PowerShell Tips

Netcat for Powershell 

Download and install powercat 

IEX (New-Object System.Net.Webclient).DownloadString('https://raw.githubusercontent.com/besimorhino/powercat/master/powercat.ps1')

openssl cheat sheet

Connect to a server 

openssl s_client  -connect <domain name>:443

tshark/wireshark cheat sheet

Dump all DNS name lookups  in a pcap along with IP
tshark -r file.cap -T fields -e ip.src -e dns.qry.name -R "dns.flags.response eq 0"

Linux/Android ARM System Calls

File Location

$LINUX_SOURCE_ROOT/arch/arm/include/asm/unistd.h

which #include $LINUX_SOURCE_ROOT/arch/arm/include/uapi/asm/unisdt.h

/*

 *  arch/arm/include/asm/unistd.h

 *

 *  Copyright (C) 2001-2005 Russell King

 *

 * This program is free software; you can redistribute it and/or modify

 * it under the terms of the GNU General Public License version 2 as

 * published by the Free Software Foundation.

 *

 * Please forward _all_ changes to this file to rmk@arm.linux.org.uk,

 * no matter what the change is.  Thanks!

 */

#ifndef _UAPI__ASM_ARM_UNISTD_H

#define _UAPI__ASM_ARM_UNISTD_H

#define __NR_OABI_SYSCALL_BASE 0x900000

#if defined(__thumb__) || defined(__ARM_EABI__)

#define __NR_SYSCALL_BASE 0

#else

#define __NR_SYSCALL_BASE __NR_OABI_SYSCALL_BASE

#endif

/*

 * This file contains the system call numbers.

 */

#define __NR_restart_syscall (__NR_SYSCALL_BASE+  0)

#define __NR_exit (__NR_SYSCALL_BASE+  1)

#define __NR_fork (__NR_SYSCALL_BASE+  2)

#define __NR_read (__NR_SYSCALL_BASE+  3)

#define __NR_write (__NR_SYSCALL_BASE+  4)

#define __NR_open (__NR_SYSCALL_BASE+  5)

#define __NR_close (__NR_SYSCALL_BASE+  6)

/* 7 was sys_waitpid */

#define __NR_creat (__NR_SYSCALL_BASE+  8)

#define __NR_link (__NR_SYSCALL_BASE+  9)

#define __NR_unlink (__NR_SYSCALL_BASE+ 10)

#define __NR_execve (__NR_SYSCALL_BASE+ 11)

#define __NR_chdir (__NR_SYSCALL_BASE+ 12)

#define __NR_time (__NR_SYSCALL_BASE+ 13)

#define __NR_mknod (__NR_SYSCALL_BASE+ 14)

#define __NR_chmod (__NR_SYSCALL_BASE+ 15)

#define __NR_lchown (__NR_SYSCALL_BASE+ 16)

/* 17 was sys_break */

/* 18 was sys_stat */

#define __NR_lseek (__NR_SYSCALL_BASE+ 19)

#define __NR_getpid (__NR_SYSCALL_BASE+ 20)

#define __NR_mount (__NR_SYSCALL_BASE+ 21)

#define __NR_umount (__NR_SYSCALL_BASE+ 22)

#define __NR_setuid (__NR_SYSCALL_BASE+ 23)

#define __NR_getuid (__NR_SYSCALL_BASE+ 24)

#define __NR_stime (__NR_SYSCALL_BASE+ 25)

#define __NR_ptrace (__NR_SYSCALL_BASE+ 26)

#define __NR_alarm (__NR_SYSCALL_BASE+ 27)

/* 28 was sys_fstat */

#define __NR_pause (__NR_SYSCALL_BASE+ 29)

#define __NR_utime (__NR_SYSCALL_BASE+ 30)

/* 31 was sys_stty */

/* 32 was sys_gtty */

#define __NR_access (__NR_SYSCALL_BASE+ 33)

#define __NR_nice (__NR_SYSCALL_BASE+ 34)

/* 35 was sys_ftime */

#define __NR_sync (__NR_SYSCALL_BASE+ 36)

#define __NR_kill (__NR_SYSCALL_BASE+ 37)

#define __NR_rename (__NR_SYSCALL_BASE+ 38)

#define __NR_mkdir (__NR_SYSCALL_BASE+ 39)

#define __NR_rmdir (__NR_SYSCALL_BASE+ 40)

#define __NR_dup (__NR_SYSCALL_BASE+ 41)

#define __NR_pipe (__NR_SYSCALL_BASE+ 42)

#define __NR_times (__NR_SYSCALL_BASE+ 43)

/* 44 was sys_prof */

#define __NR_brk (__NR_SYSCALL_BASE+ 45)

#define __NR_setgid (__NR_SYSCALL_BASE+ 46)

#define __NR_getgid (__NR_SYSCALL_BASE+ 47)

/* 48 was sys_signal */

#define __NR_geteuid (__NR_SYSCALL_BASE+ 49)

#define __NR_getegid (__NR_SYSCALL_BASE+ 50)

#define __NR_acct (__NR_SYSCALL_BASE+ 51)

#define __NR_umount2 (__NR_SYSCALL_BASE+ 52)

