49
GitHub - maskhed/Papers: Some papers about cyber security
source link: https://github.com/maskhed/Papers
Go to the source link to view the article. You can view the picture content, updated content and better typesetting reading experience. If the link is broken, please click the button below to view the snapshot at that time.
README.md
Papers
整理所学习的 Paper,暂且分为 AEG、Crash Analysis、Symbolic Execution、Fuzzing、Other 五类。
AEG
1)论文
- - 《(State of) The Art of War: Offensive Techniques in Binary Analysis》
- - 《AEG: Automatic Exploit Generation》
- - 《CRAX: Software Crash Analysis for Automatic Exploit Generation by Modeling Attacks as Symbolic Continuations》
- - 《Automatic Polymorphic Exploit Generation for Software Vulnerabilities》
- - 《Unleashing MAYHEM on Binary Code》
- - 《Q: Exploit Hardening Made Easy》
- - 《Revery: From Proof-of-Concept to Exploitable》
- - 《Automatic Generation of Control Flow Hijacking Exploits for Software Vulnerabilities》
- - 《Automatic Heap Layout Manipulation for Exploitation》
- - 《Survey of Automated Vulnerability Detection and Exploit Generation Techniques in Cyber Reasoning Systems》
- - 《Data-Oriented programming: On the expresivenes of non-control data attacks》
- - 《Automatic Generation of Data-Oriented Exploits》
2)资料
- - (PPT)《Binary 自動分析的那些事》
- - (PPT)《Automatic Exploit Generation》
- - (PPT)《The Automated Exploitation Grand Challenge》
- - (PPT)《An Introduction to Dynamic Symbolic Execution and the KLEE Infrastructure》
- - (PPT)《An Introduction To Binary Exploitation》
- - (PPT)《The Automated Exploitation Grand Challenge A Five-Year Retrospective》
- - (PPT)《automatic binary exploitation and patching using mechanical shellphish.pdf》
- - 《The Mayhem CRS》
Crash Analysis
1)论文
- - 《BitBlaze:A New Approach to Computer Security via Binary Analysis》
- - 《Which Crashes Should I Fix First?: Predicting Top Crashes at an Early Stage to Prioritize Debugging Efforts》
2)资料
- - 《Crash analysis with BitBlaze》
Symbolic Execution
1)论文
2)资料
- - (PPT)《Intro to Binary Analysis with Z3 and Angr》
- - (PPT)《symbolic execution》
- - (PPT)《Understanding Symbolic Execution》
Fuzzing
1)论文
- - 《Fuzzing: a survey》
- - 《A systematic review of fuzzing techniques》
- - 《Driller: Augmenting Fuzzing Through Selective Symbolic Execution》
2)资料
- - 《Fuzzing技术总结与工具列表》
Other
1)论文
- - 《软件与网络安全研究综述》
- - 《CBTracer: Continuously Building Datasets for Binary Vulnerability and Exploit Research》
- - 《人工智能技术在安全漏洞领域的应用》
2)资料
Recommend
About Joyk
Aggregate valuable and interesting links.
Joyk means Joy of geeK