capstone
libseccomp
Our great sponsors
| capstone | libseccomp | |
|---|---|---|
| 1 | 3 | |
| 5,294 | 771 | |
| - | 2.9% | |
| 5.3 | 4.6 | |
| over 2 years ago | 10 days ago | |
| C | C | |
| GNU General Public License v3.0 or later | GNU Lesser General Public License v3.0 only |
Stars - the number of stars that a project has on GitHub. Growth - month over month growth in stars.
Activity is a relative number indicating how actively a project is being developed. Recent commits have higher weight than older ones.
For example, an activity of 9.0 indicates that a project is amongst the top 10% of the most actively developed projects that we are tracking.
capstone
libseccomp
-
Linux Security - Secure Computing Mode (seccomp)
We can configure seccomp by the libseccomp (https://github.com/seccomp/libseccomp), the prctl(https://man7.org/linux/man-pages/man2/prctl.2.html) system call and/or the seccomp syscall (https://man7.org/linux/man-pages/man2/seccomp.2.html) and/or other CLI tools (like https://github.com/david942j/seccomp-tools) .
-
Show HN: Porting OpenBSD Pledge() to Linux
Very nice! I'm a fan of OpenBSD and pledge(). I've had some success on Linux with libseccomp[0] which means you don't have to deal with BPF directly, but pledge() is obviously much much easier.
0. https://github.com/seccomp/libseccomp
-
Zoom zero-day discovery makes calls safer, hackers $200k richer
Yeah the idea of wrangling raw BPF is a bit daunting. Just FYI, libseccomp (https://github.com/seccomp/libseccomp) exists to abstract away all the BPF stuff. It even comes prepackaged by the major distros (ex https://packages.debian.org/sid/libseccomp2) so you don't even have to compile it yourself.
What are some alternatives?
Unicorn Engine - Unicorn CPU emulator framework (ARM, AArch64, M68K, Mips, Sparc, PowerPC, RiscV, S390x, TriCore, X86)
tracee - Linux Runtime Security and Forensics using eBPF
radare2 - UNIX-like reverse engineering framework and command-line toolset
seccomp-scopes - Make Linux computing safe
zydis - Fast and lightweight x86/x86-64 disassembler and code generation library
libbpf - Automated upstream mirror for libbpf stand-alone build.
ret-sync - ret-sync is a set of plugins that helps to synchronize a debugging session (WinDbg/GDB/LLDB/OllyDbg2/x64dbg) with IDA/Ghidra/Binary Ninja disassemblers.
capsicum-linux - Linux kernel with Capsicum support
android-inline-hook - :fire: ShadowHook is an Android inline hook library which supports thumb, arm32 and arm64.
misc - miscellaneous scripts and small programs
cv32e40p - CV32E40P is an in-order 4-stage RISC-V RV32IMFCXpulp CPU based on RI5CY from PULP-Platform
Lean and Mean Docker containers - Slim(toolkit): Don't change anything in your container image and minify it by up to 30x (and for compiled languages even more) making it secure too! (free and open source)