/* 53 was sys_lock */

#define __NR_ioctl (__NR_SYSCALL_BASE+ 54)

#define __NR_fcntl (__NR_SYSCALL_BASE+ 55)

/* 56 was sys_mpx */

#define __NR_setpgid (__NR_SYSCALL_BASE+ 57)

/* 58 was sys_ulimit */

/* 59 was sys_olduname */

#define __NR_umask (__NR_SYSCALL_BASE+ 60)

#define __NR_chroot (__NR_SYSCALL_BASE+ 61)

#define __NR_ustat (__NR_SYSCALL_BASE+ 62)

#define __NR_dup2 (__NR_SYSCALL_BASE+ 63)

#define __NR_getppid (__NR_SYSCALL_BASE+ 64)

#define __NR_getpgrp (__NR_SYSCALL_BASE+ 65)

#define __NR_setsid (__NR_SYSCALL_BASE+ 66)

#define __NR_sigaction (__NR_SYSCALL_BASE+ 67)

/* 68 was sys_sgetmask */

/* 69 was sys_ssetmask */

#define __NR_setreuid (__NR_SYSCALL_BASE+ 70)

#define __NR_setregid (__NR_SYSCALL_BASE+ 71)

#define __NR_sigsuspend (__NR_SYSCALL_BASE+ 72)

#define __NR_sigpending (__NR_SYSCALL_BASE+ 73)

#define __NR_sethostname (__NR_SYSCALL_BASE+ 74)

#define __NR_setrlimit (__NR_SYSCALL_BASE+ 75)

#define __NR_getrlimit (__NR_SYSCALL_BASE+ 76) /* Back compat 2GB limited rlimit */

#define __NR_getrusage (__NR_SYSCALL_BASE+ 77)

#define __NR_gettimeofday (__NR_SYSCALL_BASE+ 78)

#define __NR_settimeofday (__NR_SYSCALL_BASE+ 79)

#define __NR_getgroups (__NR_SYSCALL_BASE+ 80)

#define __NR_setgroups (__NR_SYSCALL_BASE+ 81)

#define __NR_select (__NR_SYSCALL_BASE+ 82)

#define __NR_symlink (__NR_SYSCALL_BASE+ 83)

/* 84 was sys_lstat */

#define __NR_readlink (__NR_SYSCALL_BASE+ 85)

#define __NR_uselib (__NR_SYSCALL_BASE+ 86)

#define __NR_swapon (__NR_SYSCALL_BASE+ 87)

#define __NR_reboot (__NR_SYSCALL_BASE+ 88)

#define __NR_readdir (__NR_SYSCALL_BASE+ 89)

#define __NR_mmap (__NR_SYSCALL_BASE+ 90)

#define __NR_munmap (__NR_SYSCALL_BASE+ 91)

#define __NR_truncate (__NR_SYSCALL_BASE+ 92)

#define __NR_ftruncate (__NR_SYSCALL_BASE+ 93)

#define __NR_fchmod (__NR_SYSCALL_BASE+ 94)

#define __NR_fchown (__NR_SYSCALL_BASE+ 95)

#define __NR_getpriority (__NR_SYSCALL_BASE+ 96)

#define __NR_setpriority (__NR_SYSCALL_BASE+ 97)

/* 98 was sys_profil */

#define __NR_statfs (__NR_SYSCALL_BASE+ 99)

#define __NR_fstatfs (__NR_SYSCALL_BASE+100)

/* 101 was sys_ioperm */

#define __NR_socketcall (__NR_SYSCALL_BASE+102)

#define __NR_syslog (__NR_SYSCALL_BASE+103)

#define __NR_setitimer (__NR_SYSCALL_BASE+104)

#define __NR_getitimer (__NR_SYSCALL_BASE+105)

#define __NR_stat (__NR_SYSCALL_BASE+106)

#define __NR_lstat (__NR_SYSCALL_BASE+107)

#define __NR_fstat (__NR_SYSCALL_BASE+108)

/* 109 was sys_uname */

/* 110 was sys_iopl */

#define __NR_vhangup (__NR_SYSCALL_BASE+111)

/* 112 was sys_idle */

#define __NR_syscall (__NR_SYSCALL_BASE+113) /* syscall to call a syscall! */

#define __NR_wait4 (__NR_SYSCALL_BASE+114)

#define __NR_swapoff (__NR_SYSCALL_BASE+115)

#define __NR_sysinfo (__NR_SYSCALL_BASE+116)

#define __NR_ipc (__NR_SYSCALL_BASE+117)

#define __NR_fsync (__NR_SYSCALL_BASE+118)

#define __NR_sigreturn (__NR_SYSCALL_BASE+119)

#define __NR_clone (__NR_SYSCALL_BASE+120)

#define __NR_setdomainname (__NR_SYSCALL_BASE+121)

#define __NR_uname (__NR_SYSCALL_BASE+122)

/* 123 was sys_modify_ldt */

#define __NR_adjtimex (__NR_SYSCALL_BASE+124)

#define __NR_mprotect (__NR_SYSCALL_BASE+125)

#define __NR_sigprocmask (__NR_SYSCALL_BASE+126)

