Alternatives and similar repositories for sandbox:

Users that are interested in sandbox are comparing it to the libraries listed below

• google / kafel
  A language and library for specifying syscall filtering policies.
  ☆316Updated 9 months ago
• gaul / awesome-ld-preload
  List of resources related to LD_PRELOAD, a mechanism for changing application behavior at run-time
  ☆892Updated last year
• google / minijail
  sandboxing and containment tool used in ChromeOS and Android
  ☆308Updated this week
• composefs / composefs
  The reliability of disk images, the flexibility of files
  ☆522Updated last week
• harporoeder / ebpfsnitch
  Linux Application Level Firewall based on eBPF and NFQUEUE.
  ☆698Updated last year
• struct / isoalloc
  A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good…
  ☆373Updated 9 months ago
• rootless-containers / slirp4netns
  User-mode networking for unprivileged network namespaces
  ☆810Updated last week
• iovisor / ply
  Dynamic Tracing in Linux
  ☆1,000Updated 2 months ago
• amluto / virtme
  An easy way to virtualize the running system
  ☆340Updated last year
• seccomp / libseccomp
  The main libseccomp repository
  ☆848Updated last month
• PLSysSec / rlbox
  RLBox sandboxing framework
  ☆298Updated last week
• mechpen / sockdump
  Dump unix domain socket traffic with bpf
  ☆390Updated last year
• wkz / ply
  Light-weight Dynamic Tracer for Linux
  ☆412Updated 2 months ago
• awslabs / snapchange
  Lightweight fuzzing of a memory snapshot using KVM
  ☆452Updated last year
• containers / libkrun
  A dynamic library providing Virtualization-based process isolation capabilities
  ☆1,075Updated this week
• alessandrod / snuffy
  Snuffy is a simple command line tool to inspect SSL/TLS data.
  ☆291Updated 4 years ago
• MarginResearch / cannoli
  High-performance QEMU memory and instruction tracing
  ☆543Updated 9 months ago
• stewartsmith / libeatmydata
  libeatmydata - because fsync() should be a no-op
  ☆435Updated 11 months ago
• nixcloud / ip2unix
  Turn IP sockets into Unix domain sockets
  ☆366Updated 10 months ago
• mebeim / systrack
  📡🐧 Linux kernel syscall implementation tracker
  ☆213Updated last month
• trailofbits / krf
  A kernelspace syscall interceptor and randomized faulter
  ☆355Updated 5 months ago
• osresearch / safeboot
  Scripts to slightly improve the security of the Linux boot process with UEFI Secure Boot and TPM support
  ☆277Updated 2 years ago
• iovisor / ubpf
  Userspace eBPF VM
  ☆885Updated this week
• cloudflare / tubular
  BSD socket API on steroids
  ☆298Updated 7 months ago
• google / kmsan
  KernelMemorySanitizer, a detector of uses of uninitialized memory in the Linux kernel
  ☆412Updated last month
• quarkslab / peetch
  An eBPF playground
  ☆206Updated last year
• landlock-lsm / go-landlock
  A Go library for the Linux Landlock sandboxing feature
  ☆187Updated 3 weeks ago
• nccgroup / ebpf
  eBPF - extended Berkeley Packet Filter tooling
  ☆123Updated 2 years ago
• guardicore / IPCDump
  ☆246Updated 4 years ago
• varnish / tinykvm
  VMM for native-performance sandboxing
  ☆599Updated this week