Skip to content

djames-bloom/lockdown

BranchesTags

Folders and files

NameName
Last commit message
Last commit date

Latest commit

 

History

3 Commits
internal
internal
 
 
README.md
README.md
 
 
go.mod
go.mod
 
 
main.go
main.go
 
 

Repository files navigation

Lockdown

Toolkit of utilities to detect possible VM imaging, rollbacks and snapshots

Current

  • CPU timing inconsistencies
  • Memory layout analysis
  • Monotonic clock analysis
  • Entropy PRNG pattern analysis
  • Stack corruption

Planned

  • Sync state
  • CPUID latency
  • Restricted registers

Potential

These are hardware dependent and are not reliable on any environment bar bare metal either due to not being available at all, or virtualization prioritizing over hardware (e.g. EC2 vTPM)

  • SGX enclaves (Intel CPU required and enabled in UEFI)
  • SEV/SNP (AMD CPU required)
  • TPM Root of Trust (Can be falsified with virtual TPMs)
  • HSM (hardware SOC required)
  • UEFI boot chain verification (secure boot required)
  • DMA detection (IOMMU required)

About

toolkit for detecting imaging/cloning/rollbacks

Resources

Readme
Activity

Stars

0 stars

Watchers

1 watching

Forks

0 forks
Report repository

Releases

No releases published

Packages

No packages published

Languages