comsec-group / retbleed
Arbitrary Speculative Code Execution with Return Instructions
☆157Updated last year
Alternatives and similar repositories for retbleed:
Users that are interested in retbleed are comparing it to the libraries listed below
- Ghidra Processor Module to disassemble and decompile the x86 Intel Atom microcode☆79Updated 2 years ago
- This repository contains exploit and reverse-engineering source code regarding the Spectre-BHB/Branch History Injection vulnerability☆113Updated 2 years ago
- ☆112Updated last year
- A Rowhammer fuzzer for AMD Zen-based systems (USENIX Security '24).☆48Updated this week
- Fast, parallel, cross-variant ROP/JOP gadget search for x86/x64 binaries.☆89Updated last year
- ☆71Updated last year
- A snapshotting, coverage-guided fuzzer for software (UEFI, Kernel, firmware, BIOS) built on SIMICS☆296Updated this week
- ☆83Updated 6 months ago
- Binarly Vulnerability Research Advisories☆171Updated 3 months ago
- The first analysis framework for CPU microcode☆390Updated 2 years ago
- ☆154Updated 2 months ago
- InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets☆50Updated 3 weeks ago
- ☆114Updated last year
- Ariadne: Binary Ninja Graph Analysis Plugin☆88Updated last month
- Explore a live Linux kernel's memory using GDB☆114Updated 2 years ago
- ☆178Updated last year
- Kernel Address Space Layout Derandomization (KASLD) - A collection of various techniques to infer the Linux kernel base virtual address a…☆435Updated 11 months ago
- ☆92Updated 9 months ago
- VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.☆119Updated 9 months ago
- libLISA: Instruction Discovery and Analysis on x86-64☆104Updated last month
- Highly advanced Linux anti-exploitation and anti-tamper binary protector for ELF.☆155Updated 2 years ago
- Snapshot-based coverage-guided windows kernel fuzzer☆317Updated 3 years ago
- ☆132Updated 4 years ago
- An awesome & curated list of binary rewriting papers☆229Updated 2 years ago
- TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)☆61Updated 3 months ago
- A bare-metal x86 instruction set fuzzer a la Sandsifter☆65Updated last year
- Triton-based DSE library with loading and exploration capabilities (and more!)☆114Updated 3 months ago
- Spectre based on Linear Address Masking☆68Updated last year
- The report and the exploit of CVE-2021-26943, the kernel-to-SMM local privilege escalation vulnerability in ASUS UX360CA BIOS version 303…☆138Updated 3 years ago