google / nsjailLinks
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
☆3,425Updated 2 months ago
Alternatives and similar repositories for nsjail
Users that are interested in nsjail are comparing it to the libraries listed below
Sorting:
- Low-level unprivileged sandboxing tool used by Flatpak and similar projects☆4,470Updated 9 months ago
- Linux namespaces and seccomp-bpf sandbox☆6,440Updated last week
- The main libseccomp repository☆864Updated 2 months ago
- High-level tracing language for Linux☆9,450Updated this week
- syzkaller is an unsupervised coverage-guided kernel fuzzer☆5,756Updated this week
- Checkpoint/Restore tool☆3,316Updated last week
- A userspace out-of-memory killer☆1,959Updated last week
- A curated list of awesome projects related to eBPF.☆4,680Updated 2 months ago
- Painless relocation of Linux binaries–and all of their dependencies–without containers.☆2,995Updated last year
- Application Kernel for Containers☆16,752Updated this week
- Generate sandboxes for C/C++ libraries automatically☆1,708Updated this week
- Programmable debugger☆1,908Updated this week
- Dynamic Tracing in Linux☆1,009Updated 5 months ago
- Wrangling Untrusted File Formats Safely☆4,600Updated 2 weeks ago
- Fully static, unprivileged, self-contained, containers as executable binaries.☆2,518Updated 6 years ago
- Security oriented software fuzzer. Supports evolutionary, feedback-driven fuzzing based on code coverage (SW and HW based)☆3,222Updated 2 months ago
- A Virtual Machine Monitor for modern Cloud workloads. Features include CPU, memory and device hotplug, support for running Windows and Li…☆4,610Updated this week
- Linux system exploration and troubleshooting tool with first class support for containers☆8,066Updated 4 months ago
- A foreign function interface for bash.☆2,142Updated last year
- Ignite a Firecracker microVM☆3,510Updated last year
- Simple Linux seccomp rules without writing any code☆496Updated last month
- strace is a diagnostic, debugging and instructional userspace utility for Linux☆2,446Updated this week
- Content-Addressable Data Synchronization Tool☆1,525Updated last year
- A fast and lightweight fully featured OCI runtime and C library for running containers☆3,481Updated last week
- Binary Optimization and Layout Tool - A linux command-line utility used for optimizing performance of binaries☆2,531Updated 2 years ago
- Embeddable, replicated and fault-tolerant SQL engine.☆4,099Updated 2 weeks ago
- kpatch - live kernel patching☆1,603Updated 2 weeks ago
- Portable file system cache diagnostics and control☆1,881Updated last year
- weggli is a fast and robust semantic search tool for C and C++ codebases. It is designed to help security researchers identify interestin…☆2,423Updated last year
- A high performance layer 4 load balancer☆5,001Updated this week