30 open-source projects similar to livecontainer/livecontainer, ranked by how many features they have in common. Compare stars, activity and what each one does to find the best LiveContainer alternative.
rusty_v8 is a Rust wrapper for the V8 JavaScript engine that allows for the embedding of a JavaScript runtime into native applications. It provides core components for managing engine bindings, memory allocation, sandboxed isolates, and the execution of WebAssembly modules. The project features a native host function bridge to map Rust functions to JavaScript objects and a dedicated memory allocator to manage thread-safe allocation and heap pressure. It includes a system for compiling and executing binary WebAssembly modules within the hosted native environment. The runtime covers capabiliti
VirtualXposed is an Android virtualization framework that provides a containerized environment for running applications and system-level hooks. It functions as an isolated execution space, allowing users to manage and extend installed software independently from the host operating system. The platform enables the execution of specialized software extensions and framework modules that modify application behavior without requiring device rooting, bootloader unlocking, or modifications to the core system image. By creating a secondary, containerized Android system, it allows for the application
Strix is an automated security research and vulnerability scanning platform that leverages language models to orchestrate complex security analysis tasks. It functions as a comprehensive framework for penetration testing and continuous security integration, allowing users to embed automated vulnerability research directly into development pipelines or execute it within isolated, containerized environments. The platform distinguishes itself through a multi-agent orchestration engine that coordinates specialized autonomous agents to perform parallel security assessments. By integrating LLM-agno
Feather is an iOS application manager and installer designed for signing and installing third-party mobile applications using developer certificates. It functions as a utility to sideload applications and manage external app repositories directly on a mobile device. The project includes capabilities for patching application binaries and injecting system files to modify runtime behavior and visual appearance. It utilizes developer certificate management to authenticate binaries and bypass official app store installation restrictions. The tool further supports importing applications from exter
react-native-mmkv is a synchronous mobile persistence system that provides an encrypted key-value store for mobile applications. It serves as a high-performance wrapper for the MMKV storage engine, eliminating asynchronous overhead by reading and writing values directly to disk. The project distinguishes itself through shared app group storage, which allows data access across multiple application extensions via a shared filesystem directory. It also provides state-synced storage hooks that automatically trigger component updates when stored key-value pairs change. The system covers a broad r
Sandboxie is an operating system-level virtualization tool designed to run Windows applications in isolated, secure environments. By intercepting system calls and redirecting file system and registry modifications to a separate, discardable storage area, it prevents untrusted software from making permanent changes to the host system. This containment ensures that browser history, temporary files, and potential malware remain trapped within the sandbox, protecting the integrity and privacy of the underlying host. The software distinguishes itself through granular control over the isolation env
E2B is a cloud-based infrastructure platform designed to provide secure, isolated execution environments for code and shell commands. It functions as an ephemeral orchestrator that provisions lightweight virtual machines, allowing developers and autonomous agents to run untrusted processes within a sandbox that is completely separated from the host system. The platform distinguishes itself through its focus on programmable, serverless workspaces that support the full lifecycle of cloud-based development. By utilizing hardware-level isolation and snapshot-based resumption, it enables the near-
Daytona is a cloud-native development environment platform designed to orchestrate ephemeral, containerized workspaces. It provides a centralized system for managing reproducible coding environments as code, ensuring consistency across distributed teams by abstracting the underlying infrastructure. By utilizing declarative configuration, the platform automates the entire lifecycle of development sandboxes, from initial provisioning to resource governance. The platform distinguishes itself through its infrastructure-agnostic runner layer, which allows development environments to be deployed ac
Sandbox Agent is a platform designed to manage, secure, and orchestrate autonomous coding assistants. It provides a standardized infrastructure for executing untrusted code and managing agent lifecycles within isolated, containerized environments. By decoupling agent execution from client connections, the platform ensures that session states remain persistent across process restarts and network interruptions. The project distinguishes itself through a capability-based security model that enforces granular permission checks on tool usage, ensuring that autonomous processes operate within defin
