Bubblewrap
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
Linux Containers in 500 Lines of Code is a project that aims to provide a minimal set of restrictions to run untrusted code by utilizing namespaces, capabilities, mounts, system calls, resources, and networking in a concise codebase. The project is an exploration of container setup and security considerations in a literate code format.
A setuid implementation of a subset of user namespaces, providing a way to run unprivileged containers without requiring root privileges.
A CLI tool to simplify the use of AWS Systems Manager Session Manager
A script and library for identifying risks in AWS IAM configuration
Automatically compile AWS SCPs for compliant AWS services based on preferred frameworks.
DataCop is a custom AWS framework for mitigating S3 bucket attack vectors based on customer configuration.
A Python script to test the security of AWS S3 buckets