A filesystem sandbox for Linux using syscall intercepts.

FSSB - Filesystem Sandbox for Linux What is FSSB? FSSB is a sandbox for your filesystem. With it, you can run any program and be assured that none of your files are modified in any way. However, the program will not kn

Related Repos

passthehashbrowns Some source code to demonstrate avoiding certain direct syscall detections by locating and JMPing to a legitimate syscall instruction within NTDLL.

sickcodes No Sandbox - Applications That Run Chromium and Chrome Without The Sandbox. TL;DR exploits in these browser based applications are already sandboxed escaped: https://no-sandbox.io/

rabbitstack cubostratus is a high performance Linux syscall collector. It acquires the syscall flow from the rock solid sysdig driver and emits it to Kafka brokers for later ingestion, storage and analysis. Usage Build the sysdig ker

miquels webdavfs A FUSE filesystem for WEBDAV shares. Most filesystem drivers for Webdav shares act somewhat like a mirror; if a file is read it's first downloaded then cached in its entirety on a local drive, then read from t

Bromeon js-sandbox is a Rust library for executing JavaScript code from Rust in a secure sandbox. It is based on the Deno project and uses serde_json for serialization.

Mantraufo KanonSys Bypass Windows defender syscall Syscall + Amsi + Aes + Antidebug Antidebug https://github.com/arsium/AntiDebug https://t.me/Malwarelatino You

Ashok-Varma Gander What is this library about? Gander is a simple in-app HTTP inspector for Android OkHttp clients. Gander intercepts and persists all HTTP requests and responses inside your application, and provides a UI

hacksysteam WPAD Sandbox Escape This project is used as the sandbox escape vector using WinHTTP Web Proxy Auto-Discovery Service (WinHttpAutoProxySvc). One way to trigger WPAD call is using WinHttpOpen and finally calling WinHttpGetProxyFor

vgough EncFS - an Encrypted Filesystem Build Status Travis: Cirrus: About EncFS provides an encrypted filesystem in user-space. It runs in userspace, using the FUSE library for the filesystem interface. EncFS is op

usmanhalalit Gost Filesystem abstraction layer for Golang, that works with Local filesystem and Amazon S3 with a unified API. You can even copy-paste files from different sources. FTP, Dropbox etc. will follow soon. Quick Examp

spf13 A FileSystem Abstraction System for Go Overview Afero is a filesystem framework providing a simple, uniform and universal API interacting with any filesystem, as an abstraction layer providing interfaces, types and method

germangb mini-fs mini-fs is an extensible virtual filesystem for the application layer. Supports reading from both the native filesystem, as well as Tar & Zip

AutoScreencast Code Sunaba A simple ClojureScript code sandbox (“sunaba” means “sandbox” in Japanese). This app was scaffolded using create-reagent-app, which is pow

netblue30 Firejail is a SUID sandbox program that reduces the risk of security breaches by restricting the running environment of untrusted applications using Linux namespaces, seccomp-bpf and Linux capabilities. It allows a process and all its descendants to have their own private view of the globally shared kernel resources, such as the network stack, process table, mount table.

tywkeene go-fsevents About Recursive filesystem event watcher using inotify in golang go-fsevents provides functions necessary for monitoring filesystem events on Linux systems using the inotify interface. Unlike

AustinOwens Cardano Docker Sandbox A bare-bones sandbox for developing with Cardano tools/utilities. Includes latest code from Alonzo fork. THIS IS ONLY A SANDBOX

peasead Windows 10 Sandbox to Elastic Cloud This project is aimed at rapidly building a Windows 10 system to use for dynamic malware analysis (sandbox), sendi

LloydLabs wsb-detect enables you to detect if you are running in Windows Sandbox ("WSB"). The sandbox is used by Windows Defender for dynamic analysis, and commonly manually by security analysts and alike.

aidevjoe SandboxBrowser A simple iOS sandbox file browser, enable you to view sandbox file system on iOS device, share files via airdrop, super convenient when you want to send log files from iOS device to Mac. reference from AirSandb

dineshshetty During an iOS pentesting gig you'll need to: Take a look at the data that is being stored in the application sandbox Analyze the application binary The location of the application binary is /private/var/mobile/containers/Bundle/App

timwhitez Demo of process injection, using Nt, direct syscall, etc.