cispa Goto Github PK

12-angry-developers-web-applications

This repository contains our code for each version (programming language) for the Coding Task. It is a product of our work published at the 28th ACM Conference on Computer and Communications Security (CCS) in 2021.

ampfuzz

Fuzzer for Amplification Vulnerabilities (USENIX '22, Krupp et al)

analogdevices-hdl-lib

HDL libraries and projects

art

artist

bitahoy

branchdifferent

Implementation for the DIMVA'22 paper "Branch Different - Spectre Attacks on Apple Silicon"

browser-cpu-fingerprinting

This repository contains the code for our paper "Browser-based CPU Fingerprinting".

cachewarp

Proof-of-concept implementation for the paper "CacheWarp: Software-based Fault Injection using Selective State Reset" (USENIX Security 2024)

cascading-spy-sheets

This repository contains the artifact for our paper "Cascading Spy Sheets: Exploiting the Complexity of Modern CSS for Email and Browser Fingerprinting" published at NDSS 2025.

consent-notices

cva6

The CORE-V CVA6 is an Application class 6-stage RISC-V CPU capable of booting Linux

cva6-sdk

CVA6 SDK containing RISC-V tools and Buildroot

cva6-vivado-project-with-xilinx-axi-ethernet

Vivado 2023.2 project built around the CVA6 RISC-V CPU and a software stack including u-boot and embedded linux.

dns-applayer-ddos-protection

Code and datasets for protecting DNS infrastructures against application-layer DDoS attacks (EuroS&P '23 paper)

efgs-federation-gateway

The goal of this project is to develop the official European solution for the interoperability between national backend servers of decentralised contact tracing applications to combat COVID-19.

ethical-server-side-scanning

Where Are the Red Lines? Towards Ethical Server-Side Scans in Security and Privacy Research - Supplementary Material

framing-control-analytics

Analysis Library used for the paper "A Tale of Two Headers: A Formal Analysis of Inconsistent Click-Jacking Protection on the Web"

framing-control-proxy

A server-side proxy to convert X-Frame-Options into CSP frame-ancestors and vice versa.

full-domain-functional-bootstrap

gdpr-consent

Code for our paper: "Share First, Ask Later (or Never?) - Studying Violations of GDPR's Explicit Consent in Android Apps"

ghostwrite

Proof-of-concept for the GhostWrite CPU bug.

hammulator

Proof-of-concept implementation for the paper "Hammulator: Simulate Now - Exploit Later" (DRAMSec 2023)

html-violations-analyzer

http-conformance

Code for our 2024 ACM AsiaCCS Paper "Who's Breaking the Rules? Studying Conformance to the HTTP Specifications and its Security Impact"

indirect-meltdown

Proof-of-concept implementation for the paper "Indirect Meltdown: Building Novel Side-Channel Attacks from Transient Execution Attacks" (ESORICS 2023)

internet-archive-study

This repository contains the crawling scripts used for the paper "You Call This Archaeology? Evaluating Web Archives for Reproducible Web Security Measurements"

login-security-landscape

Code for our 2024 IEEE S&P Paper "To Auth or Not To Auth? A Comparative Analysis of the Pre- and Post-Login Security Landscape"

loop-dos

Repository for application-layer loop DoS

microarchitectural-hash-function-recovery

Proof-of-concept implementation for the paper "Efficient and Generic Microarchitectural Hash-Function Recovery" (IEEE S&P 2024)