bubblewrap
Sandbox
Sandboxing tool to provide isolation and security for unprivileged users
Low-level unprivileged sandboxing tool used by Flatpak and similar projects
4k stars
55 watching
237 forks
Language: C
last commit: 22 days ago
Linked from 2 awesome lists
linux-containersuser-namespaces
fabacab/awesome-cybersecurity-blueteam
friz-zy/awesome-linux-containersRelated projects:
| Repository | Description | Stars |
|---|---|---|
 lxc/lxc | A low-level Linux container runtime that provides an isolated environment for running system containers with minimal kernel overhead. | 4,678 |
 google/gvisor | An application kernel that provides isolation between running applications and the host operating system | 15,851 |
 linuxserver/docker-swag | A Docker container that sets up an Nginx webserver and reverse proxy with PHP support, including automated SSL certificate generation and renewal, as well as intrusion prevention. | 2,904 |
 cdk-team/cdk | A container penetration toolkit designed to simplify exploitation in various containers without relying on an operating system. | 3,922 |
 bottlerocket-os/bottlerocket | An operating system designed to host and manage containers efficiently | 8,783 |
 jpetazzo/container.training | Training materials and code samples for learning Docker, containers, and orchestration | 3,649 |
 deepfence/secretscanner | A tool that scans container images and file systems for sensitive data such as passwords and keys. | 3,134 |
| containers/toolbox | A tool for creating interactive command line environments on Linux without installing software on the host. | 2,578 |
 containerd/containerd | An open container runtime with an emphasis on simplicity and robustness | 17,485 |
 anchore/grype | A tool for detecting vulnerabilities in container images and filesystems | 8,812 |
 netblue30/firejail | A security tool designed to restrict the environment of potentially untrusted applications on Linux systems. | 5,811 |
| jpetazzo/pipework | A tool for creating and managing network connections between containers in a Linux environment. | 4,226 |
| google/nsjail | A lightweight process isolation tool for Linux that provides isolated environments for network services and local processes. | 2,980 |
 nicolaka/netshoot | A Docker and Kubernetes network troubleshooting container with a set of powerful networking tools | 8,689 |
 liamg/traitor | A tool for automatically exploiting vulnerabilities to gain elevated privileges on Linux systems | 6,689 |