amrabed / strace-docker
Trace system calls from Docker containers running on the system
β32Updated last year
Alternatives and similar repositories for strace-docker:
Users that are interested in strace-docker are comparing it to the libraries listed below
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable thanβ¦β64Updated 2 years ago
- π BPFBox π¦ Exploring process confinement in eBPFβ101Updated last year
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.β57Updated 2 years ago
- β18Updated 4 years ago
- Trace deep kernel events through eBPF and lsm hooksβ35Updated 4 years ago
- fuzzing framework based on libfuzzer and clang sanitizerβ165Updated 5 years ago
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploitsβ21Updated 3 years ago
- Fork from git://git.kernel.org/pub/scm/linux/kernel/git/torvalds/linux.git (unstable and force pushed!)β20Updated last year
- bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.β87Updated last year
- A file system events notifier based on eBPFβ61Updated last year
- Build custom Docker seccomp profiles for containers by finding syscalls it uses.β89Updated 4 years ago
- Example BPF program with LSM hooksβ33Updated 3 years ago
- bpflock - eBPF driven security for locking and auditing Linux machinesβ142Updated 3 years ago
- β22Updated 8 months ago
- ebpH (Extended BPF Process Homeostasis) monitors process behavior on your system to establish normal behavioral patterns. ebpH reports anβ¦β41Updated 2 years ago
- β24Updated 3 years ago
- eBPF based syscalls, files and network events tracing frameworkβ93Updated 4 years ago
- Linux Kernel Runtime Integrity with eBPFβ173Updated last year
- An eBPF program debuggerβ200Updated 2 years ago
- A process level network security monitoring and enforcement project for Kubernetes, using eBPFβ42Updated 4 years ago
- ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkitsβ127Updated last year
- Source-code based coverage for eBPF programs actually running in the Linux kernelβ130Updated 2 weeks ago
- This tool set can generate required capabilities for binaries. A system call to capability mapping is used to assign capability to the biβ¦β14Updated 2 years ago
- Lind: Secure Lightweight Adaptive Isolationβ28Updated 4 months ago
- β44Updated 2 years ago
- agent for handling seccomp descriptors for container runtimesβ44Updated last year
- β435Updated 6 months ago
- This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Redβ¦β35Updated 3 months ago
- [Deplicated] Now we have more sophisticated (and compact) implementation in ipftrace2 repository. Please check it as well.β58Updated 4 years ago
- eBPF - extended Berkeley Packet Filter toolingβ122Updated 2 years ago