Skip to content

0xSmiley/TraceComp

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

121 Commits

Fuzzer

Fuzzer

 
 

Mitigation

Mitigation

 
 

PoC

PoC

 
 

Tracer

Tracer

 
 

.gitignore

.gitignore

 
 

Dockerfile

Dockerfile

 
 

LICENSE

LICENSE

 
 

README.md

README.md

 
 

Thesis.pdf

Thesis.pdf

 
 

installs.txt

installs.txt

 
 

requirements.txt

requirements.txt

 
 

Repository files navigation

Tracer

Solution to capture all the syscalls generated by newly spawned containers and generate a Seccomp Profile whitelisting those captured syscalls.

Mitigation

If you have a working proof of concept you will be able to detect the syscalls that the exploit uses.

Fuzzer

Used to fuzz containers in order to increse the syscalls coverage.

Requirements:

  • Docker
  • Python3
  • Pip3
    • Docker
    • Grpcio
    • Grpcio-tools
    • Argparse

pip3 install -r requirements

PoCs:

PhpMail.
Nginx.
Apache.

Thesis

This project is the result of my thesis at the Information Security Master's Degree.
In case you need more information about this project, you can check out:

Thesis.

About

Tool to capture containers syscalls and generate a Seccomp profile

Topics

trace capture syscalls seccomp bcc seccomp-profile grpcio

Resources

Readme

License

Apache-2.0 license
Activity

Stars

1 star

Watchers

2 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages