oci-seccomp-bpf-hook by containers

OCI hook to trace syscalls and generate a seccomp profile

updated at Nov. 12, 2024, 8:02 a.m.

15 +0

303 +0

36 +0

rkt by rkt

[Project ended] rkt is a pod-native container engine for Linux. It is composable, secure, and built on standards.

updated at Nov. 12, 2024, 3:39 p.m.

420 +0

8,822 -1

883 +0

Whaler by P3GLEG

Program to reverse Docker images into Dockerfiles

updated at Nov. 12, 2024, 7:31 p.m.

24 +0

1,067 +2

95 +0

cnab-spec by cnabio

Cloud Native Application Bundle Specification

updated at Nov. 12, 2024, 8:03 p.m.

51 +0

957 +1

99 +0

container-diff by GoogleContainerTools

container-diff: Diff your Docker containers

updated at Nov. 13, 2024, 4:18 p.m.

65 +0

3,759 +1

234 +0

singularity by apptainer

Singularity has been renamed to Apptainer as part of us moving the project to the Linux Foundation. This repo has been persisted as a snapshot right before the changes.

updated at Nov. 14, 2024, 7:47 p.m.

88 +0

2,532 +2

424 +0

swarmpit by swarmpit

Lightweight mobile-friendly Docker Swarm management UI

updated at Nov. 14, 2024, 9:31 p.m.

68 +0

3,114 +8

285 +0

img by genuinetools

Standalone, daemon-less, unprivileged Dockerfile and OCI compatible container image builder.

updated at Nov. 15, 2024, 5:59 a.m.

51 +0

3,908 +1

231 +0

bubblewrap by containers

Low-level unprivileged sandboxing tool used by Flatpak and similar projects

updated at Nov. 15, 2024, 5:23 p.m.

55 +0

3,966 +12

237 +0

porto by yandex

Yet another Linux container management system

updated at Nov. 15, 2024, 9:53 p.m.

44 +0

397 -1

52 +0

photon by vmware

Minimal Linux container host

updated at Nov. 15, 2024, 11:53 p.m.

188 +0

3,049 +2

697 +1

nsjail by google

A lightweight process isolation tool that utilizes Linux namespaces, cgroups, rlimits and seccomp-bpf syscall filters, leveraging the Kafel BPF language for enhanced security.

updated at Nov. 16, 2024, 5:34 a.m.

88 -1

2,979 +9

274 +0

sysbox by nestybox

An open-source, next-generation "runc" that empowers rootless containers to run workloads such as Systemd, Docker, Kubernetes, just like VMs.

updated at Nov. 16, 2024, 7 a.m.

39 +0

2,812 +9

155 +0

udocker by indigo-dc

A basic user tool to execute simple docker containers in batch or interactive systems without root privileges.

updated at Nov. 16, 2024, 4:10 p.m.

34 +0

1,371 +8

133 +0

bocker by p8952

Docker implemented in around 100 lines of bash

updated at Nov. 16, 2024, 4:15 p.m.

271 +0

11,295 +5

718 +1

incus by lxc

Powerful system container and virtual machine manager

updated at Nov. 16, 2024, 6:41 p.m.

46 +0

2,746 +22

225 +1

docker-bench-security by docker

The Docker Bench for Security is a script that checks for dozens of common best-practices around deploying Docker containers in production.

updated at Nov. 16, 2024, 7:52 p.m.

234 +1

9,148 +21

1,017 +1

go-containerregistry by google

Go library and CLIs for working with container registries

updated at Nov. 16, 2024, 8:15 p.m.

31 -1

3,143 +9

543 +1

goss by goss-org

Quick and Easy server testing/validation

updated at Nov. 16, 2024, 10:12 p.m.

82 +0

5,614 +10

472 -1

moby by moby

The Moby Project - a collaborative project for the container ecosystem to assemble container-based systems

updated at Nov. 16, 2024, 11:27 p.m.

2,884 -5

68,759 +42

18,665 -1