Spectre, Meltdown, Foreshadow, Fallout, RIDL, ZombieLoad vulnerability/mitigation checker for Linux & BSD

Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.

SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)

Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber

A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities

This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in

Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack

KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling

oo7, a binary analysis tool to defend against Spectre vulnerabilities

So this is a pretty simple thing I hacked together, I just wanted to post it in case somebody can use it. I broke down the SpeculationControl module that was released by Microsoft and took the script content from the get-speculationcontrolsettings cmdlet. I essentially just took their script and put it into a invoke-command script block and integrated it with Active Directory get-adcomputer. This will collect the same true/false information as before, but now it will get this data from all computers in the domain and dump it to a CSV file. I used $erroractionpreference because i wanted to hide the errors from AD computers that are not powered on. You need the RSAT tools to use get-adcomputer.

Stickers for labeling meltdown and spectre affected devices.

a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754

Inspec profile to test for the presence of the Meltdown/Spectre vulnerabilities

Meltdown/Spectre PoC for Windows

Intel Processor Spectre & Meltdown Exploit Code

Meltdown and spectre explained -- for normal people

Read Kernel virtual mapping via Meltdown

Script I wrote in about 10 minutes to grab Meltdown/Spectre PoC's and download them.

Meltdown and Spectre : CPU vulnerabilities — Explained and Exploited

Spectre and Meltdown in a docker containerized test

Ansible Playbook to run the Red Hat spectre-meltdown check script

Spectre-based Meltdown attack (i.e. 2-in1) proof of concept in 99 lines of code. For more details see 'The Spectre of Meltdowns' presentation:

Microarchitectural exploitation and other hardware attacks.

The Effect of the Linux Kernel Page-Table Isolation (KPTI) Patch (Meltdown Vulnerability) on GBMs

Proof of Concept implementation + Brief Tutorial of the Meltdown and Spectre attacks [+ Flush/Realod]

🤖 Detect spectre-meltdown vulnerabilities

A curated list of awesome Meltdown & Spectre repos, guides, pocs, blogs, and other resources. Featuring the Fiery Meter of AWSome.

InSpectre allows you to detect whether your CPU is affected by the Meltdown/Spectre vulnerability.

🕹️👻This fork of burntmacncheese's project checks your Windows workstation or server for it's vulnerability to Spectre / Meltdown. This version doesn't query Active Directory and is intended to work as a Configuration Baseline for SCCM 2012.

Patches and such to build your entire system with retpolines