The code to the SGX-ROP paper
☆185Apr 4, 2020Updated 5 years ago
Alternatives and similar repositories for sgxrop
Users that are interested in sgxrop are comparing it to the libraries listed below
Sorting:
- Clang instrumentation module for tracing variable and buffer comparisons in C/C++ and saving the coverage data to .sancov files☆203Mar 14, 2019Updated 6 years ago
- Security Evaluation of Dynamic Binary Instrumentation Engines☆82Sep 1, 2018Updated 7 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆145Jul 22, 2016Updated 9 years ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by leveraging SYSCALL to perform a local privilege escalation (LPE).☆118Aug 8, 2018Updated 7 years ago
- A practical attack framework for precise enclave execution control☆471Jan 16, 2026Updated last month
- ☆37Jun 7, 2019Updated 6 years ago
- Virtual Machine Introspection, Tracing & Debugging☆596Feb 22, 2022Updated 4 years ago
- Small tool for generating ropchains using unicorn and z3☆198Feb 22, 2018Updated 8 years ago
- Kernel driver to fuzz Hyper-V hypercalls☆136Feb 15, 2019Updated 7 years ago
- Proof-of-concept for the ZombieLoad attack☆828Dec 24, 2021Updated 4 years ago
- ☆43Aug 30, 2018Updated 7 years ago
- ARM shellcode and exploit development - BSidesMunich 2018☆106Apr 9, 2018Updated 7 years ago
- Block Oriented Programming -- Compiler☆187Nov 5, 2020Updated 5 years ago
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes☆45Sep 2, 2023Updated 2 years ago
- ☆30Dec 4, 2018Updated 7 years ago
- A standalone AES-KW (AES Key Wrap) implementation.☆14Dec 31, 2023Updated 2 years ago
- ☆12Sep 8, 2020Updated 5 years ago
- Intel Management Engine JTAG Proof of Concept☆540Jun 12, 2020Updated 5 years ago
- Sacara VM☆123Dec 17, 2019Updated 6 years ago
- Tor anonymity network for SGX☆48Mar 4, 2019Updated 7 years ago
- SGX-Shield: Enabling Address Space Layout Randomization (ASLR) for SGX Programs☆49Apr 15, 2018Updated 7 years ago
- MapGuard is a library that enforces a security policy for mmap based page allocations.☆21Dec 14, 2025Updated 2 months ago
- Implements the POP/MOV SS (CVE-2018-8897) vulnerability by bugchecking the machine (local DoS).☆80May 10, 2018Updated 7 years ago
- Code and exercises for a workshop on z3 and angr☆234Dec 29, 2020Updated 5 years ago
- PoC for CVE-2018-18500 - Firefox Use-After-Free☆61Apr 18, 2019Updated 6 years ago
- AFL + DynamoRIO = fuzzing binaries with no source code on Linux☆247Oct 1, 2019Updated 6 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for x86 (Presented at BlackHat Asia 2017/2018, beVX 2018 and HITBSecConf 2017)☆188Jun 24, 2019Updated 6 years ago
- A fuzzing tool for closed-source binaries based on Unicorn and LibFuzzer☆344Aug 23, 2019Updated 6 years ago
- Simple Simulator of ARMv6m instructions☆17May 23, 2017Updated 8 years ago
- libdft for Intel Pin 3.x and 64 bit platform. (Dynamic taint tracking, taint analysis)☆270Feb 21, 2025Updated last year
- Detecting Spectre vulnerabilities using symbolic execution, built on angr (github.com/angr/angr)☆77Sep 23, 2022Updated 3 years ago
- Zerokit/GAPZ rootkit (non buildable and only for researching)☆185Mar 30, 2019Updated 6 years ago
- Transfer analysis data between Binary Ninja and IDA☆139Oct 16, 2025Updated 4 months ago
- A list of system papers using/about Intel SGX☆543Jul 8, 2024Updated last year
- A curated list of Hyper-V exploitation resources, fuzzing and vulnerability research.☆443Apr 11, 2025Updated 10 months ago
- PoC for CVE-2019-0888 - Use-After-Free in Windows ActiveX Data Objects (ADO)☆40Jul 9, 2019Updated 6 years ago
- Privilege Escilation training project, with an emphasis on the distinction between vulnerability research & it's exposure and exploitatio…☆35Nov 26, 2016Updated 9 years ago
- Intel x86 bare metal hypervisor for researching snapshot fuzzing ideas.☆170Dec 2, 2020Updated 5 years ago
- A tiny PoC to inject and execute code into explorer.exe with WM_SETTEXT+WM_COPYDATA+SetThreadContext☆53Apr 29, 2018Updated 7 years ago