Revizor - a fuzzer to search for microarchitectural leaks in CPUs

Fuzzer that searches for vulnerabilities like Spectre and Meltdown in CPUs

Binsec/Haunted is an extension of Binsec to verify speculative constant-time and detect Spectre attacks.

Proof of Concept implementation + Brief Tutorial of the Meltdown and Spectre attacks [+ Flush/Realod]

Spectre-based Meltdown attack (i.e. 2-in1) proof of concept in 99 lines of code. For more details see 'The Spectre of Meltdowns' presentation:

Variant 1 of the Spectre attack which is to bypass the bounds checks in the target process and retrieve the private data. Here in this example, I have demonstrated how to retrieve a string data using the attack.

String and memory handling functions based around the Spectre misfeature

Benchmarks for Binsec/Rel tool.

Advanced Computer Architecture at EPFL.

A simple implementation of spectre vulnerability using Go

Survey paper exploring Meltdown and Spectre vulnerabilities, accompanied by practical proof-of-concept (PoC) implementations for deeper understanding.

🕹️👻This fork of burntmacncheese's project checks your Windows workstation or server for it's vulnerability to Spectre / Meltdown. This version doesn't query Active Directory and is intended to work as a Configuration Baseline for SCCM 2012.

InSpectre allows you to detect whether your CPU is affected by the Meltdown/Spectre vulnerability.

A distillation of the Spectre and Meltdown vulnerabilities.

Spectre attack variant 1 is used here to extract an image data buffer from a program. The output image data is then decoded and median filters are applied to remove the hot pixels in the output image. Here I have included files for RGB and base64 format.

MSc. thesis on the detection of Spectre-like vulnerabilities in AES modes of operation in OpenSSL

A bibliography of hardware vulnerabilities.

A simple demo of the Spectre vulnerability

Constant-time big number library resistant to Spectre v1 written in Jasmin