cloudflare / sandboxLinks
Simple Linux seccomp rules without writing any code
☆485Updated 8 months ago
Alternatives and similar repositories for sandbox
Users that are interested in sandbox are comparing it to the libraries listed below
Sorting:
- A language and library for specifying syscall filtering policies.☆324Updated 10 months ago
- sandboxing and containment tool used in ChromeOS and Android☆315Updated this week
- Linux Application Level Firewall based on eBPF and NFQUEUE.☆702Updated last year
- User-mode networking for unprivileged network namespaces☆819Updated 2 weeks ago
- Light-weight Dynamic Tracer for Linux☆417Updated 4 months ago
- An easy way to virtualize the running system☆343Updated last year
- The main libseccomp repository☆855Updated last month
- RLBox sandboxing framework☆300Updated 2 weeks ago
- The reliability of disk images, the flexibility of files☆538Updated last month
- List of resources related to LD_PRELOAD, a mechanism for changing application behavior at run-time☆896Updated last year
- A general purpose memory allocator that implements an isolation security strategy to mitigate memory safety issues while maintaining good…☆377Updated 11 months ago
- Dynamic Tracing in Linux☆1,006Updated 4 months ago
- Turn IP sockets into Unix domain sockets☆368Updated 11 months ago
- BSD socket API on steroids☆310Updated 8 months ago
- eBPF - extended Berkeley Packet Filter tooling☆122Updated 2 years ago
- Userspace eBPF VM☆895Updated last week
- Dump unix domain socket traffic with bpf☆394Updated last year
- An eBPF playground☆206Updated last year
- A Go library for the Linux Landlock sandboxing feature☆191Updated 2 months ago
- ☆258Updated last year
- KernelMemorySanitizer, a detector of uses of uninitialized memory in the Linux kernel☆414Updated 2 months ago
- A kernelspace syscall interceptor and randomized faulter☆354Updated 7 months ago
- BPF Tools - packet analyst toolkit☆1,213Updated 8 months ago
- Linux Kernel Runtime Guard☆456Updated 3 weeks ago
- libeatmydata - because fsync() should be a no-op☆440Updated last year
- Lunatik is a framework for scripting the Linux kernel with Lua.☆545Updated this week
- Lightweight fuzzing of a memory snapshot using KVM☆452Updated last year
- Snuffy is a simple command line tool to inspect SSL/TLS data.☆291Updated 4 years ago
- A dynamic library providing Virtualization-based process isolation capabilities☆1,158Updated this week
- High-performance QEMU memory and instruction tracing☆542Updated 10 months ago