CTF-All-In-One

八、学术篇

8.1 The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)8.2 Return-Oriented Programming without Returns 8.3 Return-Oriented Rootkits: Bypassing Kernel Code Integrity Protection Mechanisms 8.4 ROPdefender: A Detection Tool to Defend Against Return-Oriented Programming Attacks 8.5 Data-Oriented Programming: On the Expressiveness of Non-Control Data Attacks 8.7 What Cannot Be Read, Cannot Be Leveraged? Revisiting Assumptions of JIT-ROP Defenses 8.9 Symbolic Execution for Software Testing: Three Decades Later 8.10 AEG: Automatic Exploit Generation 8.11 Address Space Layout Permutation (ASLP): Towards Fine-Grained Randomization of Commodity Softwa 8.13 New Frontiers of Reverse Engineering 8.14 Who Allocated My Memory? Detecting Custom Memory Allocators in C Binaries 8.21 Micro-Virtualization Memory Tracing to Detect and Prevent Spraying Attacks 8.22 Practical Memory Checking With Dr. Memory 8.23 Evaluating the Effectiveness of Current Anti-ROP Defenses 8.24 How to Make ASLR Win the Clone Wars: Runtime Re-Randomization 8.25 (State of) The Art of War: Offensive Techniques in Binary Analysis 8.26 Driller: Augmenting Fuzzing Through Selective Symbolic Execution 8.27 Firmalice - Automatic Detection of Authentication Bypass Vulnerabilities in Binary Firmware 8.28 Cross-Architecture Bug Search in Binary Executables 8.29 Dynamic Hooks: Hiding Control Flow Changes within Non-Control Data 8.30 Preventing brute force attacks against stack canary protection on networking servers 8.33 Under-Constrained Symbolic Execution: Correctness Checking for Real Code 8.34 Enhancing Symbolic Execution with Veritesting 8.38 TaintEraser: Protecting Sensitive Data Leaks Using Application-Level Taint Tracking 8.39 DART: Directed Automated Random Testing 8.40 EXE: Automatically Generating Inputs of Death 8.41 IntPatch: Automatically Fix Integer-Overflow-to-Buffer-Overflow Vulnerability at Compile-Time 8.42 Dynamic Taint Analysis for Automatic Detection, Analysis, and Signature Generation of Exploits 8.43 DTA++: Dynamic Taint Analysis with Targeted Control-Flow Propagation 8.44 Superset Disassembly: Statically Rewriting x86 Binaries Without Heuristics 8.45 Ramblr: Making Reassembly Great Again 8.46 FreeGuard: A Faster Secure Heap Allocator 8.48 Reassembleable Disassembling

PreviousMalware Next8.1 The Geometry of Innocent Flesh on the Bone: Return-into-libc without Function Calls (on the x86)