MCSManager is a game server management panel and multi-node server manager that provides a centralized web interface for deploying, monitoring, and controlling multiple game server instances across distributed physical or virtual machines. It functions as a Docker game server orchestrator, enabling the execution of servers within isolated containers to simplify deployment and environment scaling. The system distinguishes itself through a customizable self-hosted dashboard featuring drag-and-drop layouts and the ability to embed custom HTML and JavaScript components. It provides real-time term
rllm is an asynchronous reinforcement learning framework for training language agents. It provides a unified pipeline that runs the same agent code for both evaluation and training, automatically capturing traces for gradient computation. The framework supports distributed reinforcement learning across multiple GPUs and nodes using pluggable backends, and executes agents in isolated sandboxes—either locally or in the cloud—for safe and scalable rollout collection. It trains agents built with LangGraph, SmolAgents, OpenAI Agents SDK, or custom frameworks without requiring core logic changes. T
Rivet is a distributed infrastructure for managing the lifecycle, addressing, and persistence of stateful actors and durable execution engines. It provides a distributed process sandbox that executes application logic within lightweight isolates, ensuring resource isolation and fast cold starts. The system is designed to coordinate multi-step operations using persistent queues and timers to guarantee reliable task completion across distributed environments. The platform specifically enables the orchestration of stateful AI agents that maintain persistent memory and state across long-running i
Microsandbox is a microVM sandbox runtime and hardware-isolated code executor designed for running untrusted code. It functions as an embedded virtual machine manager that allows applications to spawn and control lightweight virtual machines directly within code without the need for a background daemon. The system provides a secure execution environment for AI agents by exposing server controls that allow them to execute tools and manage files. It utilizes standard container image formats and volume workflows to initialize guest virtual machines and implements a secret management mechanism th
dockerlabs is a collection of educational labs and technical tutorials designed to teach the fundamentals of containerization and microservice architecture. It provides instructional material and hands-on exercises covering image optimization, security training, infrastructure setup, and cluster orchestration. The project features specific courses and guides focused on reducing image size through multi-stage builds, securing workloads via vulnerability scanning and encrypted networks, and deploying multi-node clusters with high availability using Swarm orchestration. The materials cover a br
Bottles is a Wine compatibility manager and prefix manager that provides a graphical interface for running Windows applications on Linux. It functions as a Windows application sandbox and dependency manager, organizing isolated environments to prevent dependency conflicts and protect the host operating system. The project acts as a Wine runner orchestrator, allowing users to download, install, and switch between different compatibility layers and graphics renderers. It distinguishes itself by using community-driven scripts for automated software installation and dependency management, alongsi
MonkeyDev is a developer toolset for building, injecting, and deploying system extensions and custom dynamic libraries into mobile applications. It functions as an application patching tool and dynamic library injector designed to modify how mobile applications operate. The project provides a development environment for creating system extensions and tweaks, including tools for injecting libraries into decrypted binaries to enable debugging and symbol restoration on non-jailbroken hardware. It features a command-line interface for deploying hooks into system processes and third-party applicat
Bubblewrap is an unprivileged sandbox execution utility for Linux that isolates processes from the host system. It creates secure environments by leveraging Linux namespaces to separate system resources, including network, PID, and IPC stacks. The project distinguishes itself by enabling the execution of untrusted software without requiring root privileges on the host machine. It prevents privilege escalation by disabling the execution of setuid binaries and uses user identity mapping to isolate process permissions from the host operating system. The tool manages a comprehensive security sur
VirtualApp is an Android application virtualization engine and user-space sandbox that enables the execution of applications within an isolated environment. It allows for the running of multiple independent instances of the same application on a single device and supports private application installation without requiring system-level root access. The project features a comprehensive hooking framework for intercepting Java and native layer functions to modify application behavior. It includes tools for hardware simulation to spoof device models and system information, as well as a non-root pr
Kitematic is a graphical user interface for managing and running Docker containers on desktop operating systems. It serves as a visual Docker management tool and API client that translates user interface interactions into REST API calls to control the Docker daemon without requiring the command line. The application is built as a cross-platform Electron desktop application, utilizing a Chromium-based shell to provide a consistent administrative interface across Mac and Windows. The software covers the full container lifecycle, including the creation, configuration, and monitoring of containe
