Test

[Paper] A Comprehensive Study of the Capabilities of Large Language Models for Vulnerability Detection

[Paper] Prompt Fuzzing for Fuzz Driver Generation

FOX: Coverage-guided Fuzzing as Online Stochastic Control

[Paper] AMFuzz: Explainable Fuzzing with Local Interpretation

[Paper] FairFuzz: A Targeted Mutation Strategy for Increasing Greybox Fuzz Testing Coverage

[Paper] Better Pay Attention Whilst Fuzzing

[Misc] LLVM SanitizerCoverage分析

[Paper] TargetFuzz: Using DARTs to Guide Directed Greybox Fuzzers

[Paper] Auto Off-Target: Enabling Thorough and Scalable Testing for Complex Software Systems

[Paper] Critical Code Guided Directed Greybox Fuzzing for Commits

[Paper] SDFUZZ: Target States Driven Directed Fuzzing

[Paper] A Memory Model for Static Analysis of C Programs

[Paper] Titan: Efficient Multi-target Directed Greybox Fuzzing

[Paper] DeepGo: Predictive Directed Greybox Fuzzing

[Paper] File Hijacking Vulnerability: The Elephant in the Room

[Paper] FISHFUZZ: Catch Deeper Bugs by Throwing Larger Nets

[Paper] Arbiter：Bridging the Static and Dynamic Divide in Vulnerability Discovery on Binary Programs

[Paper] ARCUS: Symbolic Root Cause Analysis of Exploits in Production Systems

[Paper] BENZENE: A Practical Root Cause Analysis System with an Under-Constrained State Mutation

[Paper] AIFORE: Smart Fuzzing Based on Automatic Input Format Reverse Engineering

[Paper] 1dFuzz: Reproduce 1-Day Vulnerabilities with Directed Differential Fuzzing

[Paper] Profile-Driven System Optimizations for Accelerated Greybox Fuzzing

[Fuzz] ADVANCED FUZZING UNMASKS ELUSIVE VULNERABILITIES

[Misc] Clang-tidy自定义规则

[Paper] UTOPIA: Automatic Generation of Fuzz Driver using Unit Tests

[Paper] No Grammar, No Problem: Towards Fuzzing the Linux Kernel without System-Call Descriptions

[Paper] Toss a Fault to Your Witcher: Applying Grey-box Coverage-Guided Mutational Fuzzing to Detect SQL and Command Injection Vulnerabilities

[Paper] AFL++: Combining Incremental Steps of Fuzzing Research

[Paper] BLE Protocol in IoT Devices and Smart Wearable Devices: Security and Privacy Threats

[Fuzz] Fuzz Farm

[CVE] ngiflib CVE-2023-37176 漏洞分析

[Paper] Blacktooth: Breaking through the Defense of Bluetooth in Silence

[Misc] Tensorflow2实战

[Paper] CarpetFuzz: Automatic Program Option Constraint Extraction from Documentation for Fuzzing

[Paper] Homo in Machina: Improving Fuzz Testing Coverage via Compartment Analysis

[Paper] 模糊测试技术综述

[Kernel Pwn] 0xA Kernel Ret2dir

[Paper] Ret2dir: Rethinking Kernel Isolation

[CVE] libexif 缓冲区溢出 CVE-2009-3895漏洞分析

[CVE] Xpdf CVE-2019-13288 漏洞分析

[CVE] cgroup CVE-2021-4154漏洞分析

[Paper] DirtyCred: Escalating Privilege in Linux Kernel

[CVE] HG532e路由器远程命令执行 CVE-2017-17215漏洞分析

[Misc] TP-Link SR20 远程代码执行漏洞分析

[CVE] Linux Dirty Pipe CVE-2022-0847 漏洞分析

[Misc] Macos+Vscode调试指北

[Misc] 从零开始的OS编写生活

[Paper] Game of Hide-and-Seek: Exposing Hidden Interfaces in Embedded Web Applications of IoT Devices

[Paper] FirmAE: Towards Large-Scale Emulation of IoT Firmware for Dynamic Analysis

[Binary Analysis] 0x01 ELF文件格式

[Binary Analysis] 0x00 二进制基础

[Kernel Pwn] 0x09 Kernel实战

[Kernel Pwn] 0x08 Kernel Userfaultfd

[Kernel Pwn] 0x07 Kernel Double_Fetch

[Kernel Pwn] 0x06 Kernel Modprobe_Path

[Kernel Pwn] 0x05 Kernel SMEP

[Kernel Pwn] 0x04 Kernel Ret2Usr

[Kernel Pwn] 0x03 Kernel UAF

[Kernel Pwn] 0x02 Kernel ROP

[Kernel Pwn] 0x01 编写驱动

[Kernel Pwn] 0X00 环境配置