/* 127 was sys_create_module */

#define __NR_init_module (__NR_SYSCALL_BASE+128)

#define __NR_delete_module (__NR_SYSCALL_BASE+129)

/* 130 was sys_get_kernel_syms */

#define __NR_quotactl (__NR_SYSCALL_BASE+131)

#define __NR_getpgid (__NR_SYSCALL_BASE+132)

#define __NR_fchdir (__NR_SYSCALL_BASE+133)

#define __NR_bdflush (__NR_SYSCALL_BASE+134)

#define __NR_sysfs (__NR_SYSCALL_BASE+135)

#define __NR_personality (__NR_SYSCALL_BASE+136)

/* 137 was sys_afs_syscall */

#define __NR_setfsuid (__NR_SYSCALL_BASE+138)

#define __NR_setfsgid (__NR_SYSCALL_BASE+139)

#define __NR__llseek (__NR_SYSCALL_BASE+140)

#define __NR_getdents (__NR_SYSCALL_BASE+141)

#define __NR__newselect (__NR_SYSCALL_BASE+142)

#define __NR_flock (__NR_SYSCALL_BASE+143)

#define __NR_msync (__NR_SYSCALL_BASE+144)

#define __NR_readv (__NR_SYSCALL_BASE+145)

#define __NR_writev (__NR_SYSCALL_BASE+146)

#define __NR_getsid (__NR_SYSCALL_BASE+147)

#define __NR_fdatasync (__NR_SYSCALL_BASE+148)

#define __NR__sysctl (__NR_SYSCALL_BASE+149)

#define __NR_mlock (__NR_SYSCALL_BASE+150)

#define __NR_munlock (__NR_SYSCALL_BASE+151)

#define __NR_mlockall (__NR_SYSCALL_BASE+152)

#define __NR_munlockall (__NR_SYSCALL_BASE+153)

#define __NR_sched_setparam (__NR_SYSCALL_BASE+154)

#define __NR_sched_getparam (__NR_SYSCALL_BASE+155)

#define __NR_sched_setscheduler (__NR_SYSCALL_BASE+156)

#define __NR_sched_getscheduler (__NR_SYSCALL_BASE+157)

#define __NR_sched_yield (__NR_SYSCALL_BASE+158)

#define __NR_sched_get_priority_max (__NR_SYSCALL_BASE+159)

#define __NR_sched_get_priority_min (__NR_SYSCALL_BASE+160)

#define __NR_sched_rr_get_interval (__NR_SYSCALL_BASE+161)

#define __NR_nanosleep (__NR_SYSCALL_BASE+162)

#define __NR_mremap (__NR_SYSCALL_BASE+163)

#define __NR_setresuid (__NR_SYSCALL_BASE+164)

#define __NR_getresuid (__NR_SYSCALL_BASE+165)

/* 166 was sys_vm86 */

/* 167 was sys_query_module */

#define __NR_poll (__NR_SYSCALL_BASE+168)

#define __NR_nfsservctl (__NR_SYSCALL_BASE+169)

#define __NR_setresgid (__NR_SYSCALL_BASE+170)

#define __NR_getresgid (__NR_SYSCALL_BASE+171)

#define __NR_prctl (__NR_SYSCALL_BASE+172)

#define __NR_rt_sigreturn (__NR_SYSCALL_BASE+173)

#define __NR_rt_sigaction (__NR_SYSCALL_BASE+174)

#define __NR_rt_sigprocmask (__NR_SYSCALL_BASE+175)

#define __NR_rt_sigpending (__NR_SYSCALL_BASE+176)

#define __NR_rt_sigtimedwait (__NR_SYSCALL_BASE+177)

#define __NR_rt_sigqueueinfo (__NR_SYSCALL_BASE+178)

#define __NR_rt_sigsuspend (__NR_SYSCALL_BASE+179)

#define __NR_pread64 (__NR_SYSCALL_BASE+180)

#define __NR_pwrite64 (__NR_SYSCALL_BASE+181)

#define __NR_chown (__NR_SYSCALL_BASE+182)

#define __NR_getcwd (__NR_SYSCALL_BASE+183)

#define __NR_capget (__NR_SYSCALL_BASE+184)

#define __NR_capset (__NR_SYSCALL_BASE+185)

#define __NR_sigaltstack (__NR_SYSCALL_BASE+186)

#define __NR_sendfile (__NR_SYSCALL_BASE+187)

/* 188 reserved */

/* 189 reserved */

#define __NR_vfork (__NR_SYSCALL_BASE+190)

#define __NR_ugetrlimit (__NR_SYSCALL_BASE+191) /* SuS compliant getrlimit */

#define __NR_mmap2 (__NR_SYSCALL_BASE+192)

#define __NR_truncate64 (__NR_SYSCALL_BASE+193)

#define __NR_ftruncate64 (__NR_SYSCALL_BASE+194)

#define __NR_stat64 (__NR_SYSCALL_BASE+195)

#define __NR_lstat64 (__NR_SYSCALL_BASE+196)

#define __NR_fstat64 (__NR_SYSCALL_BASE+197)

