Repository navigation
process-isolation
- Website
- Wikipedia
A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.
Sample application that shows how to create a Plugin Framework for a WPF application
⭕ zero ➡ to 📦 container in ⌛ in 🐹 Golang
A .NET tool that uses AppDomain's to enable dynamic execution and escape detection.
A lightweight process isolation tool, requiring absolutely no privileges to run
Joblet is a micro-container runtime for running Linux jobs with: Process and filesystem isolation (PID namespace, chroot) Fine-grained CPU, memory, and IO throttling (cgroups v2) Secure job execution with mTLS and RBAC Built-in scheduler, SSE log streaming, and multi-core pinning Ideal for: Agentic AI Systems HPC Workloads Untrusted code
It's a fancy process isolation tool that creates an isolated environment for your binary in under 10 minutes and lets you reset the execution state in under seconds. All this, with a couple of one-liner commands from your trusty terminal.
A library for .NET framework applications to discover, install, and manage plugins from NuGet feeds, running each plugin in an isolated process for maximum stability.
A light process isolation sandbox used for Competitive Programming contest
Projet INSA 5e année : Implémenter en C et assembleur ARMv7 les mécanismes fondamentaux d'un OS : gestion de la stack, context-switch, paging...
Minimal docker-like Linux process isolation (aka containers)
A Toy linux Container With Alpine Linux Mini Root File System
Low-level Lightweight Process Sandbox for Linux [WIP]
Implementation of a secure, low-level application designed on CertiKOS formally verified operating system kernel. Simulation of an autonomous satellite critical susystems - environmental monitoring, task scheduling and watchdog diagnostics - within a trusted computing environment. Developed as part of my diploma thesis at the University of Patras.
A low-level OCI compliant container runtime for modern Linux.
Judgement and contest platform with processes isolation
⚠ OLD EXPERIMENT I used to learn Rust and linux namespaces ⚠ A port of the excellent process isolation library NsJail to rust with experimental features to decrease the startup latency further
EFFICIENT DOMAIN-LEVEL PROCESS ISOLATION ON AARCH64, Customized Linux Kernel
The GenCyber 10 Security First Principles are a set of fundamental best practices and guidelines for cybersecurity