Research notes · practical
Proof‑of‑concept implementations of cutting‑edge exploitation techniques.
Side‑channel, BROP, AVX timing, ASLR bypass, and low‑level debugging tools.
Every project includes compilable C code and detailed explanations – built for researchers who write code.
Branch Predictors - ASLR
Practical C implementation demonstrating BTB (Branch Target Buffer) technique over ASLR to test L2 cache behavior. Uses flush+reload to reveal cache‑based side channels and speculative execution effects.
Practical ImplementationAVX-Based Timing Side Channel
ASLR detection on Linux x86_64 using AVX2 + RDTSCP. Measures memory access times to infer whether ASLR is active. Fast access → no ASLR; slow / SIGSEGV → ASLR active.
Practical ImplementationBlind Return Oriented Programming
Basic BROP implementation to differentiate correct return addresses. Scans memory range, overwrites return address, uses SIGSEGV/SIGILL handlers to skip invalid addresses. Linux x86_64.
Practical ImplementationReaperSnap
Single‑function inline‑assembly debugger for x86_64 Linux. Captures CPU state, registers, SIMD, memory maps, and segment registers before/after assembly blocks. ANSI‑colored output.
Practical Implementation