整理所学习的 Paper,暂且分为 AEG、Crash Analysis、Symbolic Execution、Fuzzing、Other 五类。
- - 《(State of) The Art of War: Offensive Techniques in Binary Analysis》
- - 《AEG: Automatic Exploit Generation》
- - 《CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations》
- - 《Automatic Polymorphic Exploit Generation for Software Vulnerabilities》
- - 《Unleashing MAYHEM on Binary Code》
- - 《Q: Exploit Hardening Made Easy》
- - 《Revery: From Proof-of-Concept to Exploitable》
- - 《Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities》
- - 《Automatic Heap Layout Manipulation for Exploitation》
- - 《Survey of Automated Vulnerability Detection and Exploit Generation Techniques in Cyber Reasoning Systems》
- - 《Data-Oriented programming: On the expresivenes of non-control data attacks》
- - 《Automatic Generation of Data-Oriented Exploits》
- - (PPT)《Binary 自動分析的那些事》
- - (PPT)《Automatic Exploit Generation》
- - (PPT)《The Automated Exploitation Grand Challenge》
- - (PPT)《An Introduction to Dynamic Symbolic Execution and the KLEE Infrastructure》
- - (PPT)《An Introduction To Binary Exploitation》
- - (PPT)《The Automated Exploitation Grand Challenge A Five-Year Retrospective》
- - (PPT)《automatic binary exploitation and patching using mechanical shellphish.pdf》
- - 《The Mayhem CRS》
- - 《BitBlaze:A New Approach to Computer Security via Binary Analysis》
- - 《Which Crashes Should I Fix First?: Predicting Top Crashes at an Early Stage to Prioritize Debugging Efforts》
- - 《Crash analysis with BitBlaze》
- - (PPT)《Intro to Binary Analysis with Z3 and Angr》
- - (PPT)《symbolic execution》
- - (PPT)《Understanding Symbolic Execution》
- - 《Fuzzing: a survey》
- - 《A systematic review of fuzzing techniques》
- - 《Driller: Augmenting Fuzzing Through Selective Symbolic Execution》
- - 《Fuzzing技术总结与工具列表》