antitree / syscall2seccomp
Build custom Docker seccomp profiles for containers by finding syscalls it uses.
☆89Updated 4 years ago
Related projects: ⓘ
- Docker Secure Computing Profile Generator☆47Updated 2 years ago
- agent for handling seccomp descriptors for container runtimes☆41Updated 7 months ago
- ptrace-based event producer for udig☆66Updated 2 years ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆113Updated last year
- Kit for building Falco drivers: kernel modules or eBPF probes☆64Updated last week
- Container Blackbox Security Auditing Tool: enumerates security configuration from within the target container☆84Updated 5 years ago
- 🐝 BPFBox 📦 Exploring process confinement in eBPF☆98Updated 8 months ago
- Example program using eBPF to log data being based in using shell pipes☆40Updated 3 years ago
- eBPF - extended Berkeley Packet Filter tooling☆121Updated 2 years ago
- OCI hook to trace syscalls and generate a seccomp profile☆292Updated 3 weeks ago
- insject is a tool for poking at containers. It enables you to run an arbitrary command in a container or any mix of Linux namespaces.☆49Updated 2 years ago
- Kubernetes Easter CTF☆58Updated 4 years ago
- A POC for DNS spoofing in kubernetes clusters. Runs with minimum capabilities, on default installations of kuberentes.☆74Updated 5 years ago
- eBPF based syscalls, files and network events tracing framework☆82Updated 4 years ago
- Going Florida on container keyring masks. A tool to demonstrate the ineffectivity containers have on isolating Linux Kernel keyrings.☆43Updated last year
- Evolution process of The Falco Project☆48Updated this week
- Security testing tool for Kubernetes, abusing kubelet credentials on public cloud providers.☆159Updated 10 months ago
- A container image that exfiltrates the underlying container runtime to a remote server☆126Updated last year
- A command line tool to automatically generate seccomp profiles.☆25Updated 3 years ago
- ☆29Updated 3 years ago
- Source-code based coverage for eBPF programs actually running in the Linux kernel☆129Updated 2 years ago
- bpflock - eBPF driven security for locking and auditing Linux machines☆136Updated 2 years ago
- Trace system calls from Docker containers running on the system☆31Updated last year
- A process level network security monitoring and enforcement project for Kubernetes, using eBPF☆40Updated 4 years ago
- ☆90Updated 4 months ago
- Automated GKE Kubelet Impersonation and Cluster Secret Stealer via kube-env☆102Updated 5 years ago
- ☆27Updated 2 months ago
- Convert Falco logs to Docker seccomp profiles☆20Updated 8 years ago
- Cloud Native Security Hub - Security Resources☆55Updated 4 years ago
- A replacement for "kubectl exec" that works over WebSocket connections.☆27Updated 5 months ago