There are 2 repositories under meltdown topic.
Reptar, Downfall, Zenbleed, ZombieLoad, RIDL, Fallout, Foreshadow, Spectre, Meltdown vulnerability/mitigation checker for Linux & BSD
The popular NoScript Security Suite browser extension.
Guidance for the Spectre, Meltdown, Speculative Store Bypass, Rogue System Register Read, Lazy FP State Restore, Bounds Check Bypass Store, TLBleed, and L1TF/Foreshadow vulnerabilities as well as general hardware and firmware security guidance. #nsacyber
SpecuCheck is a Windows utility for checking the state of the software mitigations and hardware against CVE-2017-5754 (Meltdown), CVE-2017-5715 (Spectre v2), CVE-2018-3260 (Foreshadow), and CVE-2018-3639 (Spectre v4)
Meltdown Exploit / Proof-of-concept / checks whether system is affected by Variant 3: rogue data cache load (CVE-2017-5754), a.k.a MELTDOWN.
A semi-demi-working proof of concept for a mix of spectre and meltdown vulnerabilities
Revizor - a fuzzer to search for microarchitectural leaks in CPUs
This tool allows to check speculative execution side-channel attacks that affect many modern processors and operating systems designs. CVE-2017-5754 (Meltdown) and CVE-2017-5715 (Spectre) allows unprivileged processes to steal secrets from privileged processes. These attacks present 3 different ways of attacking data protection measures on CPUs enabling attackers to read data they shouldn't be able to. This tool is originally based on Microsoft: https://support.microsoft.com/en-us/help/4073119/protect-against-speculative-execution-side-channel-vulnerabilities-in
Reproducing malicious memory reading on Intel i5 and Intel Xeon using a Spectre attack
Microarchitectural exploitation and other hardware attacks.
Microarchitectural attack development frameworks for prototyping attacks in native code (C, C++, ASM) and in the browser
KLEESpectre is a symbolic execution engine with speculation semantic and cache modelling
oo7, a binary analysis tool to defend against Spectre vulnerabilities
Stickers for labeling meltdown and spectre affected devices.
a list of BIOS/Firmware fixes adressing CVE-2017-5715, CVE-2017-5753, CVE-2017-5754
Inspec profile to test for the presence of the Meltdown/Spectre vulnerabilities
Spectre-based Meltdown attack (i.e. 2-in1) proof of concept in 99 lines of code. For more details see 'The Spectre of Meltdowns' presentation:
Meltdown and spectre explained -- for normal people
Collection of Spectre-type, Meltdown-type and MDS-type PoCs
Spectre and Meltdown in a docker containerized test
Microarchitectural weird machine implementation using exceptions, TSX, branch predictors, and branch target buffers.
TEApot(Transient Execution Attack pot) is a project used to evaluate whether your system is affected by Meltdown and Spectre. My goal is to build a easy-to-use(hard to implement) and configurable transient attack test suite.
Meltdown and Spectre : CPU vulnerabilities — Explained and Exploited
Proof of Concept implementation + Brief Tutorial of the Meltdown and Spectre attacks [+ Flush/Realod]
Ansible Playbook to run the Red Hat spectre-meltdown check script
Meltdown exploits critical vulnerabilities in modern processors. These hardware vulnerabilities allow programs to steal data that is currently processed on the computer. Meltdown work on personal computers, mobile devices, and in the cloud. Depending on the cloud provider's infrastructure, it might be possible to steal data from other customers.
Formally proven secure design of the RISC-V core BOOM (Berkeley Out-of-Order Machine) w.r.t. transient execution attacks (e.g., Meltdown and Spectre)
Simple script to implement protections against speculative execution side-channel vulnerabilities in Windows systems.
The Effect of the Linux Kernel Page-Table Isolation (KPTI) Patch (Meltdown Vulnerability) on GBMs
🕹️👻This fork of burntmacncheese's project checks your Windows workstation or server for it's vulnerability to Spectre / Meltdown. This version doesn't query Active Directory and is intended to work as a Configuration Baseline for SCCM 2012.
Patches and such to build your entire system with retpolines
Project contains code that demonstrates how Meltdown and Spectre V1/V4 vulnerabilities work and shows the differences between them