google / nsjailLinks
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
☆3,527Updated last week
Alternatives and similar repositories for nsjail
Users that are interested in nsjail are comparing it to the libraries listed below
Sorting:
- Low-level unprivileged sandboxing tool used by Flatpak and similar projects☆4,773Updated 2 months ago
- syzkaller is an unsupervised coverage-guided kernel fuzzer☆5,873Updated this week
- Checkpoint/Restore tool☆3,444Updated this week
- Fully static, unprivileged, self-contained, containers as executable binaries.☆2,518Updated 6 years ago
- A userspace out-of-memory killer☆1,974Updated last week
- Linux namespaces and seccomp-bpf sandbox☆6,687Updated 2 weeks ago
- The main libseccomp repository☆875Updated 2 weeks ago
- Embeddable, replicated and fault-tolerant SQL engine.☆4,195Updated last week
- A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Li…☆4,869Updated last week
- A kernel designed to run one and only one application in a virtualized environment☆2,987Updated last month
- Linux system exploration and troubleshooting tool with first class support for containers☆8,111Updated 7 months ago
- Wrangling Untrusted File Formats Safely☆4,630Updated 3 months ago
- A linux-based assembly REPL for x86, amd64, armv7, and armv8☆1,236Updated last year
- Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)☆3,263Updated last month
- High-performance regular expression matching library☆5,172Updated 6 months ago
- Ignite a Firecracker microVM☆3,516Updated last year
- Simple Linux seccomp rules without writing any code☆506Updated 3 months ago
- Application Kernel for Containers☆17,077Updated this week
- BPF Tools - packet analyst toolkit☆1,222Updated last year
- Linux Kernel Defence Map shows the relationships between vulnerability classes, exploitation techniques, bug detection mechanisms, and de…☆2,228Updated 10 months ago
- The Unikernel & MicroVM Compilation and Deployment Platform☆2,777Updated 2 years ago
- Painless relocation of Linux binaries–and all of their dependencies–without containers.☆3,002Updated last year
- Generate sandboxes for C/C++ libraries automatically☆1,715Updated last week
- Fast, indexed regexp search over large file trees☆3,866Updated 4 months ago
- like ~~grep~~ UBER, but for binaries☆1,747Updated 2 years ago
- Fast trigram based code search☆1,736Updated last year
- Record and Replay Framework☆10,181Updated last week
- Some helpful preload libraries for pwning stuff.☆1,630Updated 5 months ago
- High-level tracing language for Linux☆9,673Updated this week
- unfork(2) is the inverse of fork(2). sort of.☆1,477Updated last year