Reverse Engineering Page Table Caches in Your Processor
☆374May 5, 2021Updated 4 years ago
Alternatives and similar repositories for revanc
Users that are interested in revanc are comparing it to the libraries listed below. We may earn a commission when you buy through links labeled 'Ad' on this page.
Sorting:
- Tool for testing and finding minimal eviction sets☆106May 6, 2021Updated 4 years ago
- This framework is for fuzzing OSX kernel vulnerability based on passive inline hook mechanism in kernel mode.☆229Oct 18, 2017Updated 8 years ago
- Streamline Covert Channel Attack (presented in ASPLOS'21)☆22Feb 18, 2021Updated 5 years ago
- The DrK Attack - Proof of concept☆348Mar 13, 2022Updated 4 years ago
- ☆387Oct 28, 2019Updated 6 years ago
- ☆153Oct 18, 2018Updated 7 years ago
- PoC for breaking hypervisor ASLR using branch target buffer collisions☆167Sep 24, 2016Updated 9 years ago
- Code to evaluate XLATE attacks as well existing cache attacks.☆31Aug 17, 2018Updated 7 years ago
- HW interface for memory caches☆28Apr 21, 2020Updated 5 years ago
- AFL/QEMU fuzzing with full-system emulation.☆641Sep 9, 2018Updated 7 years ago
- A list of my CVE's with POCs☆682Dec 15, 2020Updated 5 years ago
- full exploit of pwnfest2016, slide and full text of syscan2017☆165Jun 14, 2017Updated 8 years ago
- ☆28Aug 4, 2022Updated 3 years ago
- Kernel Address Isolation to have Side-channels Efficiently Removed☆223Dec 24, 2021Updated 4 years ago
- ☆114Oct 3, 2017Updated 8 years ago
- Triton based R2 plugin for concolic execution and total control☆33Nov 26, 2018Updated 7 years ago
- specific fuzzers based on AFL and fuzzing results☆41Oct 22, 2016Updated 9 years ago
- Full exploit of CVE-2016-6754(BadKernel) and slide of SyScan360 2016☆152Nov 28, 2016Updated 9 years ago
- ☆236May 31, 2018Updated 7 years ago
- ☆32Nov 15, 2017Updated 8 years ago
- A Bochs-based instrumentation project designed to log kernel memory references, to identify "double fetches" and other OS vulnerabilities☆345May 5, 2019Updated 6 years ago
- BrundleFuzz is a distributed fuzzer for Windows and Linux using dynamic binary instrumentation.☆82Sep 10, 2016Updated 9 years ago
- This repository contains several tools to perform Prefetch Side-Channel Attacks☆62Feb 22, 2017Updated 9 years ago
- aflpin enables afl to fuzz blackbox binaries using a pin tool to trace execution branches.☆172Jan 27, 2015Updated 11 years ago
- Xenpwn is a toolkit for memory access tracing using hardware-assisted virtualization☆145Jul 22, 2016Updated 9 years ago
- Proof-of-Concept exploit for Edge bugs (CVE-2016-7200 & CVE-2016-7201)☆140Jan 4, 2017Updated 9 years ago
- This repository contains several tools to perform Cache Template Attacks☆165Nov 11, 2025Updated 4 months ago
- A linux system call fuzzer using TriforceAFL☆177Feb 28, 2024Updated 2 years ago
- Cross Platform Kernel Fuzzer Framework☆457Oct 11, 2018Updated 7 years ago
- Loading unsigned code into kernel in Windows 10 (64) with help of VMware Workstation Pro/Player design flaw☆141Apr 4, 2017Updated 8 years ago
- Native binary for testing Android phones for the Rowhammer bug☆490Jun 27, 2018Updated 7 years ago
- Public Android Vulnerability Information (CVE PoCs etc)☆88Apr 3, 2017Updated 8 years ago
- Old mitigation-bounty code that was applicable to edge before it use webkit/chrome☆87Dec 19, 2016Updated 9 years ago
- Microarchitectural attack development frameworks for prototyping attacks in native code (C, C++, ASM) and in the browser☆63Aug 7, 2022Updated 3 years ago
- An amd64 symbolic emulator☆314Aug 28, 2021Updated 4 years ago
- I Know Where Your Page Lives: Derandomizing the latest Windows 10 Kernel - ZeroNights 2016☆172Dec 7, 2016Updated 9 years ago
- Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits☆415Jan 2, 2020Updated 6 years ago
- Proof-of-Concept exploit for jscript9 bug (MS16-063) with CFG Bypass☆40Dec 28, 2016Updated 9 years ago
- ☆14Jun 30, 2015Updated 10 years ago