In case images fail to load, it might be due to jsDelivr CDN ban in Egypt. To resolve this, consider using a VPN. 
Syscalls? Why? To Bypass user-mood hooks. why? For Hiding a code inside a legitimate process (Process Injection) Avoiding EDR alerts! User-mood Hooks Hooking user-mode functions by placing a jump to another code section. EDRs use hooks to check the function parameters. For example, if you are trying to change the memory protections of some data to add executable protections.
Article Link: Understanding Syscalls: Direct, Indirect, and Cobalt Strike Implementation - d01a