Alternatives and similar repositories for confine

Users that are interested in confine are comparing it to the libraries listed below

• shamedgh / c2c

  View on GitHub
  This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filter…
  ☆11Nov 4, 2022Updated 3 years ago
• shamedgh / temporal-specialization

  View on GitHub
  This repository contains the source code related to the research paper titled "Temporal System Call Specialization for Attack Surface Red…
  ☆38Nov 14, 2024Updated last year
• 2m4t / LiCShield

  View on GitHub
  ☆11Feb 22, 2016Updated 9 years ago
• isec-tugraz / Chestnut

  View on GitHub
  ☆25Jun 2, 2024Updated last year
• hasanmdme / decap

  View on GitHub
  This tool set can generate required capabilities for binaries. A system call to capability mapping is used to assign capability to the bi…
  ☆14Oct 26, 2022Updated 3 years ago
• kinvolk / seccompagent

  View on GitHub
  agent for handling seccomp descriptors for container runtimes
  ☆47Feb 1, 2024Updated 2 years ago
• sominsong / NIMOS

  View on GitHub
  Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security
  ☆16May 21, 2023Updated 2 years ago
• rssys / shard

  View on GitHub
  ☆13Oct 17, 2021Updated 4 years ago
• willfindlay / bpfcontain-rs

  View on GitHub
  BPFContain is a container security daemon for GNU/Linux leveraging the power and safety of eBPF and Rust.
  ☆59Jun 30, 2022Updated 3 years ago
• aws-samples / aws-streaming-generative-ai-application

  View on GitHub
  Streaming Generative AI Application on AWS
  ☆14Jun 24, 2024Updated last year
• openstandia / keycloak-grpc

  View on GitHub
  Keycloak gRPC extension
  ☆12Mar 2, 2023Updated 2 years ago
• jpope8 / container-escape-dataset

  View on GitHub
  Dataset from Linux Raspian VMs and devices with auditd logs capturing various container escape and attacks.
  ☆15Jul 30, 2022Updated 3 years ago
• containers / oci-seccomp-bpf-hook

  View on GitHub
  OCI hook to trace syscalls and generate a seccomp profile
  ☆337Updated this week
• aws-samples / aws-real-time-web-shop-analytics

  View on GitHub
  Real-time web shop streaming analytics on AWS
  ☆14Sep 18, 2024Updated last year
• innotommy / OAuthpaper-code

  View on GitHub
  ☆11May 16, 2024Updated last year
• NodeHodor / Hodor

  View on GitHub
  Hodor for node.js
  ☆15Jun 18, 2023Updated 2 years ago
• lepus-ctf / lepus-frontend

  View on GitHub
  Lepus-CTF frontend application
  ☆11Nov 2, 2015Updated 10 years ago
• rust-vmm / seccompiler

  View on GitHub
  Provides easy-to-use Linux seccomp-bpf jailing.
  ☆105Feb 1, 2026Updated 2 weeks ago
• giuseppe / easyseccomp

  View on GitHub
  DSL language to write seccomp filters
  ☆37Apr 5, 2024Updated last year
• mrtc0 / bouheki

  View on GitHub
  bouheki is KRSI(eBPF+LSM) based Linux security auditing tool.
  ☆92Sep 21, 2025Updated 4 months ago
• trou / asus-asio2-lpe-exploit

  View on GitHub
  Asus AsIO2 Local Privilege Escalation exploit (based on ReWolf's MSI exploit)
  ☆14Apr 5, 2020Updated 5 years ago
• sitebatch / waffle-go

  View on GitHub
  Waffle is a library for integrating a Web Application Firewall (WAF) into Go applications.
  ☆18Updated this week
• rssys / kit

  View on GitHub
  Kernel isolation tester.
  ☆18Oct 20, 2022Updated 3 years ago
• andrewstucki / bpf-lsm

  View on GitHub
  Example BPF program with LSM hooks
  ☆35Feb 24, 2021Updated 4 years ago
• libseccomp-rs / libseccomp-rs

  View on GitHub
  Rust Language Bindings for the libseccomp Library
  ☆45Apr 5, 2025Updated 10 months ago
• FotisLouk / docker-sec

  View on GitHub
  Automatic AppArmor management for Docker containers
  ☆16Jul 22, 2023Updated 2 years ago
• docbleach / DocBleach-Web

  View on GitHub
  It's like DocBleach, but in your browser
  ☆18Oct 24, 2019Updated 6 years ago
• taptipalit / dynpta

  View on GitHub
  ☆15May 26, 2021Updated 4 years ago
• curityio / nginx-lua-phantom-token-plugin

  View on GitHub
  An API gateway plugin to introspect opaque access tokens and forward JWT access tokens to APIs
  ☆18Feb 17, 2025Updated 11 months ago
• medmes / keycloak-monitoring-spi

  View on GitHub
  Exposing Keycloak metrics endpoints for Prometheus!
  ☆15Aug 29, 2019Updated 6 years ago
• FIWARE / keycloak-vc-issuer

  View on GitHub
  Keycloak provider implementation to support SIOP-2 clients and the issuance of VerifiableCredentials through the Account-Console.
  ☆22Apr 24, 2024Updated last year
• ledyba / ConConRepeat

  View on GitHub
  A software to create endless-gif-loops from animation video files. / アニメの動画から無限ループgif動画を自動で生成する
  ☆15Oct 20, 2020Updated 5 years ago
• michaelbrownuc / GadgetSetAnalyzer

  View on GitHub
  A security-oriented static binary analysis tool for comparing the quantity and quality of code reuse gadget sets in program variants.
  ☆17Oct 13, 2023Updated 2 years ago
• chikuwait / bitvisor_mruby

  View on GitHub
  mruby running inside the bare-metal hypervisor
  ☆19Mar 8, 2020Updated 5 years ago
• RiS3-Lab / kubo

  View on GitHub
  Use on-demand control- data- flow slicing combined with taint analysis and symbolic execution to produce scalable and precise UB detectio…
  ☆25Sep 5, 2021Updated 4 years ago
• airbus-cert / dirtypipe-ebpf_detection

  View on GitHub
  An eBPF detection program for CVE-2022-0847
  ☆29Jul 5, 2022Updated 3 years ago
• miwong / tiro

  View on GitHub
  TIRO - A hybrid iterative deobfuscation framework for Android applications
  ☆27Aug 17, 2018Updated 7 years ago
• sailpoint-oss / openid-sse-model

  View on GitHub
  OpenID Shared Signals and Events (SSE) / Continuous Access Evaluation Protocol (CAEP) / Risk Incident Sharing and Coordination (RISC) JSO…
  ☆14Jun 7, 2024Updated last year
• ReubinAuthor / ClassicPlatesPlus

  View on GitHub
  ClassicPlates Plus is an addon that adds additional features and new Classic-themed visuals to nameplates.
  ☆10Oct 21, 2025Updated 3 months ago