Alternatives and similar repositories for systemd-sandboxing

Users that are interested in systemd-sandboxing are comparing it to the libraries listed below

• osresearch / safeboot
  Scripts to slightly improve the security of the Linux boot process with UEFI Secure Boot and TPM support
  ☆280Updated 2 years ago
• tpm2-software / tpm2-totp
  Attest the trustworthiness of a device against a human using time-based one-time passwords
  ☆176Updated last year
• edera-dev / linux-openpax
  Linux kernel source tree with OpenPaX patch
  ☆93Updated 3 months ago
• Kicksecure / apparmor-profile-everything
  deprecated - maybe replaced by: `apparmor.d`
  ☆85Updated last year
• synacktiv / shh
  Systemd Hardening Helper - Mirror of https://github.com/desbma/shh
  ☆132Updated this week
• system-transparency / stboot
  Paused mirror. Official repository at https://git.glasklar.is/system-transparency/core/stboot
  ☆113Updated last year
• electrickite / luks-tpm2
  Utility to manage LUKS keys sealed by a TPM 2.0
  ☆52Updated last year
• Kicksecure / tirdad
  TCP ISN CPU Information Leak Protection. TCP Initial Sequence Numbers Randomization to prevent TCP ISN based CPU Information Leaks.
  ☆54Updated 5 months ago
• StarLabsLtd / coreboot-configurator
  A simple GUI to change settings in coreboot's CBFS, via the nvramtool utility.
  ☆90Updated 2 years ago
• system-transparency / system-transparency
  Mirror only. Official repository at https://git.glasklar.is/system-transparency/core/system-transparency
  ☆88Updated 2 weeks ago
• Dasharo / docs
  Scalable, modular, and easy to combine BIOS firmware technology without boundaries on processor architecture.
  ☆48Updated this week
• ANSSI-FR / ultrablue
  User-friendly Lightweight TPM Remote Attestation over Bluetooth
  ☆170Updated 2 years ago
• rhboot / shim-review
  Reviews of shim
  ☆75Updated 3 weeks ago
• osresearch / linux-builder
  Scripts to build the Linux kernel from a config file and initrd from a list of programs
  ☆24Updated 2 years ago
• mk-fg / apparmor-profiles
  My local AppArmor profiles for apps that can use those
  ☆71Updated last month
• jirutka / apk-autoupdate
  Automatic updates for Alpine Linux and other systems using apk-tools
  ☆67Updated 8 months ago
• cblichmann / btrfscue
  Recover files from damaged BTRFS filesystems
  ☆82Updated 2 years ago
• noahbliss / mortar
  Framework to join Linux's physical security bricks.
  ☆261Updated 3 months ago
• anthraxx / usbctl
  Linux-hardened deny_new_usb control
  ☆22Updated 4 years ago
• dburgener / cascade
  A high level language for SELinux policy
  ☆59Updated 4 months ago
• resurrecting-open-source-projects / dcfldd
  Enhanced version of dd for forensics and security
  ☆110Updated last month
• alegrey91 / systemd-service-hardening
  Basic guide to harden systemd services
  ☆254Updated 5 years ago
• Kicksecure / sandbox-app-launcher
  An app launcher to start apps in a restrictive sandbox https://www.kicksecure.com/wiki/sandbox-app-launcher
  ☆42Updated 5 months ago
• krathalan / apparmor-profiles
  Krathalan's AppArmor profiles for Arch Linux
  ☆41Updated 8 months ago
• Phaeilo / bootloader-crimes
  Bootstrap disposable Windows VMs configured through a web app
  ☆93Updated last year
• gsauthof / dracut-sshd
  Provide SSH access to initramfs early user space on Fedora and other systems that use Dracut
  ☆271Updated 2 weeks ago
• r-pufky / wireguard-initramfs
  Use dropbear over wireguard.
  ☆309Updated 3 months ago
• julian-klode / sicherboot
  Unmaintained systemd-boot integration with secure boot support; consider https://github.com/Foxboron/sbctl instead.
  ☆33Updated 4 years ago
• rhuefi / qemu-ovmf-secureboot
  Script to generate an OVMF vars file with default secure boot key enrolled.
  ☆92Updated 2 years ago
• grawity / tpm_futurepcr
  Calculate future (next boot) TPM PCRs after a kernel upgrade
  ☆39Updated last month