This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filtering
☆11Nov 4, 2022Updated 3 years ago
Alternatives and similar repositories for c2c
Users that are interested in c2c are comparing it to the libraries listed below
Sorting:
- This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Red…☆38Nov 14, 2024Updated last year
- ☆13Oct 17, 2021Updated 4 years ago
- This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than…☆70May 3, 2022Updated 3 years ago
- ☆22Nov 12, 2020Updated 5 years ago
- ☆13Aug 18, 2025Updated 6 months ago
- Pointer analysis prototype (currently including anderson, steensgard).☆16Dec 20, 2021Updated 4 years ago
- Intra-Unikernel Isolation with Intel Memory Protection Keys☆13Mar 18, 2020Updated 5 years ago
- WASEM - a general symbolic execution framework for WebAssembly (WASM) binaries☆18Sep 30, 2024Updated last year
- ☆13Oct 8, 2021Updated 4 years ago
- This tool set can generate required capabilities for binaries. A system call to capability mapping is used to assign capability to the bi…☆14Oct 26, 2022Updated 3 years ago
- ☆13Apr 9, 2022Updated 3 years ago
- Silm your kernel with better configuration.☆39May 3, 2024Updated last year
- ☆37May 19, 2023Updated 2 years ago
- Building Distributed Enclave Applications with Sancus and SGX☆16Dec 9, 2020Updated 5 years ago
- A fuzzer setup to fuzz libc functions.☆16Aug 30, 2022Updated 3 years ago
- Top-level companion software artifact for the paper "Provably-Safe Multilingual Software Sandboxing using WebAssembly"☆38Aug 30, 2022Updated 3 years ago
- ☆16Sep 29, 2022Updated 3 years ago
- ☆25Jun 2, 2024Updated last year
- A list of data-only attacks☆21Aug 22, 2025Updated 6 months ago
- ☆12Sep 13, 2023Updated 2 years ago
- Low level attester and verifier drivers for multiple TEEs☆26May 30, 2024Updated last year
- ☆20Mar 10, 2022Updated 3 years ago
- Commodity Obfuscation Engine for Intel SGX☆20Jul 21, 2019Updated 6 years ago
- Compartmentalised monolithic library OS☆20Jul 15, 2021Updated 4 years ago
- Security Test Benchmark for Computer Architectures☆21Sep 24, 2025Updated 5 months ago
- A categorized list of system calls used by popular Unix-like operating systems☆28Updated this week
- ☆25Oct 4, 2018Updated 7 years ago
- Hardware-assisted Data-flow Isolation☆29Jan 28, 2018Updated 8 years ago
- ☆28Nov 16, 2021Updated 4 years ago
- ☆29Jul 4, 2018Updated 7 years ago
- ☆23Nov 16, 2023Updated 2 years ago
- ☆25Jun 16, 2021Updated 4 years ago
- Contextualizing System Calls in Containers for Anomaly-Based Intrusion Detection (CHIDS) - CCSW'22☆24May 15, 2023Updated 2 years ago
- Verified Wasm runtime☆30Oct 30, 2023Updated 2 years ago
- BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.☆59Jun 30, 2022Updated 3 years ago
- Experimental setup of "Intel MPX explained"☆29Feb 4, 2020Updated 6 years ago
- A pwn learning repo containing multiple pwn program codes.☆34Dec 31, 2025Updated 2 months ago
- Demo host and enclave applications exercising most functionality.☆32Jun 12, 2023Updated 2 years ago
- A structured fuzzing framework built in Rust☆31Oct 10, 2022Updated 3 years ago