PinnedEmanuele SantiniMastering Linux Audit Part 1: Configuration & Usage GuideLinux Audit is a framework designed to help system administrators and users monitor and track various system activities. It provides a…3d ago3d ago
PinnedEmanuele SantiniIntroducing JSON Integration in the Linux Kernel: A New Feature ExplainedJSON (JavaScript Object Notation) is a universally recognized, text-based format for representing structured data. It is designed to be…Jan 12Jan 12
Emanuele SantiniMastering Linux Audit Part 2: Boost Security with Effective RulesIf you have already read Part 1 of this article, you understand how configuring and personalizing audit logs can be beneficial for your…1d ago1d ago
Emanuele SantiniEnhance Linux Security: Monitoring Privilege Escalation on Processes with eBPFWe know that when a process gains root privileges, it essentially gains unrestricted access to system resources and commands, which can…Apr 11Apr 11
Emanuele SantiniDeveloping a Linux Kernel Module KeyloggerA keylogger is a type of software or hardware device that records the keystrokes typed on a computer or other electronic device. This can…Mar 19Mar 19
Emanuele SantiniA deep introduction to Root Access on Linux — Part 2: The Saved User and Group IDIn Part 1, we introduced the SUID and SGID permissions and covered the setuid system call. As we observed, setuid and setgid do not…Mar 6Mar 6
Emanuele SantiniA deep introduction to Root Access on Linux — Part 1: The SUID and SGID PermissionsIn the vast world of Linux, understanding the file permissions is crucial for both system administrators and security enthusiasts. Among…Mar 6Mar 6
Emanuele SantiniCreating a Linux Security Module with Kprobes: Blocking network of Targeted ProcessesThe Linux Security Module (LSM) is a framework in the Linux kernel that provides mechanisms for implementing various security controls…Feb 2Feb 2
Emanuele SantiniA complete guide to sysfs — Part 3: using kset on kobjectAs we have seen on the previous articles, Kobjects are hierarchical structures within sysfs, each with a parent, a name, and a type…Jan 19Jan 19
Emanuele SantiniA complete guide to sysfs — Part 2: improving the attributesIn the previous article, we laid the groundwork by discussing the fundamental concepts of sysfs and its role in the Linux kernel…Jan 17Jan 17