jprx / PacmanAttackLinks
Defeating Pointer Authentication on the Apple M1 with Hardware Attacks
☆43Updated 2 years ago
Alternatives and similar repositories for PacmanAttack
Users that are interested in PacmanAttack are comparing it to the libraries listed below
Sorting:
- An IOKit kext designed for microarchitectural security research on M1☆43Updated 2 years ago
- M1 bare metal project in Rust☆31Updated 2 years ago
- A Ghidra static analysis tool for locating PACMAN Gadgets☆13Updated 2 years ago
- Materials from the DEF CON 30 talk on PACMAN☆33Updated 2 years ago
- Official Solution and Source Code for the "Mock Kernel" challenge from UIUCTF 2023☆48Updated last year
- Patch your macOS kernel to enable support for the high-resolution timers on M1☆32Updated last month
- TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)☆76Updated 7 months ago
- Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]☆61Updated 10 months ago
- ☆57Updated 3 months ago
- Using Data Memory-Dependent Prefetchers to Leak Data at Rest☆36Updated 2 years ago
- Student Starter Code for Secure Hardware Design at MIT☆76Updated last year
- Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor☆17Updated 11 months ago
- InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets☆53Updated 2 months ago
- ☆74Updated last year
- Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)☆30Updated last year
- Proof-of-concept implementation for the paper "Reviving Meltdown 3a" (ESORICS 2023)☆15Updated last year
- Medusa Repository: Transynther tool and Medusa Attack☆21Updated 4 years ago
- Practical fuzzing tutorials and training☆30Updated 11 months ago
- Code of KextFuzz: Fuzzing macOS Kernel EXTensions on Apple Silicon via Exploiting Mitigations (USENIX Security'23)☆79Updated last year
- A migration for the page table entry based side-channel attack agains SGX enclaves.☆17Updated 4 months ago
- Memory Tagging ISA extension that can be used by software to enforce memory tag checks on memory loads and stores☆16Updated last week
- A tool combining DWARF info and source to search for kernel heap objects☆24Updated last year
- Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)☆57Updated 3 weeks ago
- Materials for my DMA attacks talk and a collection of related links☆53Updated last year
- Pre-Silicon Hardware Fuzzing Toolkit☆57Updated this week
- Revizor - a fuzzer to search for microarchitectural leaks in CPUs☆136Updated last week
- ☆25Updated last year
- Proof-of-concept code for the IEEE S&P 2025 paper "Peek-a-Walk: Leaking Secrets via Page Walk Side Channels"☆19Updated 4 months ago
- Opening Pandora's Box: A Systematic Study of New Ways Microarchitecture can Leak Private Data☆21Updated 2 years ago
- Using Malicious #VC Interrupts to Break AMD SEV-SNP (IEEE S&P 2024)☆24Updated last year