#define __NR_lchown32 (__NR_SYSCALL_BASE+198)

#define __NR_getuid32 (__NR_SYSCALL_BASE+199)

#define __NR_getgid32 (__NR_SYSCALL_BASE+200)

#define __NR_geteuid32 (__NR_SYSCALL_BASE+201)

#define __NR_getegid32 (__NR_SYSCALL_BASE+202)

#define __NR_setreuid32 (__NR_SYSCALL_BASE+203)

#define __NR_setregid32 (__NR_SYSCALL_BASE+204)

#define __NR_getgroups32 (__NR_SYSCALL_BASE+205)

#define __NR_setgroups32 (__NR_SYSCALL_BASE+206)

#define __NR_fchown32 (__NR_SYSCALL_BASE+207)

#define __NR_setresuid32 (__NR_SYSCALL_BASE+208)

#define __NR_getresuid32 (__NR_SYSCALL_BASE+209)

#define __NR_setresgid32 (__NR_SYSCALL_BASE+210)

#define __NR_getresgid32 (__NR_SYSCALL_BASE+211)

#define __NR_chown32 (__NR_SYSCALL_BASE+212)

#define __NR_setuid32 (__NR_SYSCALL_BASE+213)

#define __NR_setgid32 (__NR_SYSCALL_BASE+214)

#define __NR_setfsuid32 (__NR_SYSCALL_BASE+215)

#define __NR_setfsgid32 (__NR_SYSCALL_BASE+216)

#define __NR_getdents64 (__NR_SYSCALL_BASE+217)

#define __NR_pivot_root (__NR_SYSCALL_BASE+218)

#define __NR_mincore (__NR_SYSCALL_BASE+219)

#define __NR_madvise (__NR_SYSCALL_BASE+220)

#define __NR_fcntl64 (__NR_SYSCALL_BASE+221)

/* 222 for tux */

/* 223 is unused */

#define __NR_gettid (__NR_SYSCALL_BASE+224)

#define __NR_readahead (__NR_SYSCALL_BASE+225)

#define __NR_setxattr (__NR_SYSCALL_BASE+226)

#define __NR_lsetxattr (__NR_SYSCALL_BASE+227)

#define __NR_fsetxattr (__NR_SYSCALL_BASE+228)

#define __NR_getxattr (__NR_SYSCALL_BASE+229)

#define __NR_lgetxattr (__NR_SYSCALL_BASE+230)

#define __NR_fgetxattr (__NR_SYSCALL_BASE+231)

#define __NR_listxattr (__NR_SYSCALL_BASE+232)

#define __NR_llistxattr (__NR_SYSCALL_BASE+233)

#define __NR_flistxattr (__NR_SYSCALL_BASE+234)

#define __NR_removexattr (__NR_SYSCALL_BASE+235)

#define __NR_lremovexattr (__NR_SYSCALL_BASE+236)

#define __NR_fremovexattr (__NR_SYSCALL_BASE+237)

#define __NR_tkill (__NR_SYSCALL_BASE+238)

#define __NR_sendfile64 (__NR_SYSCALL_BASE+239)

#define __NR_futex (__NR_SYSCALL_BASE+240)

#define __NR_sched_setaffinity (__NR_SYSCALL_BASE+241)

#define __NR_sched_getaffinity (__NR_SYSCALL_BASE+242)

#define __NR_io_setup (__NR_SYSCALL_BASE+243)

#define __NR_io_destroy (__NR_SYSCALL_BASE+244)

#define __NR_io_getevents (__NR_SYSCALL_BASE+245)

#define __NR_io_submit (__NR_SYSCALL_BASE+246)

#define __NR_io_cancel (__NR_SYSCALL_BASE+247)

#define __NR_exit_group (__NR_SYSCALL_BASE+248)

#define __NR_lookup_dcookie (__NR_SYSCALL_BASE+249)

#define __NR_epoll_create (__NR_SYSCALL_BASE+250)

#define __NR_epoll_ctl (__NR_SYSCALL_BASE+251)

#define __NR_epoll_wait (__NR_SYSCALL_BASE+252)

#define __NR_remap_file_pages (__NR_SYSCALL_BASE+253)

/* 254 for set_thread_area */

/* 255 for get_thread_area */

#define __NR_set_tid_address (__NR_SYSCALL_BASE+256)

#define __NR_timer_create (__NR_SYSCALL_BASE+257)

#define __NR_timer_settime (__NR_SYSCALL_BASE+258)

#define __NR_timer_gettime (__NR_SYSCALL_BASE+259)

#define __NR_timer_getoverrun (__NR_SYSCALL_BASE+260)

#define __NR_timer_delete (__NR_SYSCALL_BASE+261)

#define __NR_clock_settime (__NR_SYSCALL_BASE+262)

#define __NR_clock_gettime (__NR_SYSCALL_BASE+263)

#define __NR_clock_getres (__NR_SYSCALL_BASE+264)

#define __NR_clock_nanosleep (__NR_SYSCALL_BASE+265)

#define __NR_statfs64 (__NR_SYSCALL_BASE+266)

#define __NR_fstatfs64 (__NR_SYSCALL_BASE+267)