This project is a collection of curated and standardized Docker base images that serve as reliable starting points for building containerized applications. It functions as an OCI container image repository and a build template library, providing a central source of truth for images that adhere to Open Container Initiative standards for portability. The project utilizes an automated image lifecycle pipeline to build, tag, and push images, ensuring that dependencies remain current and security patches are applied. It specifically supports cross-platform distribution by providing a multi-archite
This project is a security hardening guide and privacy configuration manual for macOS. It provides a comprehensive set of instructions for configuring system settings to improve privacy, reduce the attack surface, and implement a malware defense framework. The guide covers technical methods for validating software notarization, verifying application sandboxing, and auditing system activity. It distinguishes itself by providing detailed workflows for restricting high-risk features and applying advanced security configurations to protect the operating system. The documentation covers several k
This project is a Microsoft Teams Linux client that functions as a native desktop wrapper for the web-based communication service. It uses an Electron-based shell to provide system integration and window management for the application on Linux platforms. The client distinguishes itself through a multi-account session manager that uses session partitioning and isolated data directories to allow concurrent access to multiple profiles and tenants. It further integrates with home automation via an MQTT bridge, publishing presence and call status to a message broker and receiving remote commands t
OpenFang is an operating system for LLM agents designed to orchestrate autonomous agents with built-in task scheduling, tool sandboxing, and multi-model routing. It provides a secure AI execution environment that integrates prompt injection scanning, cryptographic audit trails, and resource metering to ensure controlled processing. The platform distinguishes itself through a comprehensive security architecture, featuring fuel-metered tool sandboxing and an immutable activity audit trail based on cryptographic hash-chains. It implements high-assurance identity verification via signed manifests
Moltworker is an AI agent sandbox and model orchestrator designed for the secure execution of untrusted code and shell commands generated by large language models. It functions as a gateway proxy that routes requests to multiple AI providers through a unified interface, integrating a container runtime backed by S3-compatible object storage to persist state across ephemeral lifecycles. The system distinguishes itself by combining an AI model orchestrator with a headless browser controller for automated web scraping and screenshot capture. It manages the full lifecycle of AI agents, including m
Open-SWE is an asynchronous software engineering agent and orchestrator designed to automate end-to-end coding tasks and pull request reviews. It functions as a middleware framework that coordinates long-running AI operations across multiple subagents, utilizing state persistence and human-in-the-loop oversight to manage complex workflows. The system is distinguished by its use of isolated remote Linux sandboxes for secure code execution and shell command processing. It features a webhook-driven integration platform that triggers automated engineering tasks via mentions and events in GitHub,
CodeWhale is an AI coding agent orchestrator and development harness designed to coordinate autonomous agents that read, edit, and verify code. It provides a secure environment for AI agents to perform multi-step software engineering tasks, utilizing a sandboxed execution model to isolate shell commands and protect the host system. The system distinguishes itself by spawning multiple independent agents in parallel to handle separate investigation or implementation slices simultaneously. It employs a multi-model gateway to route requests across various cloud APIs and local servers, and utilize
Pandas AI is a data analysis library and natural language interface that uses large language models to perform conversational querying on structured datasets. It functions as a retrieval-augmented generation framework designed to translate plain text questions into executable code for extracting insights from dataframes and structured files. The system includes a dedicated sandbox execution environment that runs AI-generated analysis code within an isolated container to prevent security risks and system compromise. It employs a natural language translation layer and contextual retrieval to ma
OpenSandbox is a secure sandbox runtime and containerized code execution engine designed to run AI-generated code and scripts in isolated environments. It serves as a workload orchestrator that prevents host system contamination by utilizing kernel-level isolation to execute arbitrary commands and scripts. The project distinguishes itself by providing a model context server that bridges large language models to the sandbox for performing file operations and system commands. It also includes a remote GUI sandbox that supports browser automation and desktop interfaces via remote access protocol
This project is a comprehensive collection of web development reference guides and technical cheat sheets. It provides a curated set of markdown-based documentation designed to help developers quickly locate syntax patterns and API examples for common web technologies and programming languages. The repository serves as a specialized reference library covering several distinct technical domains. It includes extensive guides for CSS, focusing on selectors, Flexbox, Grid, and responsive layout properties, as well as a DevOps command reference for Docker, Kubernetes, AWS, Ansible, and general she