bubblewrap
Sandbox
Sandboxing tool to provide isolation and security for unprivileged users
Low-level unprivileged sandboxing tool used by Flatpak and similar projects
4k stars
54 watching
240 forks
Language: C
last commit: 4 months ago
Linked from 2 awesome lists
linux-containersuser-namespaces
fabacab/awesome-cybersecurity-blueteam
friz-zy/awesome-linux-containersRelated projects:
| Repository | Description | Stars |
|---|---|---|
 lxc/lxc | A low-level Linux container runtime that provides an isolated environment for running system containers with minimal kernel overhead. | 4,711 |
 google/gvisor | An application kernel that provides isolation between running applications and the host operating system | 15,931 |
 linuxserver/docker-swag | An all-in-one web application gateway with Nginx, PHP, and security features | 2,941 |
 cdk-team/cdk | A container penetration toolkit designed to simplify exploitation in various containers without relying on an operating system. | 3,976 |
 bottlerocket-os/bottlerocket | An operating system designed to host and manage containers efficiently | 8,847 |
 jpetazzo/container.training | Training materials and code samples for learning Docker, containers, and orchestration | 3,664 |
 deepfence/secretscanner | A tool that scans container images and file systems for sensitive data such as passwords and keys. | 3,146 |
| containers/toolbox | A tool for creating interactive command line environments on Linux without installing software on the host. | 2,615 |
 containerd/containerd | An open container runtime with an emphasis on simplicity and robustness | 17,669 |
 anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,970 |
 netblue30/firejail | A security tool designed to restrict the environment of potentially untrusted applications on Linux systems. | 5,855 |
| jpetazzo/pipework | A tool for creating and managing network connections between containers in a Linux environment. | 4,229 |
| google/nsjail | A lightweight process isolation tool for Linux that provides isolated environments for network services and local processes. | 3,008 |
 nicolaka/netshoot | A Docker and Kubernetes network troubleshooting container with a set of powerful networking tools | 8,789 |
 liamg/traitor | A tool for automatically exploiting vulnerabilities to gain elevated privileges on Linux systems | 6,735 |