#define __NR_tgkill (__NR_SYSCALL_BASE+268)

#define __NR_utimes (__NR_SYSCALL_BASE+269)

#define __NR_arm_fadvise64_64 (__NR_SYSCALL_BASE+270)

#define __NR_pciconfig_iobase (__NR_SYSCALL_BASE+271)

#define __NR_pciconfig_read (__NR_SYSCALL_BASE+272)

#define __NR_pciconfig_write (__NR_SYSCALL_BASE+273)

#define __NR_mq_open (__NR_SYSCALL_BASE+274)

#define __NR_mq_unlink (__NR_SYSCALL_BASE+275)

#define __NR_mq_timedsend (__NR_SYSCALL_BASE+276)

#define __NR_mq_timedreceive (__NR_SYSCALL_BASE+277)

#define __NR_mq_notify (__NR_SYSCALL_BASE+278)

#define __NR_mq_getsetattr (__NR_SYSCALL_BASE+279)

#define __NR_waitid (__NR_SYSCALL_BASE+280)

#define __NR_socket (__NR_SYSCALL_BASE+281)

#define __NR_bind (__NR_SYSCALL_BASE+282)

#define __NR_connect (__NR_SYSCALL_BASE+283)

#define __NR_listen (__NR_SYSCALL_BASE+284)

#define __NR_accept (__NR_SYSCALL_BASE+285)

#define __NR_getsockname (__NR_SYSCALL_BASE+286)

#define __NR_getpeername (__NR_SYSCALL_BASE+287)

#define __NR_socketpair (__NR_SYSCALL_BASE+288)

#define __NR_send (__NR_SYSCALL_BASE+289)

#define __NR_sendto (__NR_SYSCALL_BASE+290)

#define __NR_recv (__NR_SYSCALL_BASE+291)

#define __NR_recvfrom (__NR_SYSCALL_BASE+292)

#define __NR_shutdown (__NR_SYSCALL_BASE+293)

#define __NR_setsockopt (__NR_SYSCALL_BASE+294)

#define __NR_getsockopt (__NR_SYSCALL_BASE+295)

#define __NR_sendmsg (__NR_SYSCALL_BASE+296)

#define __NR_recvmsg (__NR_SYSCALL_BASE+297)

#define __NR_semop (__NR_SYSCALL_BASE+298)

#define __NR_semget (__NR_SYSCALL_BASE+299)

#define __NR_semctl (__NR_SYSCALL_BASE+300)

#define __NR_msgsnd (__NR_SYSCALL_BASE+301)

#define __NR_msgrcv (__NR_SYSCALL_BASE+302)

#define __NR_msgget (__NR_SYSCALL_BASE+303)

#define __NR_msgctl (__NR_SYSCALL_BASE+304)

#define __NR_shmat (__NR_SYSCALL_BASE+305)

#define __NR_shmdt (__NR_SYSCALL_BASE+306)

#define __NR_shmget (__NR_SYSCALL_BASE+307)

#define __NR_shmctl (__NR_SYSCALL_BASE+308)

#define __NR_add_key (__NR_SYSCALL_BASE+309)

#define __NR_request_key (__NR_SYSCALL_BASE+310)

#define __NR_keyctl (__NR_SYSCALL_BASE+311)

#define __NR_semtimedop (__NR_SYSCALL_BASE+312)

#define __NR_vserver (__NR_SYSCALL_BASE+313)

#define __NR_ioprio_set (__NR_SYSCALL_BASE+314)

#define __NR_ioprio_get (__NR_SYSCALL_BASE+315)

#define __NR_inotify_init (__NR_SYSCALL_BASE+316)

#define __NR_inotify_add_watch (__NR_SYSCALL_BASE+317)

#define __NR_inotify_rm_watch (__NR_SYSCALL_BASE+318)

#define __NR_mbind (__NR_SYSCALL_BASE+319)

#define __NR_get_mempolicy (__NR_SYSCALL_BASE+320)

#define __NR_set_mempolicy (__NR_SYSCALL_BASE+321)

#define __NR_openat (__NR_SYSCALL_BASE+322)

#define __NR_mkdirat (__NR_SYSCALL_BASE+323)

#define __NR_mknodat (__NR_SYSCALL_BASE+324)

#define __NR_fchownat (__NR_SYSCALL_BASE+325)

#define __NR_futimesat (__NR_SYSCALL_BASE+326)

#define __NR_fstatat64 (__NR_SYSCALL_BASE+327)

#define __NR_unlinkat (__NR_SYSCALL_BASE+328)

#define __NR_renameat (__NR_SYSCALL_BASE+329)

#define __NR_linkat (__NR_SYSCALL_BASE+330)

#define __NR_symlinkat (__NR_SYSCALL_BASE+331)

#define __NR_readlinkat (__NR_SYSCALL_BASE+332)

#define __NR_fchmodat (__NR_SYSCALL_BASE+333)

#define __NR_faccessat (__NR_SYSCALL_BASE+334)

#define __NR_pselect6 (__NR_SYSCALL_BASE+335)

#define __NR_ppoll (__NR_SYSCALL_BASE+336)

#define __NR_unshare (__NR_SYSCALL_BASE+337)

