grantseltzer / karn
Simplifying Seccomp enforcement in containerized or non-containerized apps
☆111Updated 4 years ago
Related projects ⓘ
Alternatives and complementary repositories for karn
- A tool to list and diagnose bpf programs. (Who watches the watchers..? :)☆94Updated 4 years ago
- Generate seccomp profiles from go binaries☆136Updated 6 years ago
- A package for handling ssh certificates☆45Updated 2 years ago
- Strace container output to a file, then shove the syscalls into elastic search.☆49Updated 8 years ago
- Hardening and Auditing Tool For Docker Hosts & Containers☆68Updated 9 years ago
- PAL: A secret bootstrapping tool for Docker☆84Updated last month
- An actuary is a business professional who analyzes the financial consequences of risk.☆78Updated 7 years ago
- Auto generated pdfs of apparmor .odt files direct from launchpad branch.☆29Updated 3 years ago
- drydock provides a flexible way of assessing the security of your Docker daemon configuration and containers using editable audit templat…☆65Updated 8 years ago
- INACTIVE - http://mzl.la/ghe-archive - Linux Audit Plugin for heka written using netlink Protocol in golang and Lua☆73Updated 5 years ago
- Demonstrating that disabling ICC in docker does not block raw packets between containers.☆65Updated 6 years ago
- A fast SSL/TLS reconnaisance tool written in Go☆59Updated 8 years ago
- verify https assets with a public transparency log☆75Updated 3 years ago
- A dead simple secret store service for anyone using AWS☆37Updated 5 years ago
- API that leverages Clair to scan Docker Registries and Kubernetes Clusters for vulnerabilities☆151Updated last year
- efficient linux security monitoring☆25Updated 6 years ago
- Hallow is a SSH Certificate Authority designed for use with AWS native environments☆63Updated 4 months ago
- Go seccomp parser and compiler☆53Updated 7 years ago
- A simple program to benchmark various container networking (CNI) plugins.☆84Updated 5 years ago
- eBPF based syscalls, files and network events tracing framework☆89Updated 4 years ago
- Community rules for Commit Watcher☆24Updated 8 years ago
- DEPRECATED - Propagate users from Mozilla's Person API to third party systems.☆40Updated 2 years ago
- Experimental CLI that takes a Docker image url and runs it in a Firecracker VM☆64Updated 5 years ago
- Command line tool to check the validity and expiration dates of SSL certificates.☆159Updated 4 years ago
- egrets monitors egress☆45Updated 4 years ago
- A Go implementation of the BERserk attack against Mozilla NSS ASN.1 parsing of PKCS#1 RSA signatures with e = 3. Complete of a certificat…☆94Updated 9 years ago
- Auditing & Hardening script for Kubernetes☆45Updated 6 years ago