nsjail

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security. It utilizes Linux namespace subsystem, resource limits, and the seccomp-bpf syscall filters of the Linux kernel.

Features

Isolate networking services (e.g. web, time, DNS), by isolating them from the rest of the OS
Host computer security challenges (so-called CTFs)
Contains invasive syscall-level OS fuzzers
Offers three distinct operational modes
Utilizes kafel seccomp-bpf configuration language for flexible syscall policy definitions
Uses expressive, ProtoBuf-based configuration file

Project Samples

Project Activity

See All Activity >

License

Apache License V2.0

Follow nsjail

nsjail Web Site

Other Useful Business Software

Forever Free Full-Stack Observability | Grafana Cloud

Our generous forever free tier includes the full platform, including the AI Assistant, for 3 users with 10k metrics, 50GB logs, and 50GB traces.

Built on open standards like Prometheus and OpenTelemetry, Grafana Cloud includes Kubernetes Monitoring, Application Observability, Incident Response, plus the AI-powered Grafana Assistant. Get started with our generous free tier today.

Create free account

Rate This Project

User Reviews

Be the first to post a review of nsjail!

Additional Project Details

Operating Systems

Linux, Mac, Windows

Programming Language

C++

Related Categories

C++ Security Software

Registered

2024-06-20

Similar Business Software

Files.com

Files.com is a cloud-native Managed File Transfer (MFT) platform that unifies file transfers, sharing, and automation across any cloud, protocol, or partner. It connects 50+ storage systems — including Amazon S3, Azure, Google Drive, SharePoint, Dropbox, and Box — presenting them as a single...

See Software
Firejail

Firejail is a SUID program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces and seccomp-bpf. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such...

See Software
ManageEngine Endpoint Central

ManageEngine Endpoint Central is built to secure the digital workplace while also giving IT teams complete control over their enterprise endpoints. It delivers a security-first approach by combining advanced endpoint protection with comprehensive management, allowing IT teams to manage the...

See Software
Control D

Control D is a customizable DNS filtering and traffic redirection platform that leverages Secure DNS protocols like DNS-over-HTTPS, DNS-over-TLS and DNS-over-QUIC, with support for Legacy DNS. - Block malicious threats - Block unwanted types of content network wide (ads & trackers, IoT...

See Software
groundcover

Cloud-based observability solution that helps businesses track and manage workload and performance on a unified dashboard. Monitor everything you run in your cloud without compromising on cost, granularity, or scale. groundcover is a full stack cloud-native APM platform designed to make...

See Software
UTunnel VPN and ZTNA

UTunnel provides Cloud VPN, ZTNA, and Mesh Networking solutions for secure remote access and seamless network connectivity. ACCESS GATEWAY: Our Cloud VPN as a Service offers swift deployment of Cloud or On-Premise VPN servers. It utilizes OpenVPN and IPSec protocols, enables policy-based...

See Software