microsoft / ipe
IPE is a Linux Security Module (LSM), which allows for a configurable policy to enforce integrity requirements on the whole system. IPE builds on concepts and implementations like loadpin, as well as leveraging existing modules like dm-verity to simplify enforcing integrity requirements on systems that require security constraints and\or complia…
☆62Updated last week
Alternatives and similar repositories for ipe:
Users that are interested in ipe are comparing it to the libraries listed below
- Static code analysis of refpolicy style SELinux policy☆42Updated last month
- eBPF - extended Berkeley Packet Filter tooling☆123Updated 2 years ago
- Kernel Test Framework☆141Updated 3 months ago
- LKRG bypass methods☆72Updated 5 years ago
- ebpfpub is a generic function tracing library for Linux that supports tracepoints, kprobes and uprobes.☆116Updated 2 years ago
- A feature-complete reference implementation of a modern Xen VMI debugger. ARCHIVED: Development continues at https://github.com/spencermi…☆77Updated 4 years ago
- (Linux Kernel) Stack Monitoring Tool☆45Updated 3 years ago
- Disabling kernel lockdown on Ubuntu without physical access☆79Updated 2 years ago
- fuzzing framework based on libfuzzer and clang sanitizer☆166Updated 6 years ago
- Linux syscall() injection☆36Updated 4 years ago
- Linux kernel - See Landlock issues☆40Updated last week
- unofficial grsecurity gpl release☆22Updated 6 years ago
- Summary of the patch status for Meltdown / Spectre☆348Updated 7 years ago
- Control-Flow Integrity implementation for the Linux Kernel 3.19☆20Updated 5 years ago
- Routines for hunting down kernel symbols.☆82Updated 14 years ago
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes☆45Updated last year
- Linux Kernel Source Tree Reducer☆80Updated 6 months ago
- Example program using eBPF to log data being based in using shell pipes☆41Updated 4 years ago
- ☆44Updated 2 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)☆73Updated 6 years ago
- Example BPF program with LSM hooks☆33Updated 4 years ago
- Fork of KVM with Virtual Machine Introspection patches☆37Updated last year
- Kernel Address Isolation to have Side-channels Efficiently Removed☆220Updated 3 years ago
- Transform vmlinuz into a fully debuggable vmlinux that can be used with /proc/kcore☆130Updated 6 months ago
- iknowthis Linux SystemCall Fuzzer☆20Updated 6 years ago
- ASLREKT is a proof of concept for an unfixed generic local ASLR bypass in Linux.☆25Updated 5 years ago
- Linux kernel JIT spray for SMEP / KERNEXEC bypass☆55Updated 12 years ago
- GrSecurity and PaX Patches Before End of Public Release☆63Updated 6 years ago
- LSM BPF module to block pwnkit (CVE-2021-4034) like exploits☆21Updated 3 years ago
- a friendly wrapper around ptrace☆131Updated 3 years ago