This is the repository for the code and artifacts related to the CCS2022 paper: C2C: Fine-grained Configuration-driven System Call Filtering

Stateful system call specialization for microservices

A language and library for specifying syscall filtering policies.

KernJC: Automated Vulnerable Environment Generation for Linux Kernel Vulnerabilities | 🏆 Best Practical Paper Award of RAID 2024

Localroot-ALL-CVE~

A collection of links related to Linux kernel security and exploitation

linux-kernel-exploits Linux平台提权漏洞集合

🔍NVD exploit & JVN(Japan Vulnerability Notes) easy description

Linux privilege escalation exploits collection.

Artifact of SysPart

Code snippets from the O'Reilly book

Learning eBPF, published by O'Reilly - out now! Here's where you'll find a VM config for the examples, and more

eBPF implementation that runs on top of Windows

syzkaller is an unsupervised coverage-guided kernel fuzzer

Analysis of syscall sequence pattern from exploit codes for advanced system call sequence filtering for enhanced container security

Gin is a high-performance HTTP web framework written in Go. It provides a Martini-like API but with significantly better performance—up to 40 times faster—thanks to httprouter. Gin is designed for …

OCI hook to trace syscalls and generate a seccomp profile

BCC - Tools for BPF-based Linux IO analysis, networking, monitoring, and more

Linux kernel source tree

Provide powerful tools for seccomp analysis

ALL IN ONE Hacking Tool For Hackers

⭐ Web frameworks for Go, most starred on GitHub

This tool set can generate SECCOMP profiles for Docker images. It mainly relies on static analysis, making its results more reliable than currently available tools.

The official GitHub mirror of the Chromium source

🍣 국내 스시 오마카세 맛집 리스트

🎙️ [딜리버블] 아나운서 쉐도잉으로 키우는 스피치 자신감