Reminds me of hardware security at VUSEC Amsterdam :)
Good times!
I actually did these a while ago. Courses taught me a lot and have recommended it to friends since. Very grateful for the course team for making everything public :)
Does this include Spectre?
Yes!
Our labs include building your own real spectre attack against the kernel, bypassing ASLR and building ROP chains with various side channels, finding and exploiting backdoors in a RISC-V CPU by building a hardware fuzzer, and more.
(source: I designed the Spectre lab plus a few others)
All our labs are fully open source for anyone to try: https://github.com/MATCHA-MIT/SHD-StarterCode
If you give them a try, please do let us know what you think! We genuinely want these activities to be fun and approachable (we designed them like a big CTF) and welcome feedback from the community.
Do you support arm64e?
It starts with necessary background into cache side channels and covers transient execution attacks like Spectre.
[dead]