jprx / PacmanFinder
A Ghidra static analysis tool for locating PACMAN Gadgets
☆12Updated 2 years ago
Related projects ⓘ
Alternatives and complementary repositories for PacmanFinder
- An IOKit kext designed for microarchitectural security research on M1☆32Updated 2 years ago
- Defeating Pointer Authentication on the Apple M1 with Hardware Attacks☆34Updated 2 years ago
- M1 bare metal project in Rust☆28Updated 2 years ago
- Materials from the DEF CON 30 talk on PACMAN☆28Updated 2 years ago
- Patch your macOS kernel to enable support for the high-resolution timers on M1☆23Updated 8 months ago
- Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor☆16Updated 4 months ago
- Intel Management Engine JTAG Proof of Concept - 2022 Instructions☆32Updated 2 years ago
- A Hybrid Alias Analysis☆18Updated last year
- Binary Ninja plugin for visualizing coverage over time☆25Updated 2 years ago
- KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling☆33Updated 4 years ago
- BigMap integration on AFL++☆15Updated 3 years ago
- binary ninja related code☆24Updated 2 years ago
- A tool combining DWARF info and source to search for kernel heap objects☆22Updated 8 months ago
- Progressive Scrutiny: Incremental Detection of UBI bugs in the Linux Kernel☆29Updated 2 years ago
- A cheat sheet that summarises "strategies" (or techniques) to use with angr.☆29Updated 3 years ago
- Source code of a few LLVM passes that I wrote to learn and that now I am sharing for my LLVM course for security engineering☆27Updated 2 years ago
- Linux kernel branches for confidential compute research☆16Updated last month
- Supporting Materials for “Symbolic Triage” blog post☆24Updated 2 years ago
- Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)☆26Updated last year
- A Unit-Based Symbolic Execution Method for Detecting Memory Corruption Vulnerabilities in Executable Codes☆43Updated last year
- ☆34Updated last year
- Practical Data-Only Attack Generation☆27Updated 5 months ago
- Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)☆54Updated 2 years ago
- Group coding repository of PltCov, a tool to instrument ELF binaries for fuzzing with ngram coverage of imported APIs☆12Updated 2 years ago
- Target components for kAFL/Nyx Fuzzer☆26Updated 2 months ago
- ASPFuzz: Fuzzing the AMD SP's ROM bootloader with LibAFL using QEMU full-system emulation☆27Updated last year
- Symbolic execution for RISC-V machine code based on the formal LibRISCV ISA model☆42Updated 4 months ago
- Uncovering Container Confusion in the Linux Kernel☆43Updated 8 months ago
- Repository for synthCT framework (NDSS'22)☆10Updated 2 years ago
- OSS-Fuzz Public Corpora Crawler☆22Updated last year