nccgroup / cachegrab
a tool designed to help perform and visualize trace-driven cache attacks against software in the secure world of TrustZone-enabled ARMv8 cores
☆79Updated 5 years ago
Alternatives and similar repositories for cachegrab:
Users that are interested in cachegrab are comparing it to the libraries listed below
- Qualcomm TrustZone kernel privilege escalation☆63Updated 8 years ago
- Exploiting the Semantic Gap in Trusted Execution Environments☆55Updated 5 years ago
- QSEE Shellcode to directly hijack the "Normal World" Linux Kernel☆54Updated 8 years ago
- Fuzzing utility which enables sending arbitrary SCMs to TrustZone☆61Updated 9 years ago
- Dump privileged ARM system registers from usermode using variant 3a of Meltdown☆242Updated 7 years ago
- Kernel Address Isolation to have Side-channels Efficiently Removed☆216Updated 3 years ago
- Building Distributed Enclave Applications with Sancus and SGX☆13Updated 4 years ago
- Differential fault analysis framework for AES128☆48Updated 11 years ago
- ☆73Updated 6 years ago
- Modifications in the qseecom driver which enable FuzzZone to operate☆23Updated 2 years ago
- QSEE Privilege Escalation Exploit using PRDiag* commands (CVE-2015-6639)☆119Updated 5 years ago
- Emulation and Feedback Fuzzing of Firmware with Memory Sanitization☆160Updated 3 years ago
- Experimental version of QEMU with basic support for ARM TrustZone (security extensions)☆84Updated 11 years ago
- Android user space components for the Trustonic Trusted Execution Environment☆35Updated 9 years ago
- Automated Return-Oriented Programming Chaining☆83Updated 8 years ago
- Exploitation techniques to bypass Clang CFI when applied to Chromium☆113Updated 7 years ago
- Shadow-Box: Lightweight and Practical Kernel Protector for ARM (Presented at BlackHat Asia 2018)☆72Updated 6 years ago
- ☆28Updated 2 years ago
- An IDA file loader for Mobicore trustlet and driver binaries☆59Updated 5 years ago
- Debugger for the Shannon Baseband☆58Updated 4 years ago
- A Tale of Two Worlds: Assessing the Vulnerability of Enclave Shielding Runtimes☆45Updated last year
- Linux Kernel Source Tree Reducer☆80Updated 4 months ago
- Accompanying material for C-FLAT: Control Flow Attestation for Embedded Systems Software☆42Updated 8 years ago
- Huawei mate 7 TrustZone exploit☆111Updated 9 years ago
- ☆55Updated 2 years ago
- Standalone C version of the MSM8974 TrustZone exploit☆27Updated 4 years ago
- Differential Address Trace Analysis☆55Updated 11 months ago
- ropc-llvm is a PoC of a Turing complete ROP compiler with support for a subset of LLVM IR. It is an extension of ropc.☆67Updated 11 years ago
- Reverse-engineering tools and exploits for Samsung's implementation of TrustZone☆148Updated 5 years ago
- K-Hunt: Pinpointing Insecure Crypto Keys☆44Updated 6 years ago