shamedgh/confine external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

shamedgh/confine

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/shamedgh/confine)

Close

shamedgh / confineView on GitHubMore

• External links
• Readme badge

This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than currently available tools.

☆71May 3, 2022Updated 3 years ago

Alternatives and similar repositories for confine

Users that are interested in confine are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.

• shamedgh / c2c

  View on GitHub
  This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filter…
  ☆11Nov 4, 2022Updated 3 years ago
• shamedgh / temporal-specialization

  View on GitHub
  This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Red…
  ☆39Nov 14, 2024Updated last year
• sominsong / NIMOS

  View on GitHub
  Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security
  ☆16May 21, 2023Updated 2 years ago
• 2m4t / LiCShield

  View on GitHub
  ☆11Feb 22, 2016Updated 10 years ago
• isec-tugraz / Chestnut

  View on GitHub
  ☆25Jun 2, 2024Updated last year
• Serverless GPU API endpoints on Runpod - Bonus Credits • Ad
  Skip the infrastructure headaches. Auto-scaling, pay-as-you-go, no-ops approach lets you focus on innovating your application.
• kinvolk / seccompagent

  View on GitHub
  agent for handling seccomp descriptors for container runtimes
  ☆47Feb 1, 2024Updated 2 years ago
• hasanmdme / decap

  View on GitHub
  This tool set can generate required capabilities for binaries. A system call to capability mapping is used to assign capability to the bi…
  ☆14Oct 26, 2022Updated 3 years ago
• willfindlay / bpfcontain-rs

  View on GitHub
  BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.
  ☆59Jun 30, 2022Updated 3 years ago
• xlab-uiuc / seccomp-ebpf-upstream

  View on GitHub
  ☆27Nov 16, 2021Updated 4 years ago
• rssys / kit

  View on GitHub
  Kernel isolation tester.
  ☆18Oct 20, 2022Updated 3 years ago
• containers / oci-seccomp-bpf-hook

  View on GitHub
  OCI hook to trace syscalls and generate a seccomp profile
  ☆340Apr 12, 2026Updated last week
• NodeHodor / Hodor

  View on GitHub
  Hodor for node.js
  ☆15Jun 18, 2023Updated 2 years ago
• mars-research / lvd-bflank

  View on GitHub
  ☆13Apr 9, 2022Updated 4 years ago
• jpope8 / container-escape-dataset

  View on GitHub
  Dataset from Linux Raspian VMs and devices with auditd logs capturing various container escape and attacks.
  ☆15Jul 30, 2022Updated 3 years ago
• Bare Metal GPUs on DigitalOcean Gradient AI • Ad
  Purpose-built for serious AI teams training foundational models, running large-scale inference, and pushing the boundaries of what's possible.
• mrtc0 / bouheki

  View on GitHub
  bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
  ☆93Sep 21, 2025Updated 6 months ago
• sealuzh / msr18-docker-dataset

  View on GitHub
  Structured Information on State and Evolution of Dockerfiles - Online Appendix
  ☆10Mar 16, 2018Updated 8 years ago
• rust-vmm / seccompiler

  View on GitHub
  Provides easy-to-use Linux seccomp-bpf jailing.
  ☆109Apr 6, 2026Updated last week
• sitebatch / waffle-go

  View on GitHub
  Waffle is a library for integrating a Web Application Firewall (WAF) into Go applications.
  ☆18Updated this week
• polachok / seccomp

  View on GitHub
  Seccomp high-level wrapper
  ☆16Jan 7, 2022Updated 4 years ago
• cali-library-isolation / Cali-library-isolation

  View on GitHub
  ☆16Sep 29, 2022Updated 3 years ago
• andrewstucki / bpf-lsm

  View on GitHub
  Example BPF program with LSM hooks
  ☆36Feb 24, 2021Updated 5 years ago
• eschulte / software-evolution

  View on GitHub
  evolution of extant software
  ☆24Jan 24, 2018Updated 8 years ago
• lepus-ctf / lepus-frontend

  View on GitHub
  Lepus-CTF frontend application
  ☆11Nov 2, 2015Updated 10 years ago
• Deploy open-source AI quickly and easily - Bonus Offer • Ad
  Runpod Hub is built for open source. One-click deployment and autoscaling endpoints without provisioning your own infrastructure.
• FotisLouk / docker-sec

  View on GitHub
  Automatic AppArmor management for Docker containers
  ☆16Jul 22, 2023Updated 2 years ago
• wubo0067 / ebpf_space

  View on GitHub
  ☆25Dec 14, 2023Updated 2 years ago
• taptipalit / dynpta

  View on GitHub
  ☆15May 26, 2021Updated 4 years ago
• pfnet / scheduler-plugins

  View on GitHub
  ☆22Dec 21, 2025Updated 3 months ago
• openstandia / keycloak-grpc

  View on GitHub
  Keycloak gRPC extension
  ☆12Mar 2, 2023Updated 3 years ago
• nhuhuan / sba

  View on GitHub
  Static Binary Analysis Platform
  ☆29Mar 30, 2026Updated 2 weeks ago
• giuseppe / easyseccomp

  View on GitHub
  DSL language to write seccomp filters
  ☆37Apr 5, 2024Updated 2 years ago
• mit-ll / HAKC

  View on GitHub
  ☆39Feb 15, 2022Updated 4 years ago
• davebrent / dbp

  View on GitHub
  Patches & scripts related to making noises and pictures.
  ☆20Nov 20, 2016Updated 9 years ago
• Wordpress hosting with auto-scaling - Free Trial • Ad
  Fully Managed hosting for WordPress and WooCommerce businesses that need reliable, auto-scalable performance. Cloudways SafeUpdates now available.
• w0lfzhang / kernel_exploit

  View on GitHub
  some kernel exploit challenges and cve analysis
  ☆26Nov 30, 2018Updated 7 years ago
• saBPF-project / sabpf-kernel

  View on GitHub
  ☆28Nov 24, 2021Updated 4 years ago
• XDU-SysSec / ExcessivePermissionAttack

  View on GitHub
  Take Over the Whole Cluster: Attacking Kubernetes via Excessive Permissions of Third-party Applications
  ☆19May 6, 2024Updated last year
• linux-lock / bpflock

  View on GitHub
  bpflock - eBPF driven security for locking and auditing Linux machines
  ☆151Feb 16, 2022Updated 4 years ago
• cxreet / razor

  View on GitHub
  ☆38Feb 6, 2021Updated 5 years ago
• acising / KellectAgent-Linux

  View on GitHub
  linux kernel event log collector by ebpf
  ☆35Mar 6, 2024Updated 2 years ago
• OrderLab / orbit

  View on GitHub
  Orbit: OS Support for Safe and Efficient Auxiliary Tasks in Applications
  ☆22May 23, 2022Updated 3 years ago