Alternatives and similar repositories for sandbox

Users that are interested in sandbox are comparing it to the libraries listed below

• google / kafel
  A language and library for specifying syscall filtering policies.
  ☆340Updated 3 weeks ago
• gaul / awesome-ld-preload
  List of resources related to LD_PRELOAD, a mechanism for changing application behavior at run-time
  ☆908Updated last year
• google / minijail
  sandboxing and containment tool used in ChromeOS and Android
  ☆351Updated this week
• harporoeder / ebpfsnitch
  Linux Application Level Firewall based on eBPF and NFQUEUE.
  ☆704Updated 2 years ago
• mechpen / sockdump
  Dump unix domain socket traffic with bpf
  ☆415Updated 2 years ago
• struct / isoalloc
  A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good…
  ☆383Updated last week
• nccgroup / ebpf
  eBPF - extended Berkeley Packet Filter tooling
  ☆131Updated 3 years ago
• seccomp / libseccomp
  The main libseccomp repository
  ☆888Updated 2 months ago
• cloudflare / tubular
  BSD socket API on steroids
  ☆321Updated last year
• composefs / composefs
  The reliability of disk images, the flexibility of files
  ☆606Updated last month
• amluto / virtme
  An easy way to virtualize the running system
  ☆351Updated 2 years ago
• alessandrod / snuffy
  Snuffy is a simple command line tool to inspect SSL/TLS data.
  ☆292Updated 5 years ago
• wkz / ply
  Light-weight Dynamic Tracer for Linux
  ☆425Updated 2 weeks ago
• landlock-lsm / linux
  Linux kernel - See Landlock issues
  ☆44Updated 2 weeks ago
• rootless-containers / slirp4netns
  User-mode networking for unprivileged network namespaces
  ☆873Updated 6 months ago
• stewartsmith / libeatmydata
  libeatmydata - because fsync() should be a no-op
  ☆470Updated last year
• google / go-attestation
  Libraries to abstract aspects of working with TPMs for the purposes of attestation
  ☆407Updated last week
• elastic / bpfcov
  Source-code based coverage for eBPF programs actually running in the Linux kernel
  ☆135Updated 10 months ago
• trailofbits / krf
  A kernelspace syscall interceptor and randomized faulter
  ☆357Updated last year
• iovisor / ply
  Dynamic Tracing in Linux
  ☆1,023Updated 4 months ago
• google / psp
  ☆278Updated last year
• willfindlay / bpfbox
  🐝 BPFBox 📦 Exploring process confinement in eBPF
  ☆105Updated last year
• sandfs / sandfs.github.io
  Sandboxing File System
  ☆46Updated 6 years ago
• google / hiba
  HIBA is a system built on top of regular OpenSSH certificate-based authentication that allows to manage flexible authorization of princip…
  ☆387Updated 6 months ago
• nixcloud / ip2unix
  Turn IP sockets into Unix domain sockets
  ☆372Updated last year
• quarkslab / peetch
  An eBPF playground
  ☆210Updated 2 years ago
• containers / libkrun
  A dynamic library providing Virtualization-based process isolation capabilities
  ☆1,413Updated this week
• iovisor / ubpf
  Userspace eBPF VM
  ☆940Updated last week
• google / kmsan
  KernelMemorySanitizer, a detector of uses of uninitialized memory in the Linux kernel
  ☆417Updated 8 months ago
• giuseppe / easyseccomp
  DSL language to write seccomp filters
  ☆37Updated last year