Update README.md

author: Andrey Konovalov 2019-09-27 18:38:48 +0200
committer: GitHub 2019-09-27 18:38:48 +0200
commit: 35c1eb49bb610997870d808859a3798d256a2ac0 (patch)
tree: 6a92ce30f5eca43988191d741158d64198c74c67 /README.md
parent: 22c10d96e8791ad80d6dedf0b6e141d79ae3a24b (diff)
1 files changed, 16 insertions, 0 deletions
diff --git a/README.md b/README.md
index eb8fe69..5e6103e 100644
--- a/README.md
+++ b/README.md
@@ -108,6 +108,8 @@ Pull requests are welcome.
 ### Information leak
+[2019: "From IP ID to Device ID and KASLR Bypass (Extended Version)"](https://arxiv.org/pdf/1906.10478.pdf) [paper]
 [2018: "Kernel Memory disclosure & CANVAS Part 1 - Spectre: tips & tricks"](https://www.immunityinc.com/downloads/Kernel-Memory-Disclosure-and-Canvas_Part_1.pdf) [article, Spectre]
 [2018: "Kernel Memory disclosure & CANVAS Part 2 - CVE-2017-18344 analysis & exploitation notes"](https://www.immunityinc.com/downloads/Kernel-Memory-Disclosure-and-Canvas_Part_2.pdf) [article, CVE-2017-18344]
@@ -129,6 +131,8 @@ Pull requests are welcome.
 ### LPE
+[2019: "From    Zero    to      Root:   Building        Universal       Android Rooting with    a Type  Confusion       Vulnerability" by Wang Yong](https://github.com/ThomasKing2014/slides/blob/master/Building%20universal%20Android%20rooting%20with%20a%20type%20confusion%20vulnerability.pdf) [slides, CVE-2018-9568]
 [2019: "Android Binder: The Bridge To Root" by Hongli Han and Mingjian Zhou](https://conference.hitb.org/hitbsecconf2019ams/materials/D2T2%20-%20Binder%20-%20The%20Bridge%20to%20Root%20-%20Hongli%20Han%20&%20Mingjian%20Zhou.pdf) [slides, CVE-2019-2025]
 [2019: "The ‘Waterdrop’ in Android: A Binder Kernel Vulnerability" by Hongli Han](http://blogs.360.cn/post/Binder_Kernel_Vul_EN.html) [article, CVE-2019-2025]
@@ -420,6 +424,10 @@ Pull requests are welcome.
 ## Vulnerability discovery
+[2019: "Fuzzing File Systems via Two-Dimensional Input Space Exploration"](https://taesoo.kim/pubs/2019/xu:janus.pdf) [paper]
+[2019: "PeriScope: An Effective Probing and Fuzzing Framework for the Hardware-OS Boundary"](https://www.ndss-symposium.org/wp-content/uploads/2019/02/ndss2019_04A-1_Song_paper.pdf) [paper]
 [2019: "Hourglass       Fuzz:   A       Quick   Bug     Hunting Method"](https://conference.hitb.org/hitbsecconf2019ams/materials/D1T2%20-%20Hourglass%20Fuzz%20-%20A%20Quick%20Bug%20Hunting%20Method%20-%20Moony%20Li,%20Todd%20Han,%20Lance%20Jiang%20&%20Lilang%20Wu.pdf) [slides]
 [2019: "Fuzzing File Systems via Two-Dimensional Input Space Exploration"](https://taesoo.kim/pubs/2019/xu:janus.pdf) [paper]
@@ -503,6 +511,8 @@ https://github.com/schumilo/vUSBf
 https://github.com/ucsb-seclab/difuze
+https://github.com/compsec-snu/razzer
 ## Exploits
@@ -605,8 +615,12 @@ TWCTF 2018 (ReadableKernelModule): [writeup](http://r3ka.eu/2018/09/twctf-2018-r
 SECT CTF 2018 (Gh0st): [writeup](http://mslc.ctf.su/wp/sect-ctf-2018-gh0st/)
+WCTF 2018 (cpf): [source, writeup, and exploit](https://github.com/cykorteam/cykor_belluminar_2018/tree/master/cpf)
 Insomni'hack teaser 2019 (1118daysober): [writeup 1](https://ctftime.org/writeup/12919), [writeup 2](https://github.com/EmpireCTF/empirectf/blob/master/writeups/2019-01-19-Insomni-Hack-Teaser/README.md#1118daysober)
+Security Fest 2019 (brainfuck64): [writeup](https://kileak.github.io/ctf/2019/secfest-brainfuck64/)
 ## Tools
@@ -678,3 +692,5 @@ https://github.com/jameshilliard/linux-grsec/
 https://github.com/a13xp0p0v/kernel-hack-drill
 https://github.com/vnik5287/kernel_rop
+https://github.com/R3x/How2Kernel
author	Andrey Konovalov	2019-09-27 18:38:48 +0200
committer	GitHub	2019-09-27 18:38:48 +0200
commit	35c1eb49bb610997870d808859a3798d256a2ac0 (patch)
tree	6a92ce30f5eca43988191d741158d64198c74c67 /README.md
parent	22c10d96e8791ad80d6dedf0b6e141d79ae3a24b (diff)