awesome-repositories.com
المدونة
awesome-repositories.com

اكتشف أفضل مستودعات المصادر المفتوحة باستخدام بحث مدعوم بالذكاء الاصطناعي.

استكشفعمليات بحث منسقةبدائل مفتوحة المصدربرمجيات ذاتية الاستضافةالمدونةخريطة الموقع
المشروعحولكيفية ترتيب النتائجالصحافةخادم MCP
قانونيالخصوصيةالشروط
© 2026 Bringes Technology SRL·VAT RO45896025·hello@awesome-repositories.com
·

8 مستودعات

Awesome GitHub RepositoriesApplication Isolation Containers

Uses operating system level containerization to isolate applications from the host and each other to prevent vulnerability exploitation.

Distinct from Containerized Application Runtimes: Candidates focus on DevOps deployment and Docker runtimes; this is about OS-level security sandboxing and isolation of Win32 apps.

Explore 8 awesome GitHub repositories matching operating systems & systems programming · Application Isolation Containers. Refine with filters or upvote what's useful.

Awesome Application Isolation Containers GitHub Repositories

اعثر على أفضل المستودعات باستخدام الذكاء الاصطناعي.سنبحث عن أفضل المستودعات المطابقة باستخدام الذكاء الاصطناعي.
  • docker/dockerالصورة الرمزية لـ docker

    docker/docker

    71,736عرض على GitHub↗

    Docker is an OCI container engine and runtime orchestrator used to build, run, and manage isolated applications. It functions as a container image builder for creating portable snapshots of applications and a registry manager for storing, versioning, and distributing those images across environments. The platform provides a centralized daemon to control the creation, execution, and termination of containerized workloads. It allows for the assembly of modular container systems by combining build tools, registries, and runtimes. Its core capabilities cover container image creation, registry ad

    Uses operating system level containerization to ensure resource separation and dependency independence.

    Go
    عرض على GitHub↗71,736
  • home-assistant/operating-systemالصورة الرمزية لـ home-assistant

    home-assistant/operating-system

    7,222عرض على GitHub↗

    This project is a Buildroot-based Linux distribution and embedded home server operating system designed to host containerized home automation services. It serves as a dedicated platform that manages the hardware and software requirements of a local smart home hub. The system is built as an immutable operating system, utilizing a read-only root filesystem and image-based updates to ensure consistent versioning and prevent accidental changes. It employs container-based process isolation to decouple applications from the core operating system. The platform provides a supervised container manage

    Uses operating system level containerization to isolate home automation services from the host kernel.

    Pythonbuildrootdockerhacktoberfest
    عرض على GitHub↗7,222
  • tock/tockالصورة الرمزية لـ tock

    tock/tock

    6,351عرض على GitHub↗

    Tock is a secure embedded operating system and microcontroller kernel designed to isolate untrusted applications and drivers. It functions as a memory-safe process isolator that uses a combination of hardware memory protection and language-level type safety to execute mutually distrustful applications on bare metal. The system distinguishes itself through a hardware abstraction layer that decouples high-level components from specific microcontroller implementations using standardized traits. It further employs a virtualization layer to allow multiple independent software components to share a

    Executes untrusted applications in separate threads with reduced privileges using a hardware memory protection unit.

    Rust
    عرض على GitHub↗6,351
  • cloudflare/vibesdkالصورة الرمزية لـ cloudflare

    cloudflare/vibesdk

    5,094عرض على GitHub↗

    vibesdk هو منصة تطوير برمجيات وكيلة وإطار عمل مصمم لتنسيق الوكلاء المستقلين الذين يكتبون ويصححون ويحسنون التطبيقات المتكاملة من اللغة الطبيعية. يعمل كمنسق تطبيقات سحابي وإطار عمل لتوليد الكود مدعوم بنماذج لغوية كبيرة (LLM) يحول المطالبات إلى كود وظيفي من خلال محادثات تكرارية وسلوكيات وكيل متعددة المراحل. يتميز المشروع بتوفير سلسلة أدوات كاملة لبناء منصات تطوير الذكاء الاصطناعي. يتضمن ذلك القدرة على دمج موفري نماذج مختلفين، وبناء مجموعات أدوات LLM مخصصة، وإدارة دورة حياة التطبيقات المولدة بالذكاء الاصطناعي بالكامل عبر سلسلة أدوات نشر بدون خادم (serverless) و SDK برمجي بلغة TypeScript. تغطي المنصة مجموعة واسعة من الإمكانات، بما في ذلك تنسيق بيئة الاختبار (sandbox) للتنفيذ المعزول والمعاينات الحية، وأنظمة ملفات افتراضية مدعومة بـ Git لتتبع الإصدارات، والنشر السحابي الآلي لمنصات العمال بدون خادم. كما تدمج أنظمة لإدارة مخطط قاعدة البيانات، وتشفير الأسرار الهرمي، ومزامنة الحالة في الوقت الفعلي عبر WebSockets. يمكن للمستخدمين إدارة سير عمل المشروع من خلال واجهة سطر أوامر أو برمجياً باستخدام SDK المقدم.

