Skip to content

Tool to capture containers syscalls and generate a Seccomp profile

License

Notifications You must be signed in to change notification settings

0xSmiley/TraceComp

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 
 

Repository files navigation

Solution to capture all the syscalls generated by newly spawned containers and generate a Seccomp Profile whitelisting those captured syscalls.

If you have a working proof of concept you will be able to detect the syscalls that the exploit uses.

Used to fuzz containers in order to increse the syscalls coverage.

Requirements:

  • Docker
  • Python3
  • Pip3
    • Docker
    • Grpcio
    • Grpcio-tools
    • Argparse

pip3 install -r requirements

PoCs:

PhpMail.
Nginx.
Apache.

Thesis

This project is the result of my thesis at the Information Security Master's Degree.
In case you need more information about this project, you can check out:

Thesis.

About

Tool to capture containers syscalls and generate a Seccomp profile

Topics

Resources

License

Stars

Watchers

Forks

Releases

No releases published

Packages

No packages published