CactiLab / ret2ns-Cortex-M-TrustZoneLinks
This repo demonstrates the Return-to-Non-Secure (ret2ns) vulnerability on ARM Cortex-M TrustZone. It contains the attack and defense demonstration, as well as the defense overhead evaluation.
☆32Updated last year
Alternatives and similar repositories for ret2ns-Cortex-M-TrustZone
Users that are interested in ret2ns-Cortex-M-TrustZone are comparing it to the libraries listed below
Sorting:
- Proof-of-concept for the GhostWrite CPU bug.☆115Updated 11 months ago
- ☆74Updated last year
- Pre-Silicon Hardware Fuzzing Toolkit☆58Updated last month
- Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…☆22Updated last year
- Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)☆58Updated 2 months ago
- Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]☆61Updated 11 months ago
- Proof-of-concept implementation for the paper "Hammulator: Simulate Now - Exploit Later" (DRAMSec 2023)☆17Updated 2 years ago
- Symbolic execution for RISC-V machine code based on the formal LibRISCV ISA model☆50Updated 2 months ago
- Spectre based on Linear Address Masking☆69Updated last year
- SyzTrust's main repository. Start here to install.☆17Updated last year
- Uncovering Container Confusion in the Linux Kernel☆44Updated last year
- Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor☆17Updated last year
- ☆17Updated last year
- ☆26Updated last year
- InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets☆54Updated 3 months ago
- Microarchitectural exploitation and other hardware attacks.☆92Updated last year
- Artifact evaluation of paper: MorFuzz: Fuzzing Processor via Runtime Instruction Morphing enhanced Synchronizable Co-simulation☆30Updated 3 months ago
- ☆56Updated last year
- An open-source deterministic fault attack simulator prototype☆60Updated 4 years ago
- ☆21Updated last year
- RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections☆60Updated last year
- ☆182Updated last year
- Practical Data-Only Attack Generation☆40Updated last year
- ☆17Updated 8 months ago
- ASPFuzz: Fuzzing the AMD SP's ROM bootloader with LibAFL using QEMU full-system emulation☆29Updated 2 years ago
- Same-Architecture Firmware Rehosting and Fuzzing☆126Updated 7 months ago
- High performance fuzzing using riscv to x86 binary translations and modern fuzzing techniques☆153Updated last year
- ☆39Updated 2 years ago
- Constantine is a compiler-based system to automatically harden programs against microarchitectural side channels☆74Updated 2 years ago
- Proof-of-concept implementation for the paper "A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs" (IEEE S&P 2023)☆69Updated 4 months ago