runtime-security

There are 11 repositories under runtime-security topic.

• Mobile-Security-Framework-MobSF

  MobSF / Mobile-Security-Framework-MobSF

  Mobile Security Framework (MobSF) is an automated, all-in-one mobile application (Android/iOS/Windows) pen-testing, malware analysis and security assessment framework capable of performing static and dynamic analysis.

  android-securityapi-testingapkcwedevsecopsdynamic-analysisios-securitymalware-analysismastgmasvsmobile-securitymobsfmstgowasprestruntime-securitystatic-analysisweb-securitywindows-mobile-security
  Language:JavaScript 19751
• falco

  falcosecurity / falco

  Cloud Native Runtime Security

  cncfcontainerssecurityfalcoebpfkuberneteshacktoberfestcloud-nativecncf-projectruntime-security
  Language:C++ 8372

• aquasecurity / tracee

  Linux Runtime Security and Forensics using eBPF

  ebpflinuxbpfsecuritygolangdockerkubernetesruntime-security
  Language:Go 4235

• step-security / harden-runner

  Harden-Runner is a CI/CD security agent that works like an EDR for GitHub Actions runners. It monitors network egress, file integrity, and process activity on those runners, detecting threats in real-time.

  github-actionsactionssupply-chain-securityhardeningsecurity-hardeningrunnersegress-filteringnetwork-securityruntime-security
  Language:TypeScript 909

• Gui774ume / ebpfkit

  ebpfkit is a rootkit powered by eBPF

  ebpfsecurityrootkitlinuxlinux-kernellinux-kernel-hackingruntime-securitykernel
  Language:C 809

• OWASP / iGoat-Swift

  OWASP iGoat (Swift) - A Damn Vulnerable Swift Application for iOS

  ios-securityruntime-securityinsecure-data-storageipaowasp-igoatowasp-top-10ios-swift
  Language:C 447

• chriskaliX / Hades

  Hades is a Host-Based Intrusion Detection System based on eBPF(mainly)

  agenthidsgolangebpfnetlinklinuxebpf-secruntime-securitysecurityebpf-programslibbpfrust
  Language:C 301

• aquasecurity / traceeshark

  Deep Linux runtime visibility meets Wireshark

  epbflinuxmalware-analysisruntime-securitysecuritytraceetracingwireshark
  Language:C 295

• Gui774ume / ebpfkit-monitor

  ebpfkit-monitor is a tool that detects and protects against eBPF powered rootkits

  linuxsecuritykernelrootkitlinux-kernelebpflinux-kernel-hackingruntime-security
  Language:C 137

• willfindlay / bpfbox

  🐝 BPFBox 📦 Exploring process confinement in eBPF

  ebpfsandboxsecuritylinuxlinux-kernelruntime-securitybcc
  Language:C 105

• kube-tarian / tarian

  Protect your Cloud Native Applications running on Kubernetes from malicious attacks with pre-registered source code, pre-registered runtime processes monitoring, automated actions based on configure-actions, analytics, alerting and also sharing detections with community. Maybe save from Ransomware. Shift-Left your threat detection. Shift Right threat elimination.

  devsecopsmicroservicescontainerssecuritysecurity-toolssecurity-hardeningtariancloudnativeantivirusruntime-securityanti-virusantivirus-softwareantimalwareanti-malwarekuberneteskubernetes-antimalwarehacktoberfestkubernetes-securityshiftleftebpf
  Language:Go 57

• kubearmor / policy-templates

  Community curated list of System and Network policy templates for the KubeArmor and Cilium

  runtime-securitykubearmorciliumsystem-policynetwork-policykubernetes-policy
  47
• KubeDagger

  yasindce1998 / KubeDagger

  Kubernetes offensive framework built in eBPF

  containersebpfkuberneteslinuxlinux-kernellinux-kernel-hackingmalwarerootkitruntime-security
  Language:C 39

• bombinisecurity / bombini

  eBPF security monitoring agent based on Aya

  ayabpfebpfsecuritykernelruntime-security
  Language:Rust 33
• pyrasp

  rbidou / pyrasp

  PyRASP is a Runtime Application Self Protection package for Python-based Web Servers (Flask, FastAPI and Django), Serverless Functions (AWS Lambda, Azure and Google Cloud Functions) and MCP Servers (FastMCP)

  application-securityraspruntime-securityaws-lambdaazure-functionsdjangofastapiflaskgcp-cloud-functionsfastmcpmcpmcp-serverssecurity
  Language:Python 32

• Loginsoft-LLC / Linux-Exploit-Detection

  Linux based vulnerabilities (CVE) exploit detection through runtime security using Falco/Osquery/Yara/Sigma

  ebpfexploitfalcolinuxosqueryruntime-securitythreat-huntingopenpolicyagentregocloudnativecveyaracloudsecurityvulnerability-managementthreat-intelligencevulnerability-intelligencethreat-detection
  Language:Open Policy Agent 21

• listendev / action

  Proactive security monitoring and threat detection in CI/CD

  cigithub-actionnpmsupply-chain-securitydynamic-analysisruntime-security
  Language:TypeScript 15

• falcosecurity / kernel-testing

  Ansible playbooks to provision firecracker VMs and run Falco kernel tests

  ansibleebpffalcofirecrackerignitekernelruntime-securitytests
  Language:Dockerfile 13

