KM-2024-0002shippedSep 2024 → Nov 2025

Auris

arm64 linux security toolkit

Syscall tracer and security analyzer for ARM64 Linux. Covers both defense (behavioral profiling, anomaly detection) and offense (process injection, ROP gadget scanning).

advisory

affected systems: ARM64 Linux userspace binaries
Production workloads on aarch64 servers
impact: Demonstrates fine-grained syscall tracing, behavioral profiling, process injection, and ROP gadget scanning on ARM64. Covers both defensive observability (anomaly detection across syscall sequences) and offensive tooling (gadget enumeration, injected-code measurement).
mitigation: Apply standard ARM64 exploit mitigations: ASLR, PAC (Pointer Authentication), BTI (Branch Target Identification), W^X. Monitor for anomalous ptrace() / process_vm_writev() usage. Harden seccomp-bpf profiles around ptrace scope. Auris itself can be used defensively to baseline normal syscall patterns.

preview

auris.com

stack

CARM64ptraceeBPFNext.js

recent commits[all]

e4646fdChange license from MIT to Apache-2.0
ad84d2bCreate LICENSE
6a7204fUpdate page.tsx
608860cMerge branch 'main' of https://github.com/kuladeepmantri/Auris
7c8f5d7Update next.config.js
db14b47Update README.md