********mkdir-api-hookrise-of-linux-rootkit.hashnode.dev·Nov 13, 2024Understanding How mkdir API Hook Leads to LKM Rootkits in LinuxIntroduction Adrishya is a Linux kernel module that leverages advanced kernel hooking techniques, specifically using ftrace (the Linux kernel’s function tracer) to hook into the mkdir system call. The module is designed to block directory creation at...1 like·329 readsapi hooking