Alternatives and similar repositories for sandbox

Users that are interested in sandbox are comparing it to the libraries listed below

• google / kafel
  A language and library for specifying syscall filtering policies.
  ☆324Updated 11 months ago
• google / minijail
  sandboxing and containment tool used in ChromeOS and Android
  ☆317Updated this week
• harporoeder / ebpfsnitch
  Linux Application Level Firewall based on eBPF and NFQUEUE.
  ☆702Updated last year
• gaul / awesome-ld-preload
  List of resources related to LD_PRELOAD, a mechanism for changing application behavior at run-time
  ☆900Updated last year
• struct / isoalloc
  A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good…
  ☆378Updated 11 months ago
• seccomp / libseccomp
  The main libseccomp repository
  ☆860Updated 2 months ago
• rootless-containers / slirp4netns
  User-mode networking for unprivileged network namespaces
  ☆830Updated last month
• wkz / ply
  Light-weight Dynamic Tracer for Linux
  ☆418Updated 4 months ago
• mechpen / sockdump
  Dump unix domain socket traffic with bpf
  ☆395Updated last year
• stewartsmith / libeatmydata
  libeatmydata - because fsync() should be a no-op
  ☆444Updated last year
• amluto / virtme
  An easy way to virtualize the running system
  ☆345Updated last year
• google / hiba
  HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of princip…
  ☆381Updated last month
• davidmalcolm / antipatterns.ko
  The world's worst kernel module
  ☆299Updated 3 years ago
• osresearch / safeboot
  Scripts to slightly improve the security of the Linux boot process with UEFI Secure Boot and TPM support
  ☆280Updated 2 years ago
• alessandrod / snuffy
  Snuffy is a simple command line tool to inspect SSL/TLS data.
  ☆291Updated 4 years ago
• composefs / composefs
  The reliability of disk images, the flexibility of files
  ☆544Updated last month
• iovisor / ply
  Dynamic Tracing in Linux
  ☆1,007Updated 4 months ago
• google / psp
  ☆258Updated last year
• trailofbits / krf
  A kernelspace syscall interceptor and randomized faulter
  ☆354Updated 7 months ago
• google / go-attestation
  ☆391Updated last week
• ssrg-vt / hermitux
  A binary-compatible unikernel
  ☆395Updated 10 months ago
• iovisor / ubpf
  Userspace eBPF VM
  ☆897Updated this week
• nccgroup / ebpf
  eBPF - extended Berkeley Packet Filter tooling
  ☆123Updated 3 years ago
• cloudflare / tubular
  BSD socket API on steroids
  ☆312Updated 9 months ago
• cloud-hypervisor / rust-hypervisor-firmware
  ☆637Updated last week
• lkrg-org / lkrg
  Linux Kernel Runtime Guard
  ☆465Updated last week
• tsgates / mbox
  A lightweight sandbox tool for non-root users
  ☆662Updated 7 years ago
• landlock-lsm / linux
  Linux kernel - See Landlock issues
  ☆41Updated 2 months ago
• cloudflare / bpftools
  BPF Tools - packet analyst toolkit
  ☆1,217Updated 9 months ago
• keylime / keylime
  A CNCF Project to Bootstrap & Maintain Trust on the Edge / Cloud and IoT
  ☆475Updated last week