google / nsjailLinks
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
☆3,385Updated 2 months ago
Alternatives and similar repositories for nsjail
Users that are interested in nsjail are comparing it to the libraries listed below
Sorting:
- Low-level unprivileged sandboxing tool used by Flatpak and similar projects☆4,393Updated 8 months ago
- syzkaller is an unsupervised coverage-guided kernel fuzzer☆5,734Updated last week
- Linux system exploration and troubleshooting tool with first class support for containers☆8,043Updated 4 months ago
- Fully static, unprivileged, self-contained, containers as executable binaries.☆2,520Updated 6 years ago
- Ignite a Firecracker microVM☆3,509Updated last year
- Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)☆3,214Updated last month
- firecracker-containerd enables containerd to manage containers as Firecracker microVMs☆2,411Updated 2 months ago
- Content-Addressable Data Synchronization Tool☆1,524Updated last year
- Checkpoint/Restore tool☆3,283Updated 2 weeks ago
- Application Kernel for Containers☆16,673Updated last week
- A kernel designed to run one and only one application in a virtualized environment☆2,813Updated last month
- The main libseccomp repository☆860Updated 2 months ago
- Programmable debugger☆1,896Updated last week
- A userspace out-of-memory killer☆1,957Updated last month
- Embeddable, replicated and fault-tolerant SQL engine.☆4,088Updated this week
- Fast trigram based code search☆1,727Updated last year
- Painless relocation of Linux binaries–and all of their dependencies–without containers.☆2,959Updated last year
- The Unikernel & MicroVM Compilation and Deployment Platform☆2,755Updated 2 years ago
- High-level tracing language for Linux☆9,381Updated this week
- A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Li…☆4,563Updated this week
- Linux namespaces and seccomp-bpf sandbox☆6,394Updated this week
- Interactively grep source code. Source for http://livegrep.com/☆2,114Updated this week
- Simple Linux seccomp rules without writing any code☆492Updated last week
- A simple SSL/TLS proxy with mutual authentication for securing non-TLS services.☆2,052Updated last week
- A fast and lightweight fully featured OCI runtime and C library for running containers☆3,431Updated last week
- A toolkit for building secure, portable and lean operating systems for containers☆8,475Updated last week
- Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…☆2,197Updated 6 months ago
- like ~~grep~~ UBER, but for binaries☆1,736Updated 2 years ago
- Custom & better AppArmor profile generator for Docker containers.☆1,210Updated 4 years ago
- Wrangling Untrusted File Formats Safely☆4,548Updated 2 weeks ago