#define __NR_set_robust_list (__NR_SYSCALL_BASE+338)

#define __NR_get_robust_list (__NR_SYSCALL_BASE+339)

#define __NR_splice (__NR_SYSCALL_BASE+340)

#define __NR_arm_sync_file_range (__NR_SYSCALL_BASE+341)

#define __NR_sync_file_range2 __NR_arm_sync_file_range

#define __NR_tee (__NR_SYSCALL_BASE+342)

#define __NR_vmsplice (__NR_SYSCALL_BASE+343)

#define __NR_move_pages (__NR_SYSCALL_BASE+344)

#define __NR_getcpu (__NR_SYSCALL_BASE+345)

#define __NR_epoll_pwait (__NR_SYSCALL_BASE+346)

#define __NR_kexec_load (__NR_SYSCALL_BASE+347)

#define __NR_utimensat (__NR_SYSCALL_BASE+348)

#define __NR_signalfd (__NR_SYSCALL_BASE+349)

#define __NR_timerfd_create (__NR_SYSCALL_BASE+350)

#define __NR_eventfd (__NR_SYSCALL_BASE+351)

#define __NR_fallocate (__NR_SYSCALL_BASE+352)

#define __NR_timerfd_settime (__NR_SYSCALL_BASE+353)

#define __NR_timerfd_gettime (__NR_SYSCALL_BASE+354)

#define __NR_signalfd4 (__NR_SYSCALL_BASE+355)

#define __NR_eventfd2 (__NR_SYSCALL_BASE+356)

#define __NR_epoll_create1 (__NR_SYSCALL_BASE+357)

#define __NR_dup3 (__NR_SYSCALL_BASE+358)

#define __NR_pipe2 (__NR_SYSCALL_BASE+359)

#define __NR_inotify_init1 (__NR_SYSCALL_BASE+360)

#define __NR_preadv (__NR_SYSCALL_BASE+361)

#define __NR_pwritev (__NR_SYSCALL_BASE+362)

#define __NR_rt_tgsigqueueinfo (__NR_SYSCALL_BASE+363)

#define __NR_perf_event_open (__NR_SYSCALL_BASE+364)

#define __NR_recvmmsg (__NR_SYSCALL_BASE+365)

#define __NR_accept4 (__NR_SYSCALL_BASE+366)

#define __NR_fanotify_init (__NR_SYSCALL_BASE+367)

#define __NR_fanotify_mark (__NR_SYSCALL_BASE+368)

#define __NR_prlimit64 (__NR_SYSCALL_BASE+369)

#define __NR_name_to_handle_at (__NR_SYSCALL_BASE+370)

#define __NR_open_by_handle_at (__NR_SYSCALL_BASE+371)

#define __NR_clock_adjtime (__NR_SYSCALL_BASE+372)

#define __NR_syncfs (__NR_SYSCALL_BASE+373)

#define __NR_sendmmsg (__NR_SYSCALL_BASE+374)

#define __NR_setns (__NR_SYSCALL_BASE+375)

#define __NR_process_vm_readv (__NR_SYSCALL_BASE+376)

#define __NR_process_vm_writev (__NR_SYSCALL_BASE+377)

#define __NR_kcmp (__NR_SYSCALL_BASE+378)

#define __NR_finit_module (__NR_SYSCALL_BASE+379)

/*

 * This may need to be greater than __NR_last_syscall+1 in order to

 * account for the padding in the syscall table

 */

/*

 * The following SWIs are ARM private.

 */

#define __ARM_NR_BASE (__NR_SYSCALL_BASE+0x0f0000)

#define __ARM_NR_breakpoint (__ARM_NR_BASE+1)

#define __ARM_NR_cacheflush (__ARM_NR_BASE+2)

#define __ARM_NR_usr26 (__ARM_NR_BASE+3)

#define __ARM_NR_usr32 (__ARM_NR_BASE+4)

#define __ARM_NR_set_tls (__ARM_NR_BASE+5)

/*

 * *NOTE*: This is a ghost syscall private to the kernel.  Only the

 * __kuser_cmpxchg code in entry-armv.S should be aware of its

 * existence.  Don't ever use this from user code.

 */

/*

 * The following syscalls are obsolete and no longer available for EABI.

 */

#if !defined(__KERNEL__)

#if defined(__ARM_EABI__)

#undef __NR_time

#undef __NR_umount

#undef __NR_stime

#undef __NR_alarm

#undef __NR_utime

#undef __NR_getrlimit

#undef __NR_select

#undef __NR_readdir

#undef __NR_mmap

#undef __NR_socketcall

#undef __NR_syscall

#undef __NR_ipc

#endif

#endif

#endif /* _UAPI__ASM_ARM_UNISTD_H */

x86_64 Registers and I/O Ports

(Image showing a subset of the x86_64 registers)

General Purpose

The GPR registers are used for holding operands for logical and arithmetic operations as well as operands for address calculations. In addition,  the GPRs are also used for holding memory pointers.

Although all of these registers are available for general storage of operands, results, and pointers, caution should be used when referencing the ESP register. The ESP register holds the stack pointer and as a general rule should not be used for another purpose.

