vusec / slamLinks
Spectre based on Linear Address Masking
☆69Updated last year
Alternatives and similar repositories for slam
Users that are interested in slam are comparing it to the libraries listed below
Sorting:
- ☆74Updated last year
- InSpectre Gadget: in-depth inspection and exploitability analysis of Spectre disclosure gadgets☆53Updated 2 months ago
- Uncovering Container Confusion in the Linux Kernel☆44Updated last year
- Proof-of-concept for the GhostWrite CPU bug.☆114Updated 10 months ago
- Binary exploitation by confusing the unwinder☆63Updated 2 years ago
- RetSpill: Igniting User-Controlled Data to Burn Away Linux Kernel Protections☆60Updated last year
- Artifact of "Indirector: High-Precision Branch Target Injection Attacks Exploiting the Indirect Branch Predictor" [USENIX Security 2024]☆61Updated 10 months ago
- ☆57Updated 3 months ago
- ☆15Updated 6 months ago
- VirtFuzz is a Linux Kernel Fuzzer that uses VirtIO to provide inputs into the kernels subsystem. It is built with LibAFL.☆122Updated last year
- A hacky tool for analysing linux kernel commits☆37Updated 2 years ago
- Kernel Read Write Execute☆43Updated 5 months ago
- Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 20…☆63Updated 10 months ago
- Damn Vulenerable Kernel Module for kernel fuzzing☆62Updated 8 months ago
- This repository contains exploit and reverse-engineering source code regarding the Spectre-BHB/Branch History Injection vulnerability☆117Updated 3 years ago
- Linux kernel privilege escalation techniques☆138Updated 10 months ago
- Same-Architecture Firmware Rehosting and Fuzzing☆126Updated 6 months ago
- Proof-of-concept implementation for the paper "Hammulator: Simulate Now - Exploit Later" (DRAMSec 2023)☆17Updated 2 years ago
- Easy way to run a LLVM instrumented kernel in qemu with gdb☆22Updated last year
- TikTag: Breaking ARM's Memory Tagging Extension with Speculative Execution (IEEE S&P 2025)☆76Updated 7 months ago
- ☆36Updated last year
- CTF pwn problem writeup☆39Updated 2 years ago
- ☆135Updated last year
- Training in Transient Execution and PhantomCALL, from Inception (SEC'23) Artifacts.☆36Updated last year
- Scaling best-practice AFLPlusPlus fuzzing campaigns made easy and more☆65Updated last month
- Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (…☆22Updated last year
- Arbitrary Speculative Code Execution with Return Instructions☆162Updated last year
- ☆64Updated last month
- A migration for the page table entry based side-channel attack agains SGX enclaves.☆17Updated 4 months ago
- Blogpost about optimizing binary-only fuzzing with AFL++☆64Updated last year