CISPA

Saarbrücken, Saarland, Germany

Pinned Repositories

BranchDifferent
Implementation for the DIMVA'22 paper "Branch Different - Spectre Attacks on Apple Silicon"
Language:C22 5 05
browser-cpu-fingerprinting
This repository contains the code for our paper "Browser-based CPU Fingerprinting".
Language:Jupyter Notebook35 3 06
CacheWarp
Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 2024)
Language:C53 4 12
GhostWrite
Proof-of-concept for the GhostWrite CPU bug.
Language:C100 5 116
indirect-meltdown
Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (ESORICS 2023)
Language:C19 4 00
loop-DoS
Repository for application-layer loop DoS
Language:Python29 3 16
Microarchitectural-Hash-Function-Recovery
Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)
Language:C++25 3 02
osiris
Proof-of-concept implementation for the paper "Osiris: Automated Discovery of Microarchitectural Side Channels" (USENIX Security'21)
Language:C++52 5 015
persistent-clientside-xss
Exploit generator and Taint Engine to find persistent (and reflected) client-side XSS
Language:Python26 7 16
Security-RISC
Proof-of-concept implementation for the paper "A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs" (IEEE S&P 2023)
Language:C51 6 15

CISPA's Repositories

cispa/GhostWrite
Proof-of-concept for the GhostWrite CPU bug.
Language:C100 5 116
cispa/CacheWarp
Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 2024)
Language:C53 4 12
cispa/Security-RISC
Proof-of-concept implementation for the paper "A Security RISC: Microarchitectural Attacks on Hardware RISC-V CPUs" (IEEE S&P 2023)
Language:C51 6 15
cispa/browser-cpu-fingerprinting
This repository contains the code for our paper "Browser-based CPU Fingerprinting".
Language:Jupyter Notebook35 3 06
cispa/loop-DoS
Repository for application-layer loop DoS
Language:Python29 3 16
cispa/Microarchitectural-Hash-Function-Recovery
Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)
Language:C++25 3 02
cispa/indirect-meltdown
Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (ESORICS 2023)
Language:C19 4 00
cispa/mwait
Proof-of-concept implementation for the paper "(M)WAIT for It: Bridging the Gap between Microarchitectural and Architectural Side Channels" (USENIX Security'23)
Language:C19 4 03
cispa/xs-observations
Find leaky observation channels in browsers and XS-Leaks on websites
Language:Jupyter Notebook12 3 01
cispa/hammulator
Proof-of-concept implementation for the paper "Hammulator: Simulate Now - Exploit Later" (DRAMSec 2023)
Language:C11 4 22
cispa/regcheck
Proof-of-concept implementation for the paper "Reviving Meltdown 3a" (ESORICS 2023)
Language:C10 3 00
cispa/gdpr-consent
Code for our paper: "Share First, Ask Later (or Never?) - Studying Violations of GDPR's Explicit Consent in Android Apps"
Language:Python8 3 02
cispa/login-security-landscape
Code for our 2024 IEEE S&P Paper "To Auth or Not To Auth? A Comparative Analysis of the Pre- and Post-Login Security Landscape"
Language:TypeScript8 3 13
cispa/Switchpoline
Proof-of-concept implementation for the paper "Switchpoline: A Software Mitigation for Spectre-BTB and Spectre-BHB on ARMv8" (AsiaCCS 2024)
Language:C++8 4 0
cispa/http-conformance
Code for our 2024 ACM AsiaCCS Paper "Who's Breaking the Rules? Studying Conformance to the HTTP Specifications and its Security Impact"
Language:Python5 3 01
cispa/IRQGuard
Language:C3
cispa/micsec-training
The material for the hands-on session "Turning Timing Differences into Data Leakage" at Mic-Sec 2022
Language:C3 4 00
cispa/cascading-spy-sheets
This repository contains the artifact for our paper "Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting" published at NDSS 2025.
Language:HTML2 4 0
cispa/12-angry-developers-web-applications
This repository contains our code for each version (programming language) for the Coding Task. It is a product of our work published at the 28th ACM Conference on Computer and Communications Security (CCS) in 2021.
Language:HTML1 2 01
cispa/consent-notices
Language:Python1 2 01
cispa/DNS-Applayer-DDoS-Protection
Code and datasets for protecting DNS infrastructures against application-layer DDoS attacks (EuroS&P '23 paper)
Language:Rust1 2 00
cispa/analogdevices-hdl-lib
HDL libraries and projects
Language:Verilog0 0
cispa/cva6
The CORE-V CVA6 is an Application class 6-stage RISC-V CPU capable of booting Linux
Language:Assembly0 0
cispa/cva6-sdk
CVA6 SDK containing RISC-V tools and Buildroot
Language:Makefile0 0
cispa/CVA6-Vivado-Project-with-Xilinx-AXI-Ethernet
Vivado 2023.2 project built around the CVA6 RISC-V CPU and a software stack including u-boot and embedded linux.
Language:Tcl1 0
cispa/Ethical-Server-Side-Scanning
Where Are the Red Lines? Towards Ethical Server-Side Scans in Security and Privacy Research - Supplementary Material
2 0
cispa/html-violations-analyzer
Language:Python2 0
cispa/internet-archive-study
This repository contains the crawling scripts used for the paper "You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements"
Language:Python2 0
cispa/trust-me-if-you-can
Language:HTML
cispa/Verification-Disjunctive-Time-Networks
Language:Python3 0