    Runs generated applications in isolated containerized environments to ensure security and prevent interference.

    TypeScript
    عرض على GitHub↗5,094
  • hotcakex/harden-windows-securityالصورة الرمزية لـ HotCakeX

    HotCakeX/Harden-Windows-Security

    4,139عرض على GitHub↗

    Harden-Windows-Security is a security hardening tool and framework designed to reduce the attack surface of the Windows operating system through policy enforcement. It provides a collection of security presets and templates to implement official hardening standards across multiple devices. The project distinguishes itself through a comprehensive execution control system, featuring a manager for Windows Application Control and a kernel protection suite. It implements strict trust models, including kernel-mode driver whitelisting, signed policy implementation on the EFI partition, and code inte

    The product uses containers to isolate applications and protect the platform from vulnerabilities in third-party libraries.

    C#1st-party-securityapplicationcontrolaudit
    عرض على GitHub↗4,139
  • hackerschoice/thc-tips-tricks-hacks-cheat-sheetالصورة الرمزية لـ hackerschoice

    hackerschoice/thc-tips-tricks-hacks-cheat-sheet

    3,853عرض على GitHub↗

    This project is a comprehensive command-line reference and toolkit designed for Linux system administration and network security assessment. It provides a collection of technical snippets and operational guides focused on managing remote environments, orchestrating shell sessions, and executing administrative tasks through native terminal utilities. The repository distinguishes itself by offering specialized techniques for stealthy operations and infrastructure manipulation. It covers methods for establishing encrypted tunnels to bypass firewalls, obfuscating process identities and command hi

    Runs applications within isolated containers to prevent unauthorized access to the host system.

    Shell
    عرض على GitHub↗3,853
  • unikraft/unikraftالصورة الرمزية لـ unikraft

    unikraft/unikraft

    3,733عرض على GitHub↗

    Unikraft is a modular library operating system and unikernel framework designed to compile applications into minimal, bootable virtual machine images. It serves as an OCI-compliant image builder and a cloud-native hypervisor target, enabling the creation of specialized runtimes that include only the specific drivers and libraries required by a single application. The system features a Linux compatibility layer that maps standard API calls and POSIX standards to unikernel libraries, allowing unmodified binaries to run without a full general-purpose kernel. It distinguishes itself by allowing c

    Runs each application in a dedicated virtual machine to prevent compromise escalation between instances.

    Capplicationcloudcloud-native
    عرض على GitHub↗3,733
  • mozilla/gecko-devالصورة الرمزية لـ mozilla

    mozilla/gecko-dev

    3,691عرض على GitHub↗

    Gecko-dev is a web browser engine and cross-platform browser framework. It serves as a foundational system for rendering web content and executing JavaScript, providing a complete layout and rendering pipeline to transform web markup into visual pixels. The project is distinguished by a specialized browser UI toolkit that uses XML-based languages and custom widgets to build cross-platform windows and menus. It incorporates unique development bridges, including design-to-code linking and a standardized protocol for AI-driven browser control and automated verification. Its broader capabilities

    Isolates pinned web applications by tying them to specific identities to protect site data.

    JavaScript
    عرض على GitHub↗3,691
  1. Home
  2. Operating Systems & Systems Programming
  3. Application Isolation Containers

استكشف الوسوم الفرعية

  • MPU-Based Application IsolationIsolation of untrusted applications using a hardware memory protection unit to enforce boundaries. **Distinct from Application Isolation Containers:** Specifically uses hardware MPUs for microcontroller processes, unlike general OS-level containerization.