sandbox
📦 Lightweight, ephemeral, sandboxes for Linux.
Create lightweight sandboxes for Linux with host isolation, rootfs images, and networking.
Microbox is a sandbox runtime that creates ephemeral and isolated execution environments on Linux by combining specific kernel features such as namespaces, cgroups, seccomp, and capabilities. It provides lightweight sandboxes to run container-like applications securely.
Run AI Generated Code Locally. A secure local sandbox to run LLM-generated code using Apple containers.
CodeRunner is an MCP (Model Context Protocol) server that executes AI-generated code in a sandboxed environment on your Mac using Apple's native containers.
Related contents:
easy secure execution of untrusted user/ai code.
Run untrusted code with VM-level isolation and lightning-fast startup. Built for AI agents, developers, and anyone who needs to execute code safely without compromising on speed or security.
Hyperlight is a lightweight Virtual Machine Manager (VMM) designed to be embedded within applications. It enables safe execution of untrusted code within micro virtual machines with very low latency and minimal overhead.
VMM for native-performance sandboxing.
TinyKVM is a simple, slim and specialized userspace emulator library with native performance.
TinyKVM is designed to execute regular Linux programs and also excels at request-based workloads in high-performance HTTP caches and web servers.
Related contents:
Malware analysis tool. Cuckoo3 is a Python 3 open source automated malware analysis system.
Cuckoo3 is an open-source tool to test suspicious files or links in a controlled environment. It will test them in a sandboxed platform emulator(s) and generate a report, showing what the files or websites did during the test.
In-browser Postgres sandbox with AI assistance.
With postgres.new, you can instantly spin up an unlimited number of Postgres databases that run directly in your browser (and soon, deploy them to S3).
Efficient and consistent CI/CD with Kubernetes.
A solution for implementing efficient and consistent software delivery to Kubernetes facilitating best practices. werf is a CNCF Sandbox CLI tool to implement full-cycle CI/CD to Kubernetes easily. werf integrates into your CI system and leverages familiar and reliable technologies, such as Git, Dockerfile, Helm, and Buildah.
TIO is a family of online interpreters for an evergrowing list of practical and recreational programming languages. To use TIO, simply click the arrow below, pick a programming language, and start typing. Once you click the run button, your code is sent to a TIO arena, executed in a sandboxed environment, and the results are sent back to your browser. You can share your code by generating a client-side permalink that encodes code and input directly in the URL.
Vulnerable REST API with OWASP top 10 vulnerabilities for security testing.
VAmPI is a vulnerable API made with Flask and it includes vulnerabilities from the OWASP top 10 vulnerabilities for APIs. It was created as I wanted a vulnerable API to evaluate the efficiency of tools used to detect security issues in APIs. It includes a switch on/off to allow the API to be vulnerable or not while testing. This allows to cover better the cases for false positives/negatives. VAmPI can also be used for learning/teaching purposes. You can find a bit more details about the vulnerabilities in erev0s.com.
Component toolkit for creating live-running code editing experiences.
Sandpack is a component toolkit for creating your own live running code editing experience powered by CodeSandbox.
PHPSandbox + Packagist. This is a playground to try Composer packages. With it, you can try 350k+ packages using a standard PHP v8.1 environment.
A CLI to create code sandboxes with automatic HTTPS and long running processes in your cloud provider account.
Advanced vm/sandbox for Node.js. vm2 is a sandbox that can run untrusted code with whitelisted Node's built-in modules. Securely!
Malware? Tear it apart, discover its ins and outs and collect actionable threat data. Cuckoo is the leading open source automated malware analysis system.