comsec-group/retbleed

Readme badge preview -

If you own this repo, copy the snippet below and add it to your README.md

[![RelatedRepos](https://img.shields.io/badge/related-repos-yellow)](https://relatedrepos.com/gh/comsec-group/retbleed)

comsec-group / retbleed

Arbitrary Speculative Code Execution with Return Instructions

☆176

Alternatives and similar repositories for retbleed

Users that are interested in retbleed are comparing it to the libraries listed below

Sorting:

cispa / CacheWarp
View on GitHub
Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 20…
☆63Aug 12, 2024Updated last year
vusec / bhi-spectre-bhb
View on GitHub
This repository contains exploit and reverse-engineering source code regarding the Spectre-BHB/Branch History Injection vulnerability
☆121Apr 12, 2022Updated 3 years ago
comsec-group / vmscape
View on GitHub
Artefacts for: "VMScape: Exposing and Exploiting Incomplete Branch Predictor Isolation in Cloud Environments"
☆37Oct 17, 2025Updated 5 months ago
vusec / ghostrace
View on GitHub
☆76Mar 11, 2024Updated 2 years ago
HexHive / specrop
View on GitHub
Code repository for experiments in SpecROP paper
☆13Sep 3, 2021Updated 4 years ago
cispa / Microarchitectural-Hash-Function-Recovery
View on GitHub
Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)
☆33Aug 30, 2023Updated 2 years ago
comsec-group / inception
View on GitHub
Training in Transient Execution and PhantomCALL, from Inception (SEC'23) Artifacts.
☆40Feb 19, 2024Updated 2 years ago
FPSG-UIUC / augury
View on GitHub
Using Data Memory-Dependent Prefetchers to Leak Data at Rest
☆39Sep 6, 2022Updated 3 years ago
vusec / slam
View on GitHub
Spectre based on Linear Address Masking
☆68Dec 4, 2023Updated 2 years ago
owenlly / Indirector_Artifact
View on GitHub
Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]
☆64Aug 9, 2024Updated last year
winter2020 / oo7
View on GitHub
oo7, a binary analysis tool to defend against Spectre vulnerabilities
☆34Oct 16, 2020Updated 5 years ago
vusec / inspectre-gadget
View on GitHub
InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets
☆60Feb 20, 2026Updated last month
jprx / DEFCON30-PACMAN
View on GitHub
Materials from the DEF CON 30 talk on PACMAN
☆34Oct 28, 2022Updated 3 years ago
comsec-group / zenhammer
View on GitHub
Artifacts for "ZenHammer: Rowhammer Attacks on AMD Zen-based Platforms" (USENIX Security '24).
☆60Jun 19, 2025Updated 9 months ago
microsoft / side-channel-fuzzer
View on GitHub
Revizor - Hardware fuzzing for the age of speculation
☆182Mar 4, 2026Updated 2 weeks ago
FPSG-UIUC / Peek-a-Walk
View on GitHub
Proof-of-concept code for the IEEE S&P 2025 paper "Peek-a-Walk: Leaking Secrets via Page Walk Side Channels"
☆32Jul 2, 2025Updated 8 months ago
scy-phy / FetchBench
View on GitHub
☆20Nov 27, 2023Updated 2 years ago
0vercl0k / kdmp-parser-rs
View on GitHub
A KISS Rust crate to parse Windows kernel crash-dumps created by Windows & its debugger.
☆42Jan 2, 2026Updated 2 months ago
HexHive / SMoTherSpectre
View on GitHub
Proof-of-concept code for the SMoTherSpectre exploit.
☆77Nov 12, 2019Updated 6 years ago
isec-tugraz / transientfail
View on GitHub
Website and PoC collection for transient execution attacks
☆203Mar 9, 2024Updated 2 years ago
FPSG-UIUC / Pandora
View on GitHub
Opening Pandora's Box: A Systematic Study of New Ways Microarchitecture can Leak Private Data
☆20Oct 13, 2022Updated 3 years ago
flowyroll / uarchsec
View on GitHub
☆48Dec 19, 2018Updated 7 years ago
jevinskie / jevmachopp
View on GitHub
Modern C++, range-based Mach-O parser designed for embedded use. Uses stack allocations only.
☆34Oct 31, 2022Updated 3 years ago
mktrm / SecSMT_Artifact
View on GitHub
The artifact for SecSMT paper -- Usenix Security 2022
☆31Oct 4, 2022Updated 3 years ago
fugue-re / fugue-core
View on GitHub
A binary analysis framework written in Rust.
☆178Mar 1, 2026Updated 3 weeks ago
D4stiny / ExceptionOrientedProgramming
View on GitHub
Abusing exceptions for code execution.
☆112Jan 30, 2023Updated 3 years ago
libtea / frameworks
View on GitHub
Microarchitectural attack development frameworks for prototyping attacks in native code (C, C++, ASM) and in the browser
☆63Aug 7, 2022Updated 3 years ago
isec-tugraz / AEPIC
View on GitHub
☆113Jul 16, 2023Updated 2 years ago
mistymntncop / CVE-2024-7971
View on GitHub
☆34Apr 14, 2025Updated 11 months ago
trailofbits / binrec-tob
View on GitHub
BinRec: Dynamic Binary Lifting and Recompilation
☆149Sep 18, 2023Updated 2 years ago
hw-sw-contracts / revizor
View on GitHub
Fuzzer that searches for vulnerabilities like Spectre and Meltdown in CPUs
☆40Dec 14, 2022Updated 3 years ago
zzrcxb / LLCFeasible
View on GitHub
Open-source release of "Last-Level Cache Side-Channel Attacks Are Feasible in the Modern Public Cloud" (ASPLOS '24)
☆34Feb 13, 2026Updated last month
MarginResearch / cannoli
View on GitHub
High-performance QEMU memory and instruction tracing
☆554Jul 26, 2024Updated last year
therealdreg / cgaty
View on GitHub
Hooking the GDT - Installing a Call Gate. POC for Rootkit Arsenal Book Second Edition (version 2022)
☆73Aug 11, 2023Updated 2 years ago
mechanicalnull / phantasm
View on GitHub
Binary Ninja plugin for visualizing coverage over time
☆25Jan 15, 2022Updated 4 years ago
comsec-group / bprc
View on GitHub
☆74Sep 3, 2025Updated 6 months ago
pietroborrello / CustomProcessingUnit
View on GitHub
The first analysis framework for CPU microcode
☆412Mar 13, 2023Updated 3 years ago
PistonMiner / binaryninja-bindiff-viewer
View on GitHub
☆80Jul 26, 2022Updated 3 years ago
intel / unicorn-for-efi
View on GitHub
Unicorn Engine port for UEFI firmware
☆50Mar 25, 2025Updated 11 months ago