compsec-snu / tiktagLinks
TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)
☆85Updated last year
Alternatives and similar repositories for tiktag
Users that are interested in tiktag are comparing it to the libraries listed below
Sorting:
- InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets☆59Updated last week
- Artefacts for: "VMScape: Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud Environments"☆36Updated 3 months ago
- Revizor - Hardware fuzzing for the age of speculation�☆180Updated 3 weeks ago
- Using Malicious #VC Interrupts to Break AMD SEV-SNP (IEEE S&P 2024)☆26Updated last year
- Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 20…☆65Updated last year
- Student Starter Code for Secure Hardware Design at MIT☆87Updated last week
- Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)☆65Updated 8 months ago
- Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)☆33Updated 2 years ago
- Breaking Confidential VMs with Malicious Interrupts (USENIX Security 2024)☆34Updated last year
- Constantine is a compiler-based system to automatically harden programs against microarchitectural side channels☆82Updated 3 months ago
- Using Data Memory-Dependent Prefetchers to Leak Data at Rest☆38Updated 3 years ago
- Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel☆58Updated last year
- Pre-Silicon Hardware Fuzzing Toolkit☆61Updated 5 months ago
- Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]☆64Updated last year
- Training in Transient Execution and PhantomCALL, from Inception (SEC'23) Artifacts.☆41Updated last year
- Proof-of-concept code for the IEEE S&P 2025 paper "Peek-a-Walk: Leaking Secrets via Page Walk Side Channels"☆32Updated 7 months ago
- ☆30Updated last year
- Microarchitectural attack development frameworks for prototyping attacks in native code (C, C++, ASM) and in the browser☆62Updated 3 years ago
- Spectre based on Linear Address Masking☆68Updated 2 years ago
- ☆75Updated last year
- Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…☆22Updated 2 years ago
- Source code & scripts for experimental characterization and real-system demonstration of RowPress, a widespread read disturbance phenomen…☆37Updated 2 years ago
- A tool for detecting Spectre vulnerabilities through fuzzing☆46Updated 4 years ago
- Artifacts for "ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms" (USENIX Security '24).☆59Updated 7 months ago
- Arbitrary Speculative Code Execution with Return Instructions☆176Updated 2 years ago
- Open-source release of "Last-Level Cache Side-Channel Attacks Are Feasible in the Modern Public Cloud" (ASPLOS '24)☆34Updated 10 months ago
- Proof-of-concept for the GhostWrite CPU bug.☆118Updated last year
- ☆38Updated 3 years ago
- This repository contains exploit and reverse-engineering source code regarding the Spectre-BHB/Branch History Injection vulnerability☆121Updated 3 years ago
- This repository contains several tools to perform Prefetch Side-Channel Attacks☆63Updated 8 years ago