Many instructions assign specific registers to hold operands. For example, string instructions use the contents of  the ECX, ESI, and EDI registers as operands. When using a segmented memory model, some instructions assume that pointers in certain registers are relative to specific segments. For instance, some instructions assume that a pointer in the EBX register points to a memory location in the DS segment.

R8-R16: Only available on 64 bit processors ( Not x86 )

Instruction Pointer Register

RIP : 64 bit instruction pointer. x86 uses EIP

Flags Register

RFLAGS :

Control Registers

C0 :

The CR0 register is 32 bits long on the 386 and higher processors. On x86-64 processors in long mode, it (and the other control registers) is 64 bits long. CR0 has various control flags that modify the basic operation of the processor.

Bit	Name	Full Name	Description
31	PG	Paging	If 1, enable paging and use the CR3 register, else disable paging
30	CD	Cache disable	Globally enables/disable the memory cache
29	NW	Not-write through	Globally enables/disable write-back caching
18	AM	Alignment mask	Alignment check enabled if AM set, AC flag (in EFLAGS register) set, and privilege level is 3
16	WP	Write protect	Determines whether the CPU can write to pages marked read-only
5	NE	Numeric error	Enable internal x87 floating point error reporting when set, else enables PC style x87 error detection
4	ET	Extension type	On the 386, it allowed to specify whether the external math coprocessor was an 80287 or 80387
3	TS	Task switched	Allows saving x87 task context upon a task switch only after x87 instruction used
2	EM	Emulation	If set, no x87 floating point unit present, if clear, x87 FPU present
1	MP	Monitor co-processor	Controls interaction of WAIT/FWAIT instructions with TS flag in CR0
0	PE	Protected Mode Enable	If 1, system is in protected mode, else system is in real mode

C1 : Reserved
C2 : Contains a value called Page Fault Linear Address (PFLA). When a page fault occurs, the address the program attempted to access is stored in the CR2 register.
C3 : Used when virtual addressing is enabled, hence when the PG bit is set in CR0. CR3 enables the processor to translate linear addresses into physical addresses by locating the page directory and page tables for the current task. Typically, the upper 20 bits of CR3 become the page directory base register (PDBR), which stores the physical address of the first page directory entry.
C4: Used in protected mode to control operations such as virtual-8086 support, enabling I/O breakpoints, page size extension and machine check exceptions.

Bit	Name	Full Name	Description
21	SMAP	Supervisor Mode Access Protection Enable	If set, access of data in a higher ring generates a fault[1]
20	SMEP	Supervisor Mode Execution Protection Enable	If set, execution of code in a higher ring generates a fault
18	OSXSAVE	XSAVE and Processor Extended States Enable
17	PCIDE	PCID Enable	If set, enables process-context identifiers (PCIDs).
14	SMXE	Safer Mode Extensions Enable	see Trusted Execution Technology (TXT)
13	VMXE	Virtual Machine Extensions Enable	see Intel VT-x
10	OSXMMEXCPT	Operating System Support for Unmasked SIMD Floating-Point Exceptions	If set, enables unmasked SSE exceptions.
9	OSFXSR	Operating system support for FXSAVE and FXRSTOR instructions	If set, enables SSE instructions and fast FPU save & restore
8	PCE	Performance-Monitoring Counter enable	If set, RDPMC can be executed at any privilege level, else RDPMC can only be used in ring 0.
7	PGE	Page Global Enabled	If set, address translations (PDE or PTE records) may be shared between address spaces.
6	MCE	Machine Check Exception	If set, enables machine check interrupts to occur.
5	PAE	Physical Address Extension	If set, changes page table layout to translate 32-bit virtual addresses into extended 36-bit physical addresses.
4	PSE	Page Size Extension	If unset, page size is 4 KiB, else page size is increased to 4 MiB (or 2 MiB with PAE set).
3	DE	Debugging Extensions	If set, enables debug register based breaks on I/O space access
2	TSD	Time Stamp Disable	If set, RDTSC instruction can only be executed when in ring 0, otherwise RDTSC can be used at any privilege level.
1	PVI	Protected-mode Virtual Interrupts	If set, enables support for the virtual interrupt flag (VIF) in protected mode.
0	VME	Virtual 8086 Mode Extensions	If set, enables support for the virtual interrupt flag (VIF) in virtual-8086 mode.

EFER : 

(x64 only)Extended Feature Enable Register (EFER) is a model-specific register added in the AMD K6 processor, to allow enabling the SYSCALL/SYSRET instruction, and later for entering and exiting long mode. This register becomes architectural in AMD64 and has been adopted by Intel.

Bit	Purpose
63:16	Reserved
15	TCE (Translation Cache Extension)
14	FFXSR (Fast FXSAVE/FXRSTOR)
13	LMSLE (Long Mode Segment Limit Enable)
12	SVME (Secure Virtual Machine Enable)
11	NXE (No-Execute Enable)
10	LMA (Long Mode Active)
9	Reserved
8	LME (Long Mode Enable)
7:1	Reserved
0	SCE (System Call Extensions)

C8 : (x64 only) A new register accessible in 64-bit mode using the REX prefix. CR8 is used to prioritize external interrupts and is referred to as the task-priority register (TPR).^[2]

The AMD64 architecture allows software to define up to 15 external interrupt-priority classes. Priority classes are numbered from 1 to 15, with priority-class 1 being the lowest and priority-class 15 the highest. CR8 uses the four low-order bits for specifying a task priorityand the remaining 60 bits are reserved and must be written with zeros.

