vusec / inspectre-gadget
InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets
☆44Updated last month
Related projects ⓘ
Alternatives and complementary repositories for inspectre-gadget
- Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…☆20Updated last year
- Using Malicious #VC Interrupts to Break AMD SEV-SNP (IEEE S&P 2024)☆22Updated 6 months ago
- Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 20…☆57Updated 3 months ago
- Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]☆56Updated 3 months ago
- A tool to enable fuzzing for Spectre vulnerabilities☆30Updated 4 years ago
- Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)☆54Updated 2 years ago
- Medusa Repository: Transynther tool and Medusa Attack☆20Updated 4 years ago
- Proof-of-concept for the GhostWrite CPU bug.☆103Updated 3 months ago
- Spectre based on Linear Address Masking☆65Updated 11 months ago
- ☆12Updated 2 years ago
- TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)☆52Updated last month
- Pre-Silicon Hardware Fuzzing Toolkit☆53Updated 3 weeks ago
- Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)☆26Updated last year
- ☆65Updated 8 months ago
- Using Data Memory-Dependent Prefetchers to Leak Data at Rest☆32Updated 2 years ago
- A tool for detecting Spectre vulnerabilities through fuzzing☆35Updated 3 years ago
- Tool to Analyze Speculative Execution Attacks and Mitigations☆53Updated 2 years ago
- Arbitrary Speculative Code Execution with Return Instructions☆153Updated 9 months ago
- Constantine is a compiler-based system to automatically harden programs against microarchitectural side channels☆69Updated last year
- Pathfinder: High-Resolution Control-Flow Attacks Exploiting the Conditional Branch Predictor☆16Updated 4 months ago
- Breaking Confidential VMs with Malicious Interrupts (USENIX Security 2024)☆25Updated 6 months ago
- Kasper: Scanning for Generalized Transient Execution Gadgets in the Linux Kernel☆56Updated 6 months ago
- ☆23Updated 9 months ago
- This repo demonstrates the Return-to-Non-Secure (ret2ns) vulnerability on ARM Cortex-M TrustZone. It contains the attack and defense demo…☆29Updated 7 months ago
- Microarchitectural attack development frameworks for prototyping attacks in native code (C, C++, ASM) and in the browser☆60Updated 2 years ago
- ☆34Updated last year
- Proof-of-concept implementation for the paper "Hammulator: Simulate Now - Exploit Later" (DRAMSec 2023)☆11Updated last year
- ☆14Updated 11 months ago
- Source code & scripts for experimental characterization and real-system demonstration of RowPress, a widespread read disturbance phenomen…☆30Updated 10 months ago
- Proof-of-concept implementation for the paper "(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channel…☆22Updated 11 months ago