google / nsjailLinks
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
☆3,308Updated last month
Alternatives and similar repositories for nsjail
Users that are interested in nsjail are comparing it to the libraries listed below
Sorting:
- Low-level unprivileged sandboxing tool used by Flatpak and similar projects☆4,352Updated 7 months ago
- syzkaller is an unsupervised coverage-guided kernel fuzzer☆5,697Updated this week
- Wrangling Untrusted File Formats Safely☆4,528Updated 2 weeks ago
- Fully static, unprivileged, self-contained, containers as executable binaries.☆2,519Updated 6 years ago
- Linux namespaces and seccomp-bpf sandbox☆6,325Updated last week
- like ~~grep~~ UBER, but for binaries☆1,733Updated 2 years ago
- A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Li…☆4,502Updated this week
- Painless relocation of Linux binaries–and all of their dependencies–without containers.☆2,955Updated last year
- A fast and lightweight fully featured OCI runtime and C library for running containers☆3,372Updated this week
- OSv, a new operating system for the cloud.☆4,177Updated 2 weeks ago
- Checksec☆2,173Updated last month
- Programmable debugger☆1,892Updated this week
- Linux system exploration and troubleshooting tool with first class support for containers☆8,008Updated 3 months ago
- Embeddable, replicated and fault-tolerant SQL engine.☆4,043Updated this week
- A linux-based assembly REPL for x86, amd64, armv7, and armv8☆1,207Updated last year
- The main libseccomp repository☆855Updated last month
- High-level tracing language for Linux☆9,269Updated this week
- A hacky debugger UI for hackers☆6,266Updated 4 months ago
- Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)☆3,194Updated 3 weeks ago
- Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…☆2,186Updated 5 months ago
- Ignite a Firecracker microVM☆3,501Updated last year
- Userspace WireGuard® Implementation in Rust☆6,419Updated 3 weeks ago
- A foreign function interface for bash.☆2,137Updated 11 months ago
- BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more☆21,456Updated this week
- GEF (GDB Enhanced Features) - a modern experience for GDB with advanced debugging capabilities for exploit devs & reverse engineers on Li…☆7,553Updated 3 weeks ago
- Application Kernel for Containers☆16,548Updated this week
- firecracker-containerd enables containerd to manage containers as Firecracker microVMs☆2,377Updated last month
- A memory profiler for Linux.☆4,645Updated last year
- Record and Replay Framework☆9,881Updated this week
- chw00t - Unices chroot breaking tool☆592Updated 5 years ago