System software can use the TPR register to temporarily block low-priority interrupts from interrupting a high-priority task. This is accomplished by loading TPR with a value corresponding to the highest-priority interrupt that is to be blocked. For example, loading TPR with a value of 9 (1001b) blocks all interrupts with a priority class of 9 or less, while allowing all interrupts with a priority class of 10 or more to be recognized. Loading TPR with 0 enables all external interrupts. Loading TPR with 15 (1111b) disables all external interrupts.

The TPR is cleared to 0 on reset.

Segment Registers 

These registers are not used for segment info as they were on previous models.
CS :
DS :
SS :
ES :
FS :
GS : Used by a process to point to the TEB/TIB (Thread Execution Block) on Windows. You are able to get the PEB (Process execution Block) from a pointer in the TEB on Windows

Debugging Registers

These registers allow you to set up to four (for x86, this is highly platform specific) addresses that, when either read, read/written, or executed, will cause the processor to throw a special exception that causes execution to stop and control to be transferred to the debugger.

DR0 - DR3 : Contains the linear address associated with one of four breakpoint conditions. Each breakpoint condition is further defined by bits in DR7.  The debug address registers are effective whether or not paging is enabled. The addresses in these registers are linear addresses. If paging is enabled, the linear addresses are translated into physical addresses by the processor's paging mechanism. If paging is not enabled, these linear addresses are the same as physical addresses.

Note that when paging is enabled, different tasks may have different linear-to-physical address mappings. When this is the case, an address in a debug address register may be relevant to one task but not to another. For this reason the x86 has both global and local enable bits in DR7. These bits indicate whether a given debug address has a global (all tasks) or local (current task only) relevance.

DR6 :The debug status register permits the debugger to determine which debug conditions have occurred. When the processor detects an enabled debug exception, it sets the low-order bits of this register (0,1,2,3) before entering the debug exception handler.

Note that the bits of DR6 are never cleared by the processor. To avoid any confusion in identifying the next debug exception, the debug handler should move zeros to DR6 immediately before returning.

DR7 :The low-order eight bits of DR7 (0,2,4,6 and 1,3,5,7) selectively enable the four address breakpoint conditions. There are two levels of enabling: the local (0,2,4,6) and global (1,3,5,7) levels. The local enable bits are automatically reset by the processor at every task switch to avoid unwanted breakpoint conditions in the new task. The global enable bits are not reset by a task switch; therefore, they can be used for conditions that are global to all tasks.

Bits 16-17 (DR0), 20-21 (DR1), 24-25 (DR2), 28-29 (DR3), define when breakpoints trigger. Each breakpoint has a two-bit entry that specifies whether they break on execution (00b), data write (01b), data read or write (11b). 10b is defined to mean break on IO read or write but no hardware supports it. Bits 18-19 (DR0), 22-23 (DR1), 26-27 (DR2), 30-31 (DR3), define how large an area of memory is watched by breakpoints. Again each breakpoint has a two-bit entry that specifies whether they watch one (00b), two (01b), eight (10b) or four (11b) bytes.

Test Registers

Not sure if these are still in the x86_x64 processor

TR3 &TR7 : Usually to do a self-test. Most of these registers were undocumented, and used by specialized software. The test registers were named TR3 to TR7. Regular programs don't usually require these registers to work. With the Pentium, the test registers were replaced by a variety of model-specific registers (MSRs).

TR6 & TR7 : . TR6 was the test command register, and TR7 was the test data register. These registers were accessed by variants of the MOV instruction. A test register may either be the source operand or the destination operand. The MOV instructions are defined in both real-address mode and protected mode. The test registers are privileged resources. In protected mode, the MOV instructions that access them can only be executed at privilege level 0. An attempt to read or write the test registers when executing at any other privilege level causes a general protection exception. Also, those instructions generate invalid opcode exception on any CPU newer than 80486.

Streaming SIMD Extension Registers(SSE, SSE2, SSE3 and SSSE3)

Registers to support the SSE.  It extends the earlier SSE instruction set, and is intended to fully replace MMX.  SIMD (Single Instruction, Multiple Data) instructions can greatly increase performance when exactly the same operations are to be performed on multiple data objects. Typical applications are digital signal processing and graphics processing.

Because these 128-bit registers are additional machine states that the operating system must preserve across task switches, they are disabled by default until the operating system explicitly enables them. This means that the OS must know how to use the FXSAVE and FXRSTOR instructions, which is the extended pair of instructions which can save all x86 and SSE register states all at once. This support was quickly added to all major IA-32 operating systems.

XMM0-XMM7 : 128 bits wide.
XMM8-XMM15 : Only on x86_64 processor. 128 bits wide.
MXCSR : Control/status register

Model Specific Registers (MSRs)