SpecuCheck - SpecuCheck is a Windows utility for checking the state of the software mitigations against CVE-2017-5754 (Meltdown) and hardware mitigations against CVE-2017-5715 (Spectre)

  •        69

SpecuCheck is a Windows utility for checking the state of the software and hardware mitigations against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4). It uses two new information classes that were added to the NtQuerySystemInformation API call as part of the recent patches introduced in January 2018 and reports the data as seen by the Windows Kernel. An official Microsoft Powershell Cmdlet Module now exists as well, which is the recommended and supported way to get this information.

https://github.com/ionescu007/SpecuCheck

Tags
Implementation
License
Platform

   




Related Projects

Am-I-affected-by-Meltdown - Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a

  •    C++

Checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN. The basic idea is that user will know whether or not the running system is properly patched with something like KAISER patchset (https://lkml.org/lkml/2017/10/31/884) for example.

KPTI-PoC-Collection - Meltdown/Spectre PoC src collection.

  •    C++

Meltdown/Spectre PoC src collection. Just collecting, not made by me.

spectre-meltdown-checker - Spectre & Meltdown vulnerability/mitigation checker for Linux

  •    Shell

A shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public in 2018. For Linux systems, the script will detect mitigations, including backported non-vanilla patches, regardless of the advertised kernel version number and the distribution (such as Debian, Ubuntu, CentOS, RHEL, Fedora, openSUSE, Arch, ...), it also works if you've compiled your own kernel.

meltdownspectre-patches - Summary of the patch status for Meltdown / Spectre

  •    

The bug is in the hardware, but mitigations in operating systems are possible and are getting shipped now. I'm collecting notes on the patch status in various software products. This will change rapidly and may contain errors. If you have better info please send pull requests. Kernel Page Table Isolation is a mitigation in the Linux Kernel, originally named KAISER.

speculation-bugs - Docs and resources on CPU Speculative Execution bugs

  •    

This repo is an attempt to collect information on the class of information disclosure vulnerabilities caused by CPU speculative execution that were disclosed on January 3rd, 2018. Existing nomenclature is inconsistent and there is no agreed-upon name for the entire class of bugs, but the names Spectre and Meltdown have been used for subclasses of attacks.


meltdown - This repository contains several applications, demonstrating the Meltdown bug.

  •    C

The applications in this repository are built with libkdump, a library we developed for the paper. This library simplifies exploitation of the bug by automatically adapting to certain properties of the environment. This repository contains five demos to demonstrate different use cases. All demos are tested on Ubuntu 16.04 with an Intel Core i7-6700K, but they should work on any Linux system with any modern Intel CPU since 2010.

windows_kernel_resources - Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits

  •    

Papers, blogposts, tutorials etc for learning about Windows kernel exploitation, internals and (r|b)ootkits

spectre - Spectre.css - A Lightweight, Responsive and Modern CSS Framework

  •    CSS

Spectre.css is a lightweight, responsive and modern CSS framework. Spectre is a side project based on years of CSS development work on a large web service project. Spectre only includes modern base styles, responsive layout system, CSS components and utilities, and it can be modified for your project with Sass/Scss compiler.

Meltdown BBS

  •    PHP

Meltdown BBS is a free, web-based Bulletin Board System written in PHP with a MySQL backend. Meltdown BBS allows message and file exchange and advanced control over users' access. It is designed to be compatible with Fidonet-technology networks.

LiME - LiME (formerly DMD) is a Loadable Kernel Module (LKM), which allows the acquisition of volatile memory from Linux and Linux-based devices, such as those powered by Android

  •    C

A Loadable Kernel Module (LKM) which allows for volatile memory acquisition from Linux and Linux-based devices, such as Android. This makes LiME unique as it is the first tool that allows for full memory captures on Android devices. It also minimizes its interaction between user and kernel space processes during acquisition, which allows it to produce memory captures that are more forensically sound than those of other tools designed for Linux memory acquisition. Detailed documentation on LiME's usage and internals can be found in the "doc" directory of the project.

Nano Kernel for Modern Commputer Arch

  •    Assembly

Nano Kernel Engines Projejct is to provide a set of low level CPU engines for advanced operating system research and development. The CPU being covered are MIPS, PowerPC, x86, ARM, xScales and advanced network processors.

cpufrequency

  •    C

cpufrequency is a daemon to switch the CPU frequency depending on CPU use. This utility was tested on P4/Centrino/Nehemiah CPU and kernel 2.6.x.

Linux Driver Tracing Interface

  •    C

The Linux Driver Tracing Interface provides a per-cpu flight-recorder tracing facility to the Linux kernel. It can be used as a low-overhead mechanism for tracing kernel code in a production environment as well as for kernel debugging during development

go-internals - A book about the internals of the Go programming language.

  •    Go

go-internals is a work-in-progress book about the internals of the Go (1.10+) programming language. Click here for the GitBook version.

MS-Spectre: quantitative LC-MS analysis

  •    Java

Spectre for mass spectrometry. (Quantitiave) analysis of multiple ls-ms(ms) runs, using mzXML import of raw data. (working on mzDATA). Provides filters, alignment- and export tools.

spectre - A simple UI for browsing and inspecting diffs, and an API for runner scripts to submit screenshots to and receive a pass or fail in real time

  •    Ruby

Spectre is a web application to diff screenshots. It's heavily influenced by VisualReview, BackstopJS and Wraith. Read more about how we use it at Friday in our blog post: How we do visual regression testing. You can either run the app using docker, or you can run it natively on your machine – there are instructions for both docker, and running on macOS below.

BIOS for Samsung S3C4510B

  •    C

BIOS for Samsung S3C4510B based boards. You can use it to setup CPU/ROM/SDRAM/EXTIO, manage and burn flash, load OS kernel and pass arguments to OS kernel (now only uClinux).

synsanity - netfilter (iptables) target for high performance lockless SYN cookies for SYN flood mitigation

  •    C

synsanity is a netfilter (iptables) target for high performance lockless SYN cookies for SYN flood mitigation, as used in production at GitHub.synsanity allows Linux servers running 3.x kernels to handle SYN floods with minimal (or at least less) performance impact. With default Linux kernel 3.x settings, a very small SYN flood causes complete CPU exhaustion as the kernel spinlocks on the LISTEN socket and in conntrack. synsanity moves much of this work into a netfilter (iptables) target and bypasses locks for this attack scenario, allowing high throughput syncookie generation before the packets hit the TCP stack.

golang-internals-resources - A collection of articles and videos to understand Golang internals.

  •    

A collection of articles and videos to understand Golang internals.

CLINT Command Interface to System Calls

  •    C

System calls command line utilties for Linux and all POSIX based operating systems. Allows direct command line access to many popular kernel system calls in text format. Makes a great internals teaching tool for operating systems.