Lind-Project / lind_project
Lind: Secure Lightweight Adaptive Isolation
☆23Updated this week
Related projects: ⓘ
- Rust implementation of SafePOSIX☆12Updated last week
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than…☆62Updated 2 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆98Updated 8 months ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆55Updated 2 years ago
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆20Updated 2 years ago
- Trace deep kernel events through eBPF and lsm hooks☆32Updated 3 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆136Updated 2 years ago
- ☆12Updated this week
- A taxonomy of attacks on software supply chains in the form of an attack tree, based on and linked to numerous real-world incidents and o…☆69Updated this week
- Linux Kernel Runtime Integrity with eBPF☆163Updated 9 months ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆71Updated last year
- Example BPF program with LSM hooks☆31Updated 3 years ago
- agent for handling seccomp descriptors for container runtimes☆41Updated 7 months ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆113Updated last year
- Atom is a novel intermediate representation for applications and a standalone tool that is powered by chen.☆46Updated 2 weeks ago
- ☆17Updated 3 years ago
- Supply Chain Query Tool☆13Updated 2 years ago
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.☆89Updated 4 years ago
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)☆20Updated last year
- A Java implementation of in-toto runlib☆12Updated last month
- Format agnostic SBOM tooling☆63Updated this week
- ✨🔐 CNCF Fuzzers☆111Updated this week
- A fuzzer setup to fuzz libc functions.☆15Updated 2 years ago
- OCI hook to trace syscalls and generate a seccomp profile☆292Updated 3 weeks ago
- This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Red…☆33Updated 4 years ago
- A CLI tool for creating secure by design/default source repos.☆24Updated last month
- A BPF-based syscall fault injector☆94Updated last year
- ☆82Updated 2 months ago
- fuzzing framework based on libfuzzer and clang sanitizer☆163Updated 5 years ago
- eBPF Steering Committee (BSC)☆11Updated 2 months ago