Lind-Project / safeposix-rust
Rust implementation of SafePOSIX
☆13Updated last month
Alternatives and similar repositories for safeposix-rust:
Users that are interested in safeposix-rust are comparing it to the libraries listed below
- Lind: Secure Lightweight Adaptive Isolation☆29Updated 5 months ago
- A CLI tool for creating secure by design/default source repos.☆25Updated 8 months ago
- Linux Kernel Runtime Integrity with eBPF☆173Updated last year
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than…☆64Updated 2 years ago
- Linux Security Hardening for Confidential Compute☆66Updated 6 months ago
- eBPF verifier based on abstract interpretation☆407Updated last week
- Trace deep kernel events through eBPF and lsm hooks☆35Updated 4 years ago
- ☆44Updated 8 months ago
- This repository contains the artifact for the SOSP'23 paper: Sishuai Gong, Dinglan Peng, Deniz Altınbüken, Pedro Fonseca, Petros Maniati…☆13Updated last year
- bpflock - eBPF driven security for locking and auditing Linux machines☆146Updated 3 years ago
- This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Red…☆36Updated 4 months ago
- WASEM - a general symbolic execution framework for WebAssembly (WASM) binaries☆13Updated 6 months ago
- POC for Phantom Attack☆80Updated 2 years ago
- ☆22Updated 2 weeks ago
- ☆23Updated 4 months ago
- ☆26Updated 2 years ago
- ☆13Updated 3 years ago
- ☆35Updated 3 years ago
- Prototype allocator for the prevention of use-after-free attacks, as described in the S&P 2020 Paper - "MarkUs: Drop-in use-after-free pr…☆14Updated 3 years ago
- SyzScope is a research project that aims to reveal high-risk security bug from Syzbot. Learn more details in our paper.☆24Updated 3 years ago
- Generative and mutative fuzzer for Kubernetes admission controller chains by automatically parsing the cluster api specification.☆72Updated last year
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆58Updated 2 years ago
- ☆24Updated 3 years ago
- Uncovering Container Confusion in the Linux Kernel☆43Updated last year
- Confidential Containers Shim Firmware☆109Updated last week
- Constantine is a compiler-based system to automatically harden programs against microarchitectural side channels☆72Updated 2 years ago
- Breaking Confidential VMs with Malicious Interrupts (USENIX Security 2024)☆28Updated 10 months ago
- eBPF Memory Dump Tool☆62Updated 3 weeks ago
- Lightweight fuzzing of a memory snapshot using KVM☆450Updated 11 months ago
- Source code of ASAN--☆94Updated 9 months ago