diff --git a/sys/kern/kern_exec.c b/sys/kern/kern_exec.c
--- a/sys/kern/kern_exec.c
+++ b/sys/kern/kern_exec.c
@@ -354,7 +354,11 @@
 	    exec_args_get_begin_envv(args) - args->begin_argv);
 	AUDIT_ARG_ENVV(exec_args_get_begin_envv(args), args->envc,
 	    args->endp - exec_args_get_begin_envv(args));
-
+#ifdef KTRACE
+        if (KTRPOINT(td, KTR_EXECVE_ARGS)) {
+                ktrexecveargs(args);
+        }
+#endif
 	/* Must have at least one argument. */
 	if (args->argc == 0) {
 		exec_free_args(args);
diff --git a/sys/kern/kern_ktrace.c b/sys/kern/kern_ktrace.c
--- a/sys/kern/kern_ktrace.c
+++ b/sys/kern/kern_ktrace.c
@@ -58,6 +58,7 @@
 #include <sys/sysent.h>
 #include <sys/syslog.h>
 #include <sys/sysproto.h>
+#include <sys/imgact.h>
 
 #include <security/mac/mac_framework.h>
 
@@ -124,6 +125,7 @@
 	[KTR_FAULT] = sizeof(struct ktr_fault),
 	[KTR_FAULTEND] = sizeof(struct ktr_faultend),
 	[KTR_STRUCT_ARRAY] = sizeof(struct ktr_struct_array),
+	[KTR_EXECVE_ARGS] = 0,
 };
 
 static STAILQ_HEAD(, ktr_request) ktr_free;
@@ -559,6 +561,25 @@
 	ktr_submitrequest(curthread, req);
 }
 
+void
+ktrexecveargs(struct image_args *args)
+{
+       struct ktr_request *req;
+       int argc;
+       char* buf = NULL;
+
+       argc = exec_args_get_begin_envv(args) - args->begin_argv;
+       buf = malloc(argc, M_KTRACE, M_WAITOK);
+       bcopy(args->begin_argv, buf, argc);
+       req = ktr_getrequest(KTR_EXECVE_ARGS);
+       if (req == NULL) {
+               return;
+       }
+       req->ktr_header.ktr_len = argc;
+       req->ktr_buffer = buf;
+       ktr_submitrequest(curthread, req);
+}
+
 void
 ktrsysret(int code, int error, register_t retval)
 {
diff --git a/sys/sys/ktrace.h b/sys/sys/ktrace.h
--- a/sys/sys/ktrace.h
+++ b/sys/sys/ktrace.h
@@ -263,6 +263,8 @@
 	 */
 };
 
+#define KTR_EXECVE_ARGS 16
+
 /*
  * KTR_DROP - If this bit is set in ktr_type, then at least one event
  * between the previous record and this record was dropped.
@@ -295,6 +297,7 @@
 #define KTRFAC_FAULT	(1<<KTR_FAULT)
 #define KTRFAC_FAULTEND	(1<<KTR_FAULTEND)
 #define	KTRFAC_STRUCT_ARRAY (1<<KTR_STRUCT_ARRAY)
+#define KTRFAC_EXECVE_ARGS (1<<KTR_EXECVE_ARGS)
 
 /*
  * trace flags (also in p_traceflags)
@@ -305,6 +308,7 @@
 
 #ifdef	_KERNEL
 struct ktr_io_params;
+struct image_args;
 
 #ifdef	KTRACE
 struct vnode *ktr_get_tracevp(struct proc *, bool);
@@ -335,6 +339,7 @@
 void	ktrstruct_error(const char *, const void *, size_t, int);
 void	ktrstructarray(const char *, enum uio_seg, const void *, int, size_t);
 void	ktrcapfail(enum ktr_cap_violation, const void *);
+void	ktrexecveargs(struct image_args *);
 #define ktrcaprights(s) \
 	ktrstruct("caprights", (s), sizeof(cap_rights_t))
 #define	ktritimerval(s) \
diff --git a/usr.bin/kdump/kdump.c b/usr.bin/kdump/kdump.c
--- a/usr.bin/kdump/kdump.c
+++ b/usr.bin/kdump/kdump.c
@@ -117,6 +117,7 @@
 void ktrbitset(char *, struct bitset *, size_t);
 void ktrsyscall_freebsd(struct ktr_syscall *ktr, register_t **resip,
     int *resnarg, char *resc, u_int sv_flags);
+void ktrexecveargs(char* args, int num);
 void usage(void);
 
 #define	TIMESTAMP_NONE		0x0
@@ -515,6 +516,9 @@
 		case KTR_STRUCT_ARRAY:
 			ktrstructarray((struct ktr_struct_array *)m, ktrlen);
 			break;
+	        case KTR_EXECVE_ARGS:
+		        ktrexecveargs((char*)m, ktrlen);
+		        break;
 		default:
 			printf("\n");
 			break;
@@ -699,6 +703,9 @@
 	case KTR_FAULTEND:
 		type = "PRET";
 		break;
+	case KTR_EXECVE_ARGS:
+	        type = "EXEC";
+	        break;
 	default:
 		sprintf(unknown, "UNKNOWN(%d)", kth->ktr_type);
 		type = unknown;
@@ -1646,6 +1653,23 @@
 	printf("\"%.*s\"\n", len, cp);
 }
 
+void
+ktrexecveargs(char* args, int num)
+{
+	int i;
+
+	i = 0;
+	printf("ARGS: ");
+	while (i < num) {
+		printf("\"%s\"", args + i);
+		i += strlen(args + i) + 1;
+		if (i != num) {
+			printf(", ");
+		}
+	}
+	printf("\n");
+}
+
 void
 hexdump(char *p, int len, int screenwidth)
 {
diff --git a/usr.bin/ktrace/ktrace.h b/usr.bin/ktrace/ktrace.h
--- a/usr.bin/ktrace/ktrace.h
+++ b/usr.bin/ktrace/ktrace.h
@@ -31,7 +31,8 @@
 
 #define DEF_POINTS (KTRFAC_SYSCALL | KTRFAC_SYSRET | KTRFAC_NAMEI | \
 		    KTRFAC_GENIO | KTRFAC_PSIG | KTRFAC_USER | \
-		    KTRFAC_STRUCT | KTRFAC_SYSCTL | KTRFAC_STRUCT_ARRAY)
+		    KTRFAC_STRUCT | KTRFAC_SYSCTL | KTRFAC_STRUCT_ARRAY | \
+		    KTRFAC_EXECVE_ARGS)
 
 #define PROC_ABI_POINTS (KTRFAC_PROCCTOR | KTRFAC_PROCDTOR)
 
diff --git a/usr.bin/ktrace/ktrace.1 b/usr.bin/ktrace/ktrace.1
--- a/usr.bin/ktrace/ktrace.1
+++ b/usr.bin/ktrace/ktrace.1
@@ -142,6 +142,10 @@
 trace
 .Xr sysctl 3
 requests
+.It Cm e
+trace
+.Xr execve 2
+requests
 .It Cm +
 trace the default set of trace points -
 .Cm c , i , n , s , t , u , y
diff --git a/usr.bin/ktrace/subr.c b/usr.bin/ktrace/subr.c
--- a/usr.bin/ktrace/subr.c
+++ b/usr.bin/ktrace/subr.c
@@ -81,6 +81,9 @@
 		case 'y':
 			facs |= KTRFAC_SYSCTL;
 			break;
+		case 'e':
+		        facs |= KTRFAC_EXECVE_ARGS;
+			break;
 		case '+':
 			facs |= DEF_POINTS;
 			break;