Alternatives and similar repositories for sandbox

Users that are interested in sandbox are comparing it to the libraries listed below

• google / kafel
  A language and library for specifying syscall filtering policies.
  ☆332Updated last year
• google / minijail
  sandboxing and containment tool used in ChromeOS and Android
  ☆323Updated this week
• gaul / awesome-ld-preload
  List of resources related to LD_PRELOAD, a mechanism for changing application behavior at run-time
  ☆903Updated last year
• harporoeder / ebpfsnitch
  Linux Application Level Firewall based on eBPF and NFQUEUE.
  ☆703Updated last year
• struct / isoalloc
  A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good…
  ☆378Updated last year
• amluto / virtme
  An easy way to virtualize the running system
  ☆347Updated last year
• seccomp / libseccomp
  The main libseccomp repository
  ☆864Updated 2 months ago
• mechpen / sockdump
  Dump unix domain socket traffic with bpf
  ☆400Updated last year
• rootless-containers / slirp4netns
  User-mode networking for unprivileged network namespaces
  ☆837Updated 2 months ago
• alessandrod / snuffy
  Snuffy is a simple command line tool to inspect SSL/TLS data.
  ☆291Updated 4 years ago
• stewartsmith / libeatmydata
  libeatmydata - because fsync() should be a no-op
  ☆448Updated last year
• wkz / ply
  Light-weight Dynamic Tracer for Linux
  ☆420Updated 5 months ago
• iovisor / ply
  Dynamic Tracing in Linux
  ☆1,009Updated 5 months ago
• cloudflare / tubular
  BSD socket API on steroids
  ☆315Updated 10 months ago
• PLSysSec / rlbox
  RLBox sandboxing framework
  ☆304Updated this week
• nccgroup / ebpf
  eBPF - extended Berkeley Packet Filter tooling
  ☆124Updated 3 years ago
• google / psp
  ☆258Updated last year
• trailofbits / krf
  A kernelspace syscall interceptor and randomized faulter
  ☆354Updated 8 months ago
• composefs / composefs
  The reliability of disk images, the flexibility of files
  ☆548Updated 2 months ago
• tsgates / mbox
  A lightweight sandbox tool for non-root users
  ☆663Updated 7 years ago
• sandfs / sandfs.github.io
  Sandboxing File System
  ☆46Updated 5 years ago
• landlock-lsm / linux
  Linux kernel - See Landlock issues
  ☆41Updated 3 months ago
• google / go-attestation
  ☆393Updated last month
• lkrg-org / lkrg
  Linux Kernel Runtime Guard
  ☆470Updated last month
• google / kmsan
  KernelMemorySanitizer, a detector of uses of uninitialized memory in the Linux kernel
  ☆415Updated 3 months ago
• generic-ebpf / generic-ebpf
  Generic eBPF runtime
  ☆151Updated 4 years ago
• nixcloud / ip2unix
  Turn IP sockets into Unix domain sockets
  ☆369Updated last year
• DavidBuchanan314 / libleakmydata
  A simple LD_PRELOAD library to disable SSL certificate verification. Inspired by libeatmydata.
  ☆180Updated 6 years ago
• MarginResearch / cannoli
  High-performance QEMU memory and instruction tracing
  ☆542Updated last year
• bolinfest / opensnoop-native
  opensnoop in pure C using eBPF
  ☆100Updated 3 months ago