to create profiles for seccomp-bpf jails, like nsjail, gVisor and firejail.

Usage:

ubuntu@pc:~$ ./syscalls whoami
ubuntu
The following syscalls were called:
access
arch_prctl
brk
close
connect
execve
exit_group
fstat
geteuid
lseek
mmap
mprotect
munmap
open
read
socket
write
The syscalls were saved to /home/ubuntu/syscalls.txt
ubuntu@pc:~$ ./syscalls python -m SimpleHTTPServer
Serving HTTP on 0.0.0.0 port 8000 ...
^C
The following syscalls were called:
access
arch_prctl
brk
close
connect
execve
exit_group
fstat
geteuid
lseek
mmap
mprotect
munmap
open
read
socket
write
The syscalls were saved to /home/ubuntu/syscalls.txt

About

Find syscalls of executables for seccomp-bpf sandbox policies.

Resources

Readme

License

Apache-2.0 license
Activity

Stars

0 stars

Watchers

0 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages

  • Shell 100.0%