A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security. It utilizes Linux namespace subsystem, resource limits, and the seccomp-bpf syscall filters of the Linux kernel.
Features
- Isolate networking services (e.g. web, time, DNS), by isolating them from the rest of the OS
- Host computer security challenges (so-called CTFs)
- Contains invasive syscall-level OS fuzzers
- Offers three distinct operational modes
- Utilizes kafel seccomp-bpf configuration language for flexible syscall policy definitions
- Uses expressive, ProtoBuf-based configuration file
Categories
SecurityLicense
Apache License V2.0Follow nsjail
Other Useful Business Software
Go From AI Idea to AI App Fast
Access Gemini 3 and 200+ models. Build chatbots, agents, or custom models with built-in monitoring and scaling.
Rate This Project
Login To Rate This Project
User Reviews
Be the first to post a review of nsjail!