Skip to main content

A fuzzer to search for microarchitectural leaks in CPUs

Project description

Revizor

GitHub PyPI GitHub all releases GitHub contributors

Revizor is a security-oriented fuzzer for detecting information leaks in CPUs, such as Spectre and Meltdown. It tests CPUs against Leakage Contracts and searches for unexpected leaks.

For more details, see our Paper (open access here), and the follow-up papers (1, 2).

Getting Started and Documentation

You can find a quick start guide at Quick Start.

For information on how to use Revizor, see User Documentation.

For information on how to contribute to Revizor, see CONTRIBUTING.md.

Need Help with Revizor?

If you find a bug in Revizor, don't hesitate to open an issue.

If something is confusing or you need help in using Revizor, we have a discussion page.

Citing Revizor

To cite this project, you can use the following references:

  1. Original paper that introduced the concept of Model-based Relation Testing as well as the Revizor tool:

    Oleksii Oleksenko, Christof Fetzer, Boris Köpf, Mark Silberstein. "Revizor: Testing Black-box CPUs against Speculation Contracts" in Proceedings of the 27th ACM International Conference on Architectural Support for Programming Languages and Operating Systems (ASPLOS), 2022.

  2. Theoretical foundations of leakage contract:

    Marco Guarnieri, Boris Köpf, Jan Reineke, and Pepe Vila. "Hardware-software contracts for secure speculation" in Proceedings of the 2021 IEEE Symposium on Security and Privacy (SP), 2021.

  3. Accessible summary of the two papers above, in a journal format:

    Oleksii Oleksenko, Christof Fetzer, Boris Köpf, Mark Silberstein. "Revizor: Testing Black-box CPUs against Speculation Contracts". In IEEE Micro, 2023.

  4. Paper that introduced speculation filtering, observation filtering, and contract-based input generation:

    Oleksii Oleksenko, Marco Guarnieri, Boris Köpf, and Mark Silberstein. "Hide and Seek with Spectres: Efficient discovery of speculative information leaks with random testing" in Proceedings of the 2023 IEEE Symposium on Security and Privacy (SP), 2022.

  5. Paper that introduced exception-based testing (i.e., focus on Meltdown, Foreshadow) into Revizor:

    Jana Hofmann, Emanuele Vannacci, Cédric Fournet, Boris Köpf, and Oleksii Oleksenko. "Speculation at Fault: Modeling and Testing Microarchitectural Leakage of CPU Exceptions." in Proceedings of 32nd USENIX Security Symposium (USENIX Security), 2023.

Trademarks

This project may contain trademarks or logos for projects, products, or services. Authorized use of Microsoft trademarks or logos is subject to and must follow Microsoft's Trademark & Brand Guidelines. Use of Microsoft trademarks or logos in modified versions of this project must not cause confusion or imply Microsoft sponsorship. Any use of third-party trademarks or logos are subject to those third-party's policies.

Project details


Download files

Download the file for your platform. If you're not sure which to choose, learn more about installing packages.

Source Distribution

revizor_fuzzer-1.3.2.tar.gz (127.3 kB view details)

Uploaded Source

Built Distribution

revizor_fuzzer-1.3.2-py3-none-any.whl (135.6 kB view details)

Uploaded Python 3

File details

Details for the file revizor_fuzzer-1.3.2.tar.gz.

File metadata

  • Download URL: revizor_fuzzer-1.3.2.tar.gz
  • Upload date:
  • Size: 127.3 kB
  • Tags: Source
  • Uploaded using Trusted Publishing? No
  • Uploaded via: twine/5.1.1 CPython/3.12.3

File hashes

Hashes for revizor_fuzzer-1.3.2.tar.gz
Algorithm Hash digest
SHA256 fabd67b06922a2158b6f6fd46c888b26c3ffce9e60a345d6c7a220dcabaf3243
MD5 37d30eef8f20020fb093918f2a6f2d89
BLAKE2b-256 903ba14034e0bbc254f5facb0964747eb07348d5162f0a84b3851cf0dd960f1a

See more details on using hashes here.

File details

Details for the file revizor_fuzzer-1.3.2-py3-none-any.whl.

File metadata

File hashes

Hashes for revizor_fuzzer-1.3.2-py3-none-any.whl
Algorithm Hash digest
SHA256 bdbd318df3079c46c41766b6200d1b161c4276280e6ea0e3d8e1842249895958
MD5 49eee630fe96276186259b5caba7b657
BLAKE2b-256 06ce4672ce18646211246403ef8f3e8d8c2625f8501110053da75c1953039c26

See more details on using hashes here.

Supported by

AWS AWS Cloud computing and Security Sponsor Datadog Datadog Monitoring Fastly Fastly CDN Google Google Download Analytics Microsoft Microsoft PSF Sponsor Pingdom Pingdom Monitoring Sentry Sentry Error logging StatusPage StatusPage Status page