microsoft / ipe
IPE is a Linux Security Module (LSM), which allows for a configurable policy to enforce integrity requirements on the whole system. IPE builds on concepts and implementations like loadpin, as well as leveraging existing modules like dm-verity to simplify enforcing integrity requirements on systems that require security constraints and\or complia…
☆57Updated 3 weeks ago
Related projects ⓘ
Alternatives and complementary repositories for ipe
- Static code analysis of refpolicy style SELinux policy☆38Updated 3 weeks ago
- Routines for hunting down kernel symbols.☆81Updated 13 years ago
- Disabling kernel lockdown on Ubuntu without physical access☆78Updated last year
- (Linux Kernel) Stack Monitoring Tool☆42Updated 2 years ago
- LKRG bypass methods☆71Updated 4 years ago
- Kernel Test Framework☆140Updated 3 weeks ago
- Kernel Address Isolation to have Side-channels Efficiently Removed☆214Updated 2 years ago
- Linux kernel - See Landlock issues☆35Updated last month
- ASLREKT is a proof of concept for an unfixed generic local ASLR bypass in Linux.☆25Updated 4 years ago
- eBPF - extended Berkeley Packet Filter tooling☆122Updated 2 years ago
- Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore☆124Updated last month
- Detect patterns of bad behavior in function calls☆25Updated 4 years ago
- Converged Security Suite for Intel & AMD platform security features☆59Updated 3 months ago
- Summary of the patch status for Meltdown / Spectre☆347Updated 6 years ago
- Example program using eBPF to log data being based in using shell pipes☆40Updated 3 years ago
- GrSecurity and PaX Patches Before End of Public Release☆63Updated 6 years ago
- A simple, self-contained regression test suite for the Linux Kernel's audit subsystem☆21Updated 2 months ago
- ☆70Updated 4 years ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆113Updated last year
- System call fuzzing of OpenBSD amd64 using TriforceAFL (i.e. AFL and QEMU)☆45Updated 6 years ago
- Crowdsourced fuzzing cluster. 🚀☆21Updated 3 years ago
- the userspace side of Linux' CONFIG_STATIC_USERMODEHELPER☆16Updated 7 months ago
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes☆46Updated last year
- x86info : x86 processor register decoder.☆40Updated 9 months ago
- ☆15Updated 4 years ago
- This is the upstream SELinux testsuite which is designed as a basic set of regression tests for the SELinux kernel functionality.☆53Updated last month
- LibVMI in MiniOS☆12Updated 3 years ago
- unofficial grsecurity gpl release☆22Updated 5 years ago