A shell script to tell if your system is vulnerable against the several "speculative execution" CVEs that were made public in 2018. For Linux systems, the script will detect mitigations, including backported non-vanilla patches, regardless of the advertised kernel version number and the distribution (such as Debian, Ubuntu, CentOS, RHEL, Fedora, openSUSE, Arch, ...), it also works if you've compiled your own kernel.
mitigation kernel meltdown spectre cve-2017-5753 cve-2017-5715 cve-2017-5754 freebsd netbsd dragonflybsd cve-2018-3640 cve-2018-3639 foreshadow cve-2018-3615 cve-2018-3620 cve-2018-3646Spectre.css is a lightweight, responsive and modern CSS framework. Spectre is a side project based on years of CSS development work on a large web service project. Spectre only includes modern base styles, responsive layout system, CSS components and utilities, and it can be modified for your project with Sass/Scss compiler.
spectre css css-framework responsive-grid flexbox utilities modern lightweight framework responsive mobile-friendly front-end sassSpecuCheck is a Windows utility for checking the state of the software and hardware mitigations against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4). It uses two new information classes that were added to the NtQuerySystemInformation API call as part of the recent patches introduced in January 2018 and reports the data as seen by the Windows Kernel. An official Microsoft Powershell Cmdlet Module now exists as well, which is the recommended and supported way to get this information.
meltdown spectre intelbug kernel internals cpu kaiser kptiThis repository provides content for aiding DoD administrators in verifying systems have applied and enabled mitigations for hardware and firmware vulnerabilities such as side-channel and UEFI vulnerabilities. The repository is a companion to NSA Cybersecurity Advisories such as Vulnerabilities Affecting Modern Processors. This repository is updated as new information, research, strategies, and guidance are developed. The following mitigations generally apply to all systems. For specific steps for a particular operating system or vendor product, consult detailed instructions and strategies at Specific Guidance.
audit vulnerability cve nessus spectre guidance meltdown cve-2017-5754 cve-2017-5715 cve-2017-5753 cve-2018-3640 cve-2018-3639 cve-2018-3693 cve-2018-3665Deep Spectre is a deep learning side channel privileged memory reader heavily based on the PoC found here. I've written a Medium post explaining the deep learning code and you can read more about Spectre in CVE-2017-5753 and CVE-2017-5715 or check out the whitepaper and Google Project Zero post.
deep-learning keras tensorflow spectreA semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
spectre meltdown vulnerability intelbug proof-of-concept exploitFor the gm/ID starter kit, written for MATLAB, please refer to the 'Links' section at Prof. Murmann's website: https://web.stanford.edu/~murmann. I would like to thank Prof. Murmann for giving permission to use his work and release this package under the GNU Public License.
ngspice analog mosfet spectre spiceResponsive Resizer is a web responsive layout tool that helps developers test web apps across major screen resolution breakpoints. The tool is part of the Spectre.css.
responsive testtool spectreA modern, simple & elegant theme for Hexo
hexo theme hexo-theme spectre theme-spectreThis shows my own try of Proof of Concept Exploit demonstrating the Spectre attack. Unfortunately, I have been able to reproduce it smoothly both on my local laptop and on my AWS Server.
spectre meltdown attack vulnaribility intel processors cpu awsSample code demonstrating a Spectre-like attack against an Intel SGX enclave. This repository contains a proof-of-concept attack (SGXSpectre) showing it is indeed possible to use a speculative execution side-channel to leak data from an Intel SGX enclave.
sgx spectre attack enclave speculative-executionExMoney is a [work-in-progress] self-hosted web application which helps you to track your personal finances. It's built around Spectre API so ExMoney can export bank transactions for you. The list of available banks you can find here. The main idea behind ExMoney is to have free, open source application which can help to track personal finances at(almost) no cost. ExMoney is written in Elixir using Phoenix framework, the app on production consumes very little of RAM and it should work just fine on Heroku free plan.
saltedge spectre elixir phoenix self-hosted personal-financesThe documentation is in a separate repository and the source code is an excellent example of using the framework. You need Vue version 2.5+.
css vuejs ui vue vue-components spectre-css spectre frameworkInspec profile to test for the presence of the Meltdown/Spectre vulnerabilities
inspec spectre devsecops meltdown
We have large collection of open source products. Follow the tags from
Tag Cloud >>
Open source products are scattered around the web. Please provide information
about the open source projects you own / you use.
Add Projects.