Debug Watchdog ============================= Debug Watchdog is a tool to globally monitor your Linux system and stop watched executable binaries immediately after launched. This allows to attach a debugger on the first instruction and to explore binary parameters. Every executable binary is caught: no matter who launched it, when or how long the process lives. To achieve this, kernel syscalls table is patched and sys_execve hooked. Original syscalls table values are restored when Debug Watchdog is turned off. Debug Watchdog has the following components: * Kernel driver * Library * Automated test * UI Only one Debug Watchdog instance is allowed to run on a system at a time. Requirements to run ============================= * Linux x86_64 * Qt5 libraries * gnome-terminal * gdb * glibc Debug Watchdog requires CAP_SYS_MODULE capabilities to work, as a kernel module has to be dynamically loaded. "root" user usually satisfies this condition. Run the automated test to make sure that your system meets the requirements and binaries are caught: ./bin/debugwatchdogtest Run from the UI: ./bin/debugwatchdogui Debug Watchdog is known to work in the following systems: * Fedora 25 - Linux kernel 4.13.16-101 How to build ============================= Install the following build dependencies: * QtCreator * gcc * Linux kernel headers * glibc headers Config: * Edit deploy.sh and: * set KERNEL_HEADERS_PATH variable pointing to your kernel headers * review other configurations (i.e.: debug or release build) Run builder: * ./deploy.sh * Binaries will be placed in "bin" folder, and "bin.tar.gz" file (packing all binaries) generated. Changelog ============================= Version: 1.1 - 2018-05-22 * Bug fixes * Documentation enhanced * Minor code style improvements * Minor build system improvements ............................. Version: 1.0 - 2017-11-10 * Initial version ............................. License and credits ============================= Debug Watchdog is under GPL license. See docs/gpl.txt for further information. Original author: Martin Balao (martin.uy) Contributors: Martin Di Paola (@eldipa at GitHub.com) Want to contribute? Join us on GitHub [1] :-) -- [1] - https://github.com/martinuy/debugwatchdog