CPU-Security/Spectre-V4-ng external links

---

GitHub - View repository

GitHub.dev - Open in online code editor

Star history - Growth chart over time

deps.dev - Dependencies and security vulnerabilities

Gitingest - Export source code for LLM usage

Repomix - Export source code for LLM usage

uithub - Export source code for LLM usage

Close

CPU-Security/Spectre-V4-ng

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

---

Copy

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/CPU-Security/Spectre-V4-ng)

Close

CPU-Security / Spectre-V4-ngView on GitHubMore

• External links
• Readme badge

The code in this project demonstrates 2 novel Spectre-V4 attacks, named as out-of-place Spectre-STL and Spectre-CTL, based on the Speculative Store Bypass (SSB) predictor and the Predictive Store Forwarding (PSF) predictor in AMD Zen3 Processores.

☆22Nov 23, 2023Updated 2 years ago

Alternatives and similar repositories for Spectre-V4-ng

Users that are interested in Spectre-V4-ng are comparing it to the libraries listed below

• scy-phy / FetchBench

  View on GitHub
  ☆20Nov 27, 2023Updated 2 years ago
• cispa / ShadowLoad

  View on GitHub
  ☆12Apr 1, 2025Updated 11 months ago
• cispa / LLCSliceReversing

  View on GitHub
  Artifact for the IEEE S&P 2025 paper: "Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage"
  ☆20Nov 25, 2025Updated 3 months ago
• cispa / BranchDifferent

  View on GitHub
  Implementation for the DIMVA'22 paper "Branch Different - Spectre Attacks on Apple Silicon"
  ☆39Jul 29, 2022Updated 3 years ago
• vusec / tlbdr

  View on GitHub
  ☆17Aug 25, 2022Updated 3 years ago
• renxida / iseedeaduops-poc

  View on GitHub
  Proof-of-concept for I See Dead Micro-Ops transient execution attack
  ☆14Nov 3, 2021Updated 4 years ago
• isec-tugraz / CollidePower

  View on GitHub
  ☆25Aug 9, 2023Updated 2 years ago
• 0xADE1A1DE / BunnyHop

  View on GitHub
  PoC for Paper: BunnyHop Exploiting the Instruction Prefetcher (USENIX Security 2023)
  ☆14Aug 17, 2023Updated 2 years ago
• mktrm / SecSMT_Artifact

  View on GitHub
  The artifact for SecSMT paper -- Usenix Security 2022
  ☆31Oct 4, 2022Updated 3 years ago
• clementine-m / msr-uncore-cbo

  View on GitHub
  This repository contains some tools to monitor the UNC_CBO_CACHE_LOOKUP event of the C-Boxes.
  ☆12Oct 11, 2017Updated 8 years ago
• vusec / inspectre-gadget

  View on GitHub
  InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets
  ☆60Feb 20, 2026Updated last week
• cispa / osiris

  View on GitHub
  Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)
  ☆65Jun 4, 2025Updated 9 months ago
• cispa / StackWarp

  View on GitHub
  Proof-of-concept for the paper "StackWarp: Breaking AMD SEV-SNP Integrity via Deterministic Stack-Pointer Manipulation through the CPU’s …
  ☆90Jan 30, 2026Updated last month
• zhangxin00 / segscope

  View on GitHub
  Proof-of-concept implementation for the paper "SegScope: Probing Fine-grained Interrupts via Architectural Footprints" (HPCA'24)
  ☆19Jan 26, 2026Updated last month
• cgvwzq / polca

  View on GitHub
  Tool for inferring cache replacement policies with automata learning. Uses LearnLib and Sketch.
  ☆16Apr 21, 2020Updated 5 years ago
• isec-tugraz / msrevelio

  View on GitHub
  ☆45Jul 19, 2023Updated 2 years ago
• cispa / indirect-meltdown

  View on GitHub
  Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…
  ☆22Sep 24, 2023Updated 2 years ago
• b-shi / PMC-PMI

  View on GitHub
  Performance Counter Measurements at the cycle granularity
  ☆18Jul 9, 2021Updated 4 years ago
• PittECEArch / AdversarialPrefetch

  View on GitHub
  ☆21Jun 17, 2022Updated 3 years ago
• hoseinyavarzadeh / Pathfinder_Attack

  View on GitHub
  Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor
  ☆21Jul 4, 2024Updated last year
• slap-flop / slap-artifacts

  View on GitHub
  This upload contains the artifacts for the paper "SLAP: Data Speculation Attacks via Load Address Prediction on Apple Silicon", to appear…
  ☆22Jan 26, 2025Updated last year
• vusec / fpvi-scsb

  View on GitHub
  Rage Against The Machine Clear: A Systematic Analysis of Machine Clears and Their Implications for Transient Execution Attacks
  ☆25Jun 11, 2021Updated 4 years ago
• comsec-group / cellift-meta

  View on GitHub
  All the tools you need to reproduce the CellIFT paper experiments
  ☆24Feb 11, 2025Updated last year
• isec-tugraz / transientfail

  View on GitHub
  Website and PoC collection for transient execution attacks
  ☆203Mar 9, 2024Updated last year
• misc0110 / PTEditor

  View on GitHub
  A small library to modify all page-table levels of all processes from user space for x86_64 and ARMv8.
  ☆278Feb 25, 2026Updated last week
• compsec-snu / specdoctor

  View on GitHub
  ☆25Mar 1, 2023Updated 3 years ago
• flowyroll / uarchsec

  View on GitHub
  ☆48Dec 19, 2018Updated 7 years ago
• FPSG-UIUC / Peek-a-Walk

  View on GitHub
  Proof-of-concept code for the IEEE S&P 2025 paper "Peek-a-Walk: Leaking Secrets via Page Walk Side Channels"
  ☆32Jul 2, 2025Updated 8 months ago
• compsec-snu / difuzz-rtl

  View on GitHub
  ☆102May 27, 2024Updated last year
• cispa / mwait

  View on GitHub
  Proof-of-concept implementation for the paper "(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channel…
  ☆27Nov 30, 2023Updated 2 years ago
• owenlly / Indirector_Artifact

  View on GitHub
  Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]
  ☆64Aug 9, 2024Updated last year
• pietroborrello / RIDL-and-ZombieLoad

  View on GitHub
  Proof-of-concept for the ZombieLoad and RIDL attacks
  ☆29May 26, 2019Updated 6 years ago
• cgvwzq / cachequery

  View on GitHub
  HW interface for memory caches
  ☆28Apr 21, 2020Updated 5 years ago
• vusec / slam

  View on GitHub
  Spectre based on Linear Address Masking
  ☆68Dec 4, 2023Updated 2 years ago
• jdmccalpin / SKX-SF-Conflicts

  View on GitHub
  Repeated access to L2-containable loops to look for snoop filter conflicts on Intel Skylake Xeon processors.
  ☆29Aug 17, 2018Updated 7 years ago
• jprx / PacmanPatcher

  View on GitHub
  Patch your macOS kernel to enable support for the high-resolution timers on M1
  ☆38May 8, 2025Updated 9 months ago
• compsec-snu / tiktag

  View on GitHub
  TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)
  ☆85Nov 25, 2024Updated last year
• KULeuven-COSIC / PRIME-SCOPE

  View on GitHub
  The open-source component of Prime+Scope, published at CCS 2021
  ☆37Jul 18, 2023Updated 2 years ago
• FPSG-UIUC / augury

  View on GitHub
  Using Data Memory-Dependent Prefetchers to Leak Data at Rest
  ☆38Sep 6, 2022Updated 3 years ago