/hardware-attacks-state-of-the-art

Microarchitectural exploitation and other hardware attacks.

GNU Lesser General Public License v3.0LGPL-3.0

Hardware attacks / State of the art

Microarchitectural exploitation and other hardware attacks.

Contributing:

Contributions, comments and corrections are welcome, please do PR.

Flaws:

Proof of concepts:

Other PoCs:

Resources:

Tools:

  • sandsifter: The x86 processor fuzzer.
  • OpcodeTester: Analyse Undocumented Instructions on Intel x86/x86-64 and RISC-V.
  • evsets: Tool for testing and finding minimal eviction sets.
  • cachequery: A tool for interacting with hardware memory caches in modern Intel CPUs.
  • haruspex: Exploration of x86-64 ISA using speculative execution.
  • Blacksmith: Next-gen Rowhammer fuzzer that uses non-uniform, frequency-based patterns.
  • Speculator: Tool to Analyze Speculative Execution Attacks and Mitigations.
  • MicrocodeDecryptor: Understand how Intel mitigated spectre vulnerability, explore the implementation of Intel TXT, SGX,VT-x technologies.
  • SiliFuzz: Fuzzing CPUs by proxy.
  • Cascade: CPU Fuzzing via Intricate Program Generation.

Slides:

Blogs and posts:

Other papers:

Others:

$ cat /sys/devices/system/cpu/vulnerabilities/*