整理近期工作,梳理相关资源,辅助后续工作开展。(持续更新)
- 《AEG: Automatic Exploit Generation》
CMU 2011 年发表的 AEG 综述性文章 - 《(State of) The Art of War: Offensive Techniques in Binary Analysis》
2016 年 UCSB 发表于 S&P 的论文,涉及 AEG 与 Angr 架构 - 《Survey of Automated Vulnerability Detection and Exploit Generation Techniques in Cyber Reasoning Systems》
介绍了 AEG、CGC相关情况,重点分析了 CGC 竞赛中的 Mayhem、Mechaphish 两套 CRS 系统。
- DARPA CGC - CGC organization on Github.
- CGC-Corpus - This site documents the data gathered from the CGC qualifiers and the Final event.
- Cyber Grand Challenge 简介 - 简要介绍 CGC 背景、赛制、参赛团队情况。
传统 CTF 强队,由加利福尼亚大学圣芭芭拉分校学生组成,指导教授 Christopher Kruegel。首页、Github Organization。
-
CGC Shellphish - Shellphish 参加 CGC 竞赛的官方页面。
在AFL的基础上添加动态符号执行引擎的crash模糊测试工具。
- 《Driller: Augmenting Fuzzing Through Selective Symbolic Execution》 - 2016 年发表于 NDSS 的论文
- Driller Github - Driller 源码,基于论文原理实现
- Driller安装 - 作者总结了Driller安装过程
- Driller分析 - 作者对关键代码进行了分析
A pip wrapper around AFL. Source Code. 安装过程中若存在问题,需多参考 issues。
This module provides a Python wrapper for interacting with AFL. It supports starting an AFL instance, adding slave workers, injecting and retrieving testcases, and checking various performance metrics. Shellphish used it in Mechanical Phish to interact with AFL. Source Code
Shellphish's automated exploitation engine, originally created for the Cyber Grand Challenge. Source Code、Installation Guide.
- Mechaphish - Shellphish 为参加 CGC 而开发的 CRS(Cyber Reasoning System).
- Mechaphish 文档 - Mechaphish 相关文档。
- Mechaphish Docker - Dockerhub 上提供的 Mechaphish 镜像。
- angr.io、Angr Github - The angr project is the next-generation binary analysis framework created by the computer security lab at UC Santa Barbara!
- AFL - American fuzzy lop is a security-oriented fuzzer that employs a novel type of compile-time instrumentation and genetic algorithms to automatically discover clean, interesting test cases that trigger new internal states in the targeted binary.
- Radare2、Source Code - unix-like reverse engineering framework and commandline tools security.
- BitBlaze、Paper - Binary Analysis for Computer Security by UC Berkeley.
- AEGG - Automatic Exploit GG - YSc 撰写的关于 AEG 的文章
- Dafeng's Blog - 一生想做浪漫极客
- Symbolic Execution Tramples CTF Challenge
- 符号执行入门 - 介绍关于符号执行的基本概念,文中提及的论文及参考文献,可对后续深入学习提供路线。
- Offensive Techniques in Binary Analysis - 对 《(State of) The Art of War: Offensive Techniques in Binary Analysis》的翻译,可供参考。
- 小试shellphish开源的driller
- wcventure - Cheng Wen is a Ph.D. student at the College of Computer Science and Software engineering in Shenzhen University since 2019. His research is in the area of program analysis, software verification, machine learning, cyber security, software testing, and formal method.