Proof of concepts for speculative attacks using the BOOM core (https://github.com/riscv-boom/riscv-boom)
☆68Oct 18, 2019Updated 6 years ago
Alternatives and similar repositories for boom-attacks
Users that are interested in boom-attacks are comparing it to the libraries listed below
Sorting:
- Test suite containing a reproduction of all major transient-execution attacks in RISC-V and CHERI-RISC-V assembly☆17Jun 7, 2021Updated 4 years ago
- Proof-of-concept implementation for the paper "A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs" (IEEE S&P 2023)☆82Nov 10, 2025Updated 3 months ago
- SonicBOOM Spectre Attacks☆10Jul 18, 2021Updated 4 years ago
- This repository contains the verification suite for verifying Berkeley Out-of-Order Machine (BOOM) against transient execution attacks ba…☆21Mar 2, 2023Updated 3 years ago
- Wavious Wlink☆12Oct 28, 2021Updated 4 years ago
- Iodine: Verifying Constant-Time Execution of Hardware☆15Mar 29, 2021Updated 4 years ago
- Gem5 implementation of "InvisiSpec", a defense mechanism of speculative execution attacks on cache hierarchy.☆61Apr 27, 2020Updated 5 years ago
- Proof of Concept of exploit against Spectre Variant 2 Vulnerability☆23May 23, 2020Updated 5 years ago
- All the tools you need to reproduce the CellIFT paper experiments☆24Feb 11, 2025Updated last year
- PoC for Paper: BunnyHop Exploiting the Instruction Prefetcher (USENIX Security 2023)☆14Aug 17, 2023Updated 2 years ago
- Fast TLB simulator for RISC-V systems☆16May 16, 2019Updated 6 years ago
- Custom extensions to the RISC-V isa simulator for the UCB-BAR ESP project☆17Nov 27, 2022Updated 3 years ago
- A behavioural cache model for analysing the cache behaviour under side-channel attack.☆28Jun 25, 2025Updated 8 months ago
- This repository contains the hardware design source files of the Hex Five X300 RISC-V SoC. The X300 is Hex Five's official reference HW p…☆32Jan 23, 2024Updated 2 years ago
- Opening Pandora's Box: A Systematic Study of New Ways Microarchitecture can Leak Private Data☆20Oct 13, 2022Updated 3 years ago
- ☆10Nov 14, 2022Updated 3 years ago
- Methodology that leverages FPV to automatically discover covert channels in hardware that is time-shared between processes. AutoCC operat…☆22Oct 25, 2024Updated last year
- Website and PoC collection for transient execution attacks☆203Mar 9, 2024Updated last year
- ☆25Mar 1, 2023Updated 3 years ago
- Streamline Covert Channel Attack (presented in ASPLOS'21)☆22Feb 18, 2021Updated 5 years ago
- BUSted!!! Microarchitectural Side-Channel Attacks on the MCU Bus Interconnect☆11May 21, 2024Updated last year
- A tool for checking the contract satisfaction for hardware designs☆12Nov 4, 2025Updated 4 months ago
- ☆30Feb 20, 2024Updated 2 years ago
- A tool for detecting Spectre vulnerabilities through fuzzing☆46Aug 25, 2021Updated 4 years ago
- Proof-of-concept implementation for the paper "(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channel…☆27Nov 30, 2023Updated 2 years ago
- Code repository for Coppelia tool☆23Nov 12, 2020Updated 5 years ago
- Microarchitectural exploitation and other hardware attacks.☆96Mar 25, 2024Updated last year
- A coverage library for Chisel designs☆11Mar 12, 2020Updated 5 years ago
- A fork of Yosys that integrates the CellIFT pass☆13Jul 23, 2025Updated 7 months ago
- Instruction Pointer Classifier and Dynamic Degree Stream based Hardware Cache Prefetching☆16Nov 16, 2019Updated 6 years ago
- Artifact for the IEEE S&P 2025 paper: "Rapid Reversing of Non-Linear CPU Cache Slice Functions: Unlocking Physical Address Leakage"☆20Nov 25, 2025Updated 3 months ago
- FreeRTOS for PULP☆16Jul 24, 2023Updated 2 years ago
- Microarchitectural control flow integrity (𝜇CFI) verification checks whether there exists a control or data flow from instruction's ope…☆16Feb 12, 2026Updated 3 weeks ago
- rfuzz: coverage-directed fuzzing for RTL research platform☆113May 12, 2022Updated 3 years ago
- ☆119Nov 14, 2022Updated 3 years ago
- SonicBOOM: The Berkeley Out-of-Order Machine☆2,083Feb 5, 2026Updated last month
- Circuit-level model for the Capacity-Latency Reconfigurable DRAM (CLR-DRAM) architecture. This repository contains the SPICE models of th��…☆14Sep 24, 2020Updated 5 years ago
- New Cache implementation using Gem5☆13Apr 2, 2014Updated 11 years ago
- Open-source release of "Last-Level Cache Side-Channel Attacks Are Feasible in the Modern Public Cloud" (ASPLOS '24)☆33Feb 13, 2026Updated 3 weeks ago