• listendev / jibril-releases

  Jibril: A performant and low impact Linux runtime security tool agent.

  ai-securityai-security-toolcicdcloud-nativecnappdevsecopsebpf-co-reebpf-programsiotiot-securityk8sk8s-securityruntime-securitysecurity-toolscndr
  Language:Shell 13

• 0x41c / CeroClient

  A Minecraft client injection platform with in-environment JVM object resolution against obfuscation.

  clientinjectionminecraft-modpassion-projectproof-of-conceptruntime-security
  Language:C++ 6

• ocalasans / dralyxor

  Dralyxor: Advanced C++ header-only library for robust string obfuscation, shielding binaries from static/dynamic analysis. Uses a consteval micro-program engine with variable NOPs. Runtime anti-debug/tamper checks (canaries, content checksums) plus RAII "just-in-time" decryption ensure secure, minimal memory exposure of plain-text data.

  cpluspluscppheader-onlyobfuscationstring-obfuscationcode-protectioncybersecuritysecuritykernel-modememory-securityreverse-engineeringruntime-securityuser-modestringstring-literals
  Language:C++ 5

• aessecurity / oburix

  eBPF-based runtime agent for Endpoint Detection and Response for Linux based operating systems.

  agentcybersecurityebpfedrlinuxruntime-securityxdr
  Language:C 2

• fhnw-imvs / fhnw-kubeseccontext

  Keep your Kubernetes workloads in tune — secure and functional.

  hardeningkubernetesruntime-securitysecuritysecurity-context
  Language:Go 2

• garnet-org / jibril-releases

  Jibril releases (automated).

  cnappcwppk8s-securityruntime-securitysecurityedr
  2

• marvisvault / marvis-vault

  Trust and compliance engine for AI agents — OSS CLI, SDK, and audit tools.

  aicliopen-sourceosssdksecurityai-agentstrust-infrastructuretrust-in-aicomplianceagentopspolicy-engineaudit-loggingruntime-securitytrustworthy-aipython3security-tools
  Language:Python 2

• amir9339 / ebpf_maps_hooking

  POC developed while writing the paper "A weakness in eBPF-based runtime security applications"

  epbfevasion-attacksruntime-security
  Language:C 1

• gardener / gardener-extension-shoot-falco-service

  Gardener extension controller to deploy Falco into shoot clusters.

  falcogardenergardener-extensionruntime-securitykubernetes
  Language:Go 1

• nikhilnayak98 / csvs

  CentOS based Docker Security Architecture

  container-hardeningcontainer-securitycontainerizationdockerdocker-hardeningdocker-securitylinux-capabilitiesruntime-securityseccompselinux
  Language:Shell 1

• tigera-solutions / cc-aks-implement-runtime-security

  In this AKS-focused workshop, you will work with Calico Cloud to learn how to implement runtime security to protect containers in your Kubernetes cluster from known and zero-day threats based container and network attacks running on Microsoft AKS.

  aksazurecalicocalico-cloudccregismartinsruntime-securitysecurity
  1

• iamgp21 / capstone-runtime-sec

  POC Repo for Implementing Runtime Security fo a Kubernetes Cluster.

  kubernetesruntime-securityobservabilitycncfarchitecturecloud-securityebpf
  Language:Go 0

• marvisvault / .github

  ai-agentsopen-sourcecompliancetrustworthy-airuntimesdkclitrust-infrastructureaudit-loggingredactionruntime-securitysecuritysecurity-toolspython
  0

• akramIOT / mcp_server_agentic_tool

  Github, Linear related MCP Server exposing a nuanced MCP Server Vulnerability at runtime

  mcp-servermcp-server-securityruntime-securityvulnerability
  Language:Python

• bharats487 / cloud-native-security-platform

  Comprehensive real-time security platform for Kubernetes-based cloud-native applications. Features runtime security monitoring, vulnerability scanning, compliance automation, and policy enforcement using OPA, Falco, Trivy, and Aqua Security.

  aqua-securityci-cdcloud-nativecompliancedashboarddevsecopsfalcokubernetesopaopen-policy-agentpolicy-as-coderuntime-securitysecuritytrivyvulnerability-scanning
  Language:JavaScript

• bugsmirror / MASST

  Bugsmirror MASST (Mobile Application Security Suite and Tools) is a comprehensive platform for end-to-end mobile application security. It offers threat detection tools for static, runtime, dynamic API testing and red teaming; robust app shielding solution for threat mitigation; threat visibility dashboard; & AI powered insight in a single platform.

  anti-reverse-engineeringanti-tamperingapi-security-testingapp-shieldingdevice-integritydynamic-application-security-testingjailbreak-detectionmobile-application-securitymobile-application-security-testingredteamingroot-detectionruntime-application-self-protectionruntime-securityruntime-security-testingsecure-communicationstatic-application-security-testingthreat-dashboardthreat-detection-responsethreat-mitigationthreat-monitoring

• garnet-org / api

  client and types for garnet platform

  github-actionsk8s-securityruntime-securitysecuritygithub-actions-security
  Language:Go

• valtirman / treeline-core

  ai-governanceecsfastapifirewallgenaillmmitmproxyopenaiproxyruntime